Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/cf5c3bfc-c366-4460-974a-f2baaf91521b.roa
File:                     cf5c3bfc-c366-4460-974a-f2baaf91521b.roa (raw, json)
Hash identifier:          1bmh0xkUFqQgK3ZJUpvivh72NyiANvAjv0z0xgdZA8I=
Subject key identifier:   B6:EA:97:80:D1:4B:DB:80:39:EC:4D:74:85:7D:BB:62:3E:6D:8E:2F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       532CE356DF9450E0965289A72F77BEEE2A4DEF13
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/cf5c3bfc-c366-4460-974a-f2baaf91521b.roa
Signing time:             Mon 23 Feb 2026 01:50:42 +0000
ROA not before:           Mon 23 Feb 2026 01:50:42 +0000
ROA not after:            Sun 24 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.151.192.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:2c:e3:56:df:94:50:e0:96:52:89:a7:2f:77:be:ee:2a:4d:ef:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 23 01:50:42 2026 GMT
            Not After : May 24 23:59:59 2026 GMT
        Subject: serialNumber=129462049362a9c8206b8921f7862043e096366d8569c934d4db5cb4d889574c, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:ac:5c:56:69:9d:ef:69:0d:f9:c9:83:b0:cf:
                    63:fb:81:99:e4:a4:b6:ef:86:f7:a6:bb:da:24:ff:
                    96:93:05:91:cb:dc:2a:57:1a:e9:1d:3e:f6:01:16:
                    82:c4:d1:2e:3f:be:68:a2:e3:01:49:79:2e:03:9b:
                    ab:a2:b2:e1:06:54:0f:1e:3f:55:41:61:86:c9:55:
                    f8:26:c4:b4:67:86:36:5e:5f:35:bb:2e:6e:fe:b2:
                    1b:b1:b5:fd:3b:0e:6b:f8:1d:f1:ef:c8:79:6e:47:
                    8e:e1:4c:a9:5b:2c:1d:61:3a:d5:7f:e2:57:07:38:
                    2a:48:25:93:57:70:24:18:fc:80:15:a0:e1:1f:f1:
                    70:6e:4e:9e:26:b6:0c:38:d9:79:ea:7b:f9:c4:ee:
                    5e:7f:92:0f:f2:6e:ad:81:47:64:15:6a:9f:e9:99:
                    01:88:43:a0:ad:cb:b1:1a:8c:05:79:4c:fe:e3:e2:
                    76:20:24:60:ee:30:a7:83:1a:47:73:34:9d:7c:62:
                    e6:18:d6:86:f8:d7:e8:89:3e:10:5b:e3:90:76:9f:
                    23:e7:1e:65:14:c6:e8:55:22:bf:f8:11:4d:b1:70:
                    bb:38:6f:46:fa:65:55:dc:15:a7:67:ae:ce:10:14:
                    23:e0:de:bb:ad:2c:4a:ae:d2:ea:4a:25:44:b2:57:
                    15:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:EA:97:80:D1:4B:DB:80:39:EC:4D:74:85:7D:BB:62:3E:6D:8E:2F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/cf5c3bfc-c366-4460-974a-f2baaf91521b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.151.192.0/19

    Signature Algorithm: sha256WithRSAEncryption
         2d:02:b3:32:be:0a:fa:d4:3f:93:07:b2:00:54:57:f5:7a:6b:
         13:59:2e:c9:70:dd:dd:17:13:56:28:16:58:1d:82:b6:a7:08:
         06:33:30:49:eb:71:d7:2d:c7:c2:33:a2:8d:92:10:e9:0a:53:
         41:e2:7f:ff:0a:b5:5e:1d:3b:a1:c8:40:a4:9b:57:7b:bc:68:
         b2:ca:f5:33:10:75:04:82:38:72:fc:bc:d9:7c:c1:77:5c:bf:
         fe:fa:29:45:1a:6c:24:9b:e0:60:5c:cf:28:9b:0b:be:d9:ec:
         44:e3:2c:e3:98:d0:cf:81:0f:d3:a8:72:79:b4:66:29:7d:be:
         6e:a2:2e:aa:15:04:0e:c9:bd:7c:5f:ce:bc:ef:d0:8f:71:39:
         af:60:78:fe:84:9d:d1:10:cf:34:5a:37:20:41:a9:1f:19:85:
         cf:4f:10:91:b6:e4:c3:c3:fa:34:21:c6:ca:f6:dc:f4:80:ab:
         1e:50:49:e5:a0:b1:37:05:ee:0d:86:f7:fc:43:fa:b7:d1:86:
         ac:3a:e0:ee:a3:89:c0:2b:e1:d0:87:e9:47:7a:17:40:3d:7f:
         f8:93:7e:c8:71:39:ba:4f:05:60:92:88:7c:94:2e:3a:18:c9:
         a1:7e:61:72:ad:34:bb:a4:01:4f:fa:12:81:cc:39:ce:3d:a8:
         f6:f2:53:dc
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUyzjVt+UUOCWUomnL3e+7ipN7xMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjIzMDE1MDQyWhcNMjYwNTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMjk0NjIwNDkzNjJhOWM4MjA2Yjg5MjFmNzg2MjA0M2Uw
OTYzNjZkODU2OWM5MzRkNGRiNWNiNGQ4ODk1NzRjMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCorFxWaZ3vaQ35yYOwz2P7gZnkpLbvhvemu9ok/5aTBZHL
3CpXGukdPvYBFoLE0S4/vmii4wFJeS4Dm6uisuEGVA8eP1VBYYbJVfgmxLRnhjZe
XzW7Lm7+shuxtf07Dmv4HfHvyHluR47hTKlbLB1hOtV/4lcHOCpIJZNXcCQY/IAV
oOEf8XBuTp4mtgw42Xnqe/nE7l5/kg/ybq2BR2QVap/pmQGIQ6Cty7EajAV5TP7j
4nYgJGDuMKeDGkdzNJ18YuYY1ob41+iJPhBb45B2nyPnHmUUxuhVIr/4EU2xcLs4
b0b6ZVXcFadnrs4QFCPg3rutLEqu0upKJUSyVxU9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUtuqXgNFL24A57E10hX27Yj5tji8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2NmNWMzYmZjLWMzNjYtNDQ2MC05NzRhLWYyYmFhZjkxNTIxYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU2l8AwDQYJKoZIhvcNAQELBQADggEBAC0CszK+CvrUP5MHsgBUV/V6axNZ
Lslw3d0XE1YoFlgdgranCAYzMEnrcdctx8Izoo2SEOkKU0Hif/8KtV4dO6HIQKSb
V3u8aLLK9TMQdQSCOHL8vNl8wXdcv/76KUUabCSb4GBczyibC77Z7ETjLOOY0M+B
D9Oocnm0Zil9vm6iLqoVBA7JvXxfzrzv0I9xOa9geP6EndEQzzRaNyBBqR8Zhc9P
EJG25MPD+jQhxsr23PSAqx5QSeWgsTcF7g2G9/xD+rfRhqw64O6jicAr4dCH6Ud6
F0A9f/iTfshxObpPBWCSiHyULjoYyaF+YXKtNLukAU/6EoHMOc49qPbyU9w=
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:32:27 2026 by rpki-client