Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d3e9f4ef-521d-44ce-8ce6-9861c07bae55.roa
File:                     d3e9f4ef-521d-44ce-8ce6-9861c07bae55.roa (raw, json)
Hash identifier:          QeO5eCav+Cnk6RRQNtNLb3H0gFBSSJs5oXUgy1MY9rQ=
Subject key identifier:   97:79:E8:7E:D7:40:C0:80:FB:72:7C:3C:07:D3:5C:9E:D3:A4:FE:9A
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       48E2D6986A489B261CB8FCE2DD0CB43C7AE287AF
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d3e9f4ef-521d-44ce-8ce6-9861c07bae55.roa
Signing time:             Thu 26 Feb 2026 01:00:06 +0000
ROA not before:           Thu 26 Feb 2026 01:00:06 +0000
ROA not after:            Wed 27 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        165.208.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:e2:d6:98:6a:48:9b:26:1c:b8:fc:e2:dd:0c:b4:3c:7a:e2:87:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 26 01:00:06 2026 GMT
            Not After : May 27 23:59:59 2026 GMT
        Subject: serialNumber=995c3ed30edb3abf23ef2babacb104a0ad51e9e83991864f667adb4fdcfd5f44, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:6e:bc:ca:ed:2c:6d:eb:e0:1a:ed:fd:b1:5c:
                    bb:9a:44:61:4e:ee:9c:5a:d1:ab:c8:10:09:d6:73:
                    59:76:54:f8:c1:71:6b:c1:f1:3c:3e:ce:e1:65:ff:
                    da:0a:9f:e6:6a:76:b8:ba:22:b5:26:fa:be:fb:ad:
                    39:0a:34:00:fb:08:67:7e:d8:86:ae:28:e6:18:3d:
                    83:cd:05:2a:c4:50:be:1d:54:e0:45:6e:81:da:4e:
                    93:7c:6b:21:30:af:29:ff:6d:54:c5:19:80:bd:9a:
                    b1:6a:34:ed:21:72:23:1e:87:85:9c:5d:db:e6:08:
                    1b:c5:73:75:b2:5e:0a:fa:f2:41:4a:d2:29:9d:45:
                    ff:bf:8f:19:18:e4:0d:72:dd:4f:9b:8e:4c:36:c4:
                    90:2e:00:d5:b1:c4:ac:87:5c:17:76:59:52:ec:2b:
                    4e:4a:99:10:09:75:b8:b4:cb:1b:83:fe:03:e8:60:
                    8d:17:84:30:87:d6:7d:3e:c2:75:d3:aa:93:c1:a1:
                    a5:bf:ee:d0:b1:12:08:f6:84:6e:27:88:bc:01:c9:
                    42:ac:3b:59:ea:a3:61:ee:f9:66:e2:88:3d:16:3f:
                    42:02:0e:25:7e:5c:f9:8c:a8:9c:1d:c9:6d:90:fe:
                    05:c8:11:3e:f1:dd:4c:b8:11:40:e9:ce:62:7c:14:
                    1d:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:79:E8:7E:D7:40:C0:80:FB:72:7C:3C:07:D3:5C:9E:D3:A4:FE:9A
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d3e9f4ef-521d-44ce-8ce6-9861c07bae55.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.208.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         2d:56:cf:9f:ca:2b:be:0e:4a:5b:98:66:ac:fa:25:41:d4:7e:
         54:c2:60:91:2b:a8:1c:be:26:9c:e5:7a:05:c3:a7:54:29:2a:
         68:d8:f2:59:dd:39:71:e5:7d:e9:28:a1:94:69:72:4b:ce:c6:
         4e:1a:e9:3e:02:80:52:00:77:6a:22:e6:d7:73:a1:0a:54:d6:
         46:9a:67:8f:1c:d1:bb:03:7d:24:13:b7:28:d2:8d:5b:40:be:
         14:dc:ed:60:17:c3:9e:bd:e1:17:f2:4a:e9:4e:34:47:93:c3:
         0d:0e:2c:b1:91:26:5b:f8:8a:c9:a3:62:4e:9b:f6:44:ac:9e:
         20:c0:de:c4:b9:52:f8:a2:76:5b:76:43:89:63:17:b0:02:b6:
         5b:8d:8b:5d:b3:a9:9b:fc:52:53:11:b4:14:f3:3c:39:ea:ee:
         0f:69:cb:df:f9:0a:ea:4a:db:dd:6b:7b:87:4b:c7:78:09:1d:
         11:17:88:a3:05:a0:e9:73:c8:5c:c6:f0:08:74:4d:dc:d7:3b:
         74:d0:a6:83:83:4e:7e:f1:f6:62:ae:95:91:e0:b2:0b:09:bd:
         01:cf:fa:c9:3d:e2:d8:df:54:91:3a:56:68:bc:6d:3f:04:7f:
         70:52:82:bc:16:6a:f2:7e:99:5b:13:ea:76:72:43:61:47:c4:
         f3:94:a3:e1
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUSOLWmGpImyYcuPzi3Qy0PHrih68wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI2MDEwMDA2WhcNMjYwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5OTVjM2VkMzBlZGIzYWJmMjNlZjJiYWJhY2IxMDRhMGFk
NTFlOWU4Mzk5MTg2NGY2NjdhZGI0ZmRjZmQ1ZjQ0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBbrzK7Sxt6+Aa7f2xXLuaRGFO7pxa0avIEAnWc1l2VPjB
cWvB8Tw+zuFl/9oKn+Zqdri6IrUm+r77rTkKNAD7CGd+2IauKOYYPYPNBSrEUL4d
VOBFboHaTpN8ayEwryn/bVTFGYC9mrFqNO0hciMeh4WcXdvmCBvFc3WyXgr68kFK
0imdRf+/jxkY5A1y3U+bjkw2xJAuANWxxKyHXBd2WVLsK05KmRAJdbi0yxuD/gPo
YI0XhDCH1n0+wnXTqpPBoaW/7tCxEgj2hG4niLwByUKsO1nqo2Hu+WbiiD0WP0IC
DiV+XPmMqJwdyW2Q/gXIET7x3Uy4EUDpzmJ8FB3DAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUl3noftdAwID7cnw8B9NcntOk/powHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2QzZTlmNGVmLTUyMWQtNDRjZS04Y2U2LTk4NjFjMDdiYWU1NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCl0DANBgkqhkiG9w0BAQsFAAOCAQEALVbPn8orvg5KW5hmrPolQdR+VMJg
kSuoHL4mnOV6BcOnVCkqaNjyWd05ceV96SihlGlyS87GThrpPgKAUgB3aiLm13Oh
ClTWRppnjxzRuwN9JBO3KNKNW0C+FNztYBfDnr3hF/JK6U40R5PDDQ4ssZEmW/iK
yaNiTpv2RKyeIMDexLlS+KJ2W3ZDiWMXsAK2W42LXbOpm/xSUxG0FPM8OeruD2nL
3/kK6krb3Wt7h0vHeAkdEReIowWg6XPIXMbwCHRN3Nc7dNCmg4NOfvH2Yq6VkeCy
Cwm9Ac/6yT3i2N9UkTpWaLxtPwR/cFKCvBZq8n6ZWxPqdnJDYUfE85Sj4Q==
-----END CERTIFICATE-----