Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c983e574-bfee-43d5-a8ee-79bdfdd8e179.roa
File:                     c983e574-bfee-43d5-a8ee-79bdfdd8e179.roa (raw, json)
Hash identifier:          WCEARkNQnYsNvonV2SEaiGWDPXdDBRQQdwlPu5B2vHc=
Subject key identifier:   E9:D7:06:E1:27:B0:A7:B9:88:C0:AD:FE:C6:C6:54:6E:28:17:D3:75
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       26810F9B0BCD81C47C26493AC8A44CE981CE1F9C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c983e574-bfee-43d5-a8ee-79bdfdd8e179.roa
Signing time:             Tue 17 Feb 2026 00:31:15 +0000
ROA not before:           Tue 17 Feb 2026 00:31:15 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        13.248.96.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:81:0f:9b:0b:cd:81:c4:7c:26:49:3a:c8:a4:4c:e9:81:ce:1f:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 17 00:31:15 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=a684491bcd8660f55de326ce46ce1e5f795ef83b9e8fa51b2d8450dc74e65113, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:54:b6:c1:d7:c1:35:51:e6:0b:b0:7d:8e:66:
                    8a:92:7f:3b:f2:4b:6a:47:33:b0:52:2b:2c:78:c5:
                    b4:dc:37:a7:5d:b8:03:1f:f5:45:f7:df:99:b0:27:
                    ac:3f:e6:47:53:9f:c4:3d:8b:79:d8:3f:28:e6:c5:
                    51:29:b6:64:54:60:ba:a1:73:b8:f4:bc:12:a6:c2:
                    09:27:e3:56:9c:6b:4a:f0:d1:c6:2b:23:88:8f:86:
                    20:18:de:6f:f0:60:9d:fc:09:23:3d:aa:36:03:84:
                    e3:c7:e2:c1:8d:c6:1d:d5:a0:98:3c:91:ab:f3:01:
                    fd:ae:34:d4:79:bd:18:ae:6f:ec:75:86:17:b8:57:
                    b6:85:8d:02:ed:89:b9:82:15:47:af:eb:ce:5a:fe:
                    38:04:eb:84:d3:0d:05:92:fb:32:a9:c9:23:a8:ab:
                    74:ba:0a:de:36:07:5a:1d:e9:8c:f2:4c:0d:d2:18:
                    1c:ec:66:d0:a1:3f:aa:0d:c1:33:5e:21:f7:fe:2a:
                    4d:a6:b9:54:64:a9:06:00:73:f5:28:fb:7a:8c:53:
                    a6:54:a6:9a:52:38:3e:90:e9:a0:b3:d9:bc:7b:a6:
                    4d:fa:d9:68:03:e1:be:f2:c1:8c:bc:40:a2:75:28:
                    45:29:03:4f:0f:f5:09:0e:9f:d3:2c:d3:24:ca:74:
                    c4:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:D7:06:E1:27:B0:A7:B9:88:C0:AD:FE:C6:C6:54:6E:28:17:D3:75
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c983e574-bfee-43d5-a8ee-79bdfdd8e179.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.248.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         40:69:e7:31:cb:d9:a6:1c:19:e2:4f:15:ef:58:d3:50:55:69:
         d6:d3:12:2f:8a:14:a5:50:b8:fb:74:8f:42:33:c3:76:ef:2b:
         cf:ad:29:ef:d0:55:07:9a:d9:83:15:d8:28:b3:04:1f:80:c6:
         f7:36:4e:d5:92:85:72:61:3a:04:5b:e6:bb:4c:ab:4a:b0:00:
         7d:d5:60:23:f9:53:7a:20:8c:d6:a4:94:82:b7:52:94:bc:ca:
         80:27:fa:6c:8e:35:62:60:2d:61:cb:18:a3:38:73:94:40:74:
         87:18:04:2b:8b:8c:1f:7e:82:35:89:76:03:22:13:72:ab:d3:
         d7:2a:b8:8e:ae:34:c5:8e:11:d4:17:cd:ae:4e:b9:92:6a:89:
         af:e0:58:30:46:62:d7:ab:c8:9f:b7:44:61:58:ae:a4:59:85:
         18:11:e6:f3:6e:d0:51:c3:44:7e:01:e5:7e:73:88:7a:ca:d1:
         dc:83:1d:7d:79:57:b0:d1:f6:24:77:80:17:8c:91:de:e9:4a:
         5c:82:1c:a1:f1:68:9d:09:8d:df:63:99:d0:56:0a:61:e6:9f:
         68:0c:91:06:76:58:8f:29:58:91:5f:71:c2:06:dd:03:cf:47:
         59:52:d6:19:df:5f:d1:c9:76:56:68:3a:a6:17:86:a7:65:e7:
         45:27:a9:36
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJoEPmwvNgcR8Jkk6yKRM6YHOH5wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjE3MDAzMTE1WhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNjg0NDkxYmNkODY2MGY1NWRlMzI2Y2U0NmNlMWU1Zjc5
NWVmODNiOWU4ZmE1MWIyZDg0NTBkYzc0ZTY1MTEzMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwVLbB18E1UeYLsH2OZoqSfzvyS2pHM7BSKyx4xbTcN6dd
uAMf9UX335mwJ6w/5kdTn8Q9i3nYPyjmxVEptmRUYLqhc7j0vBKmwgkn41aca0rw
0cYrI4iPhiAY3m/wYJ38CSM9qjYDhOPH4sGNxh3VoJg8kavzAf2uNNR5vRiub+x1
hhe4V7aFjQLtibmCFUev685a/jgE64TTDQWS+zKpySOoq3S6Ct42B1od6YzyTA3S
GBzsZtChP6oNwTNeIff+Kk2muVRkqQYAc/Uo+3qMU6ZUpppSOD6Q6aCz2bx7pk36
2WgD4b7ywYy8QKJ1KEUpA08P9QkOn9Ms0yTKdMTbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU6dcG4Sewp7mIwK3+xsZUbigX03UwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2M5ODNlNTc0LWJmZWUtNDNkNS1hOGVlLTc5YmRmZGQ4ZTE3OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQN+GAwDQYJKoZIhvcNAQELBQADggEBAEBp5zHL2aYcGeJPFe9Y01BVadbT
Ei+KFKVQuPt0j0Izw3bvK8+tKe/QVQea2YMV2CizBB+Axvc2TtWShXJhOgRb5rtM
q0qwAH3VYCP5U3ogjNaklIK3UpS8yoAn+myONWJgLWHLGKM4c5RAdIcYBCuLjB9+
gjWJdgMiE3Kr09cquI6uNMWOEdQXza5OuZJqia/gWDBGYteryJ+3RGFYrqRZhRgR
5vNu0FHDRH4B5X5ziHrK0dyDHX15V7DR9iR3gBeMkd7pSlyCHKHxaJ0Jjd9jmdBW
CmHmn2gMkQZ2WI8pWJFfccIG3QPPR1lS1hnfX9HJdlZoOqYXhqdl50UnqTY=
-----END CERTIFICATE-----