Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/cee1df74-de48-4d35-b9b9-d5ede77417d1.roa
File:                     cee1df74-de48-4d35-b9b9-d5ede77417d1.roa (raw, json)
Hash identifier:          m6OLJsxatc65ExOkQnaJLc/bq23cneIkUyXOl+uYlOQ=
Subject key identifier:   D7:E2:6B:EB:4C:B0:F4:DE:10:CF:2B:BA:7F:14:5C:DF:E1:0F:66:4A
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       607C3225393923F64CD766DDF74A8FAA4A4F7C50
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/cee1df74-de48-4d35-b9b9-d5ede77417d1.roa
Signing time:             Sun 01 Mar 2026 00:40:56 +0000
ROA not before:           Sun 01 Mar 2026 00:40:56 +0000
ROA not after:            Sat 30 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.182.230.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:7c:32:25:39:39:23:f6:4c:d7:66:dd:f7:4a:8f:aa:4a:4f:7c:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar  1 00:40:56 2026 GMT
            Not After : May 30 23:59:59 2026 GMT
        Subject: serialNumber=6b8aa04b475841bd0a5f102280694524e40a5f82c6fa5f0a5bc094112494cef6, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:0c:f0:d4:b0:fd:13:8c:08:0b:e6:c0:30:f3:
                    dd:7c:f7:27:e0:33:51:b5:dd:7c:4a:23:99:58:a2:
                    78:d3:30:75:20:68:d7:c2:74:01:50:ea:29:bb:d7:
                    60:25:a8:69:0d:93:46:bc:bb:91:98:80:3c:87:24:
                    77:d6:a5:b7:0d:74:b0:dd:af:3f:7a:d8:46:40:06:
                    4f:63:88:71:1d:70:ce:1d:b5:0c:ae:3a:dd:36:f3:
                    24:a0:73:7f:79:f5:0a:4c:fa:2c:8d:f3:0d:4c:21:
                    e4:b5:68:f6:87:44:9b:16:0c:b4:0f:20:f3:f9:22:
                    45:d3:dc:f6:e6:69:14:4f:5e:e8:6f:c7:2c:f2:71:
                    93:57:00:05:89:65:96:eb:e7:8c:b1:16:63:4a:fb:
                    52:63:b3:9a:53:bd:b2:aa:5d:0b:b3:76:3f:6c:8a:
                    1d:e1:af:d0:1d:3a:95:d7:c3:5d:fb:09:d1:db:15:
                    bc:1b:d5:d2:8c:4e:5e:75:26:d4:da:9b:f5:be:bc:
                    a6:54:16:41:ad:1f:24:d3:17:9c:6b:70:79:43:14:
                    0d:9e:b5:01:ff:98:94:2d:9c:ca:c1:1d:7f:55:01:
                    84:79:bd:85:c0:15:db:cb:15:93:e7:66:46:df:66:
                    67:b3:e8:00:6a:a4:a7:7f:8c:12:e8:3c:14:75:27:
                    ac:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:E2:6B:EB:4C:B0:F4:DE:10:CF:2B:BA:7F:14:5C:DF:E1:0F:66:4A
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/cee1df74-de48-4d35-b9b9-d5ede77417d1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.182.230.0/23

    Signature Algorithm: sha256WithRSAEncryption
         05:38:90:0c:cf:32:39:ee:77:54:37:6e:f9:15:c2:6e:20:79:
         84:26:3f:4a:b6:09:8e:14:1e:f1:8e:ab:fc:f1:6b:d3:b7:b2:
         d9:3c:48:68:01:bf:55:25:f8:3a:eb:16:91:c7:e9:fa:6d:36:
         37:23:4c:d0:79:d7:61:56:42:c0:95:ca:73:14:69:b5:21:8c:
         18:d5:a3:8e:b9:32:4d:ea:84:00:4f:48:16:15:21:35:8b:df:
         d6:8b:36:fb:36:68:06:0c:6c:c0:7e:81:91:d8:c3:b3:a2:b5:
         74:1a:51:a8:b7:ca:76:40:b1:1f:ac:e2:8d:bf:8c:4d:e7:48:
         62:6b:1e:72:f2:83:9a:28:73:11:66:b3:86:34:15:19:16:55:
         0c:08:4a:aa:f8:c4:69:a7:3a:a6:36:9d:71:0e:22:52:9c:a9:
         d1:1a:bf:ff:ca:a4:38:74:4f:22:2f:c3:60:bf:b4:b3:27:d8:
         db:48:b4:8a:fb:ae:77:a0:3a:3d:d4:eb:01:77:79:29:bf:0a:
         a1:4f:7e:b0:30:e0:2a:a8:58:e7:12:1f:5b:e5:eb:e2:57:09:
         bf:33:2f:a6:fc:b7:72:88:59:43:f5:a4:fd:73:ec:98:74:9e:
         52:eb:40:37:10:fb:3d:95:06:52:87:3d:e2:05:6e:62:bb:2a:
         69:f4:3d:4b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYHwyJTk5I/ZM12bd90qPqkpPfFAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMzAxMDA0MDU2WhcNMjYwNTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A2YjhhYTA0YjQ3NTg0MWJkMGE1ZjEwMjI4MDY5NDUyNGU0
MGE1ZjgyYzZmYTVmMGE1YmMwOTQxMTI0OTRjZWY2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDpDPDUsP0TjAgL5sAw89189yfgM1G13XxKI5lYonjTMHUg
aNfCdAFQ6im712AlqGkNk0a8u5GYgDyHJHfWpbcNdLDdrz962EZABk9jiHEdcM4d
tQyuOt028ySgc3959QpM+iyN8w1MIeS1aPaHRJsWDLQPIPP5IkXT3PbmaRRPXuhv
xyzycZNXAAWJZZbr54yxFmNK+1Jjs5pTvbKqXQuzdj9sih3hr9AdOpXXw137CdHb
Fbwb1dKMTl51JtTam/W+vKZUFkGtHyTTF5xrcHlDFA2etQH/mJQtnMrBHX9VAYR5
vYXAFdvLFZPnZkbfZmez6ABqpKd/jBLoPBR1J6xBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU1+Jr60yw9N4Qzyu6fxRc3+EPZkowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2NlZTFkZjc0LWRlNDgtNGQzNS1iOWI5LWQ1ZWRlNzc0MTdkMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAE2tuYwDQYJKoZIhvcNAQELBQADggEBAAU4kAzPMjnud1Q3bvkVwm4geYQm
P0q2CY4UHvGOq/zxa9O3stk8SGgBv1Ul+DrrFpHH6fptNjcjTNB512FWQsCVynMU
abUhjBjVo465Mk3qhABPSBYVITWL39aLNvs2aAYMbMB+gZHYw7OitXQaUai3ynZA
sR+s4o2/jE3nSGJrHnLyg5oocxFms4Y0FRkWVQwISqr4xGmnOqY2nXEOIlKcqdEa
v//KpDh0TyIvw2C/tLMn2NtItIr7rnegOj3U6wF3eSm/CqFPfrAw4CqoWOcSH1vl
6+JXCb8zL6b8t3KIWUP1pP1z7Jh0nlLrQDcQ+z2VBlKHPeIFbmK7Kmn0PUs=
-----END CERTIFICATE-----