Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d725f87f-a86a-4fc5-843b-fa61c0834c10.roa
File:                     d725f87f-a86a-4fc5-843b-fa61c0834c10.roa (raw, json)
Hash identifier:          dcw6gVhjfmY7EVpqbKhhkyGX3WtqZcyp2C00GVjYFSE=
Subject key identifier:   0B:4D:19:57:78:99:C6:F3:D2:13:35:6B:A1:10:B9:8A:4B:5A:E4:D7
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0301B8EE16FF544D58A23EA89BF9AE9E9BE2715E
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d725f87f-a86a-4fc5-843b-fa61c0834c10.roa
Signing time:             Mon 23 Feb 2026 00:41:10 +0000
ROA not before:           Mon 23 Feb 2026 00:41:10 +0000
ROA not after:            Sun 24 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.159.0.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:01:b8:ee:16:ff:54:4d:58:a2:3e:a8:9b:f9:ae:9e:9b:e2:71:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 23 00:41:10 2026 GMT
            Not After : May 24 23:59:59 2026 GMT
        Subject: serialNumber=ecba64d9c7ba671ed5cd6a3b4d6d6ede41c33b8556c03c1f7f0aeaf0042d1227, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:a7:2b:f5:14:94:6c:88:b9:1c:3e:fa:6b:84:
                    d1:f8:c5:44:37:5d:e0:96:b4:17:0f:18:86:55:f1:
                    04:2d:76:71:9c:2d:94:50:2e:77:3b:5f:ae:70:9b:
                    3e:e7:5d:b0:8e:cb:62:0d:81:5c:32:af:b2:dc:2e:
                    21:94:86:57:95:cb:8c:13:34:79:93:d7:cd:43:91:
                    25:6f:69:9b:56:00:d1:f9:d6:d2:c2:99:2d:26:e9:
                    07:ab:c7:d5:bb:50:fc:55:3e:72:dc:11:cd:83:1e:
                    35:88:53:43:e0:86:34:bf:0a:29:e3:72:f2:23:63:
                    7e:b3:b0:3c:48:ba:5d:ab:6f:13:e5:a7:25:1c:ad:
                    e7:9b:48:7b:ff:21:8c:06:20:1d:aa:a1:82:81:9f:
                    d6:da:3d:87:d5:39:2d:78:0e:fd:2b:b4:ad:d2:c7:
                    74:bc:04:64:24:ac:2e:dc:17:24:fc:06:a9:bd:e6:
                    a9:0e:f0:f0:8d:a9:22:18:99:44:1d:19:d5:f2:db:
                    84:ff:50:c6:67:c0:1d:37:e9:44:a0:57:88:6e:bd:
                    1f:6d:0f:cd:2b:5a:95:74:58:50:d3:a3:26:5a:16:
                    02:30:32:85:e7:7e:54:e5:38:80:9f:4e:b3:9e:c5:
                    f9:c7:d0:b1:c9:02:5c:c3:a8:6c:5d:5d:f9:9c:60:
                    1b:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:4D:19:57:78:99:C6:F3:D2:13:35:6B:A1:10:B9:8A:4B:5A:E4:D7
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d725f87f-a86a-4fc5-843b-fa61c0834c10.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.159.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         15:49:f2:e4:8f:2e:9a:21:3e:d4:f6:97:d7:70:64:2e:44:b6:
         04:0b:9c:a0:cb:61:eb:2e:e8:ff:d6:7d:f7:11:b0:ac:ce:ad:
         ab:c9:14:44:8a:45:86:0c:b8:17:c1:c3:c4:ea:ee:df:1b:60:
         10:68:c4:26:eb:38:53:71:19:0c:c2:bd:29:3b:c8:8c:2a:df:
         b1:b6:bf:17:64:87:ec:cd:2a:96:4d:4f:d4:b0:f3:16:eb:ab:
         f3:36:5f:96:e7:bd:9d:b9:c6:35:f4:59:24:3f:1c:0f:78:dd:
         21:b5:76:ca:81:db:db:f0:cc:2e:04:c6:73:55:c5:71:72:26:
         ae:de:0c:45:17:32:c1:ec:de:43:12:5e:ac:e6:c9:f7:94:e4:
         b5:28:70:6d:7e:29:81:38:e3:ca:72:29:a3:38:63:59:54:60:
         9e:00:73:76:b9:16:90:fb:ea:6d:33:86:7e:74:10:c9:85:eb:
         0b:f8:c0:16:78:83:cf:d4:b2:7d:02:65:38:b5:22:30:db:84:
         d2:49:d7:ae:f4:02:43:10:70:9c:bd:92:93:94:ec:19:a5:2d:
         52:65:8e:5e:cf:56:e1:c4:30:f5:3d:a4:df:bb:2f:76:10:c3:
         54:84:0f:02:26:50:af:65:aa:8c:47:eb:69:72:5a:72:00:1a:
         f9:e4:cd:4a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAwG47hb/VE1Yoj6om/munpvicV4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjIzMDA0MTEwWhcNMjYwNTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BlY2JhNjRkOWM3YmE2NzFlZDVjZDZhM2I0ZDZkNmVkZTQx
YzMzYjg1NTZjMDNjMWY3ZjBhZWFmMDA0MmQxMjI3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDapyv1FJRsiLkcPvprhNH4xUQ3XeCWtBcPGIZV8QQtdnGc
LZRQLnc7X65wmz7nXbCOy2INgVwyr7LcLiGUhleVy4wTNHmT181DkSVvaZtWANH5
1tLCmS0m6Qerx9W7UPxVPnLcEc2DHjWIU0PghjS/CinjcvIjY36zsDxIul2rbxPl
pyUcreebSHv/IYwGIB2qoYKBn9baPYfVOS14Dv0rtK3Sx3S8BGQkrC7cFyT8Bqm9
5qkO8PCNqSIYmUQdGdXy24T/UMZnwB036USgV4huvR9tD80rWpV0WFDToyZaFgIw
MoXnflTlOICfTrOexfnH0LHJAlzDqGxdXfmcYBslAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUC00ZV3iZxvPSEzVroRC5ikta5NcwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2Q3MjVmODdmLWE4NmEtNGZjNS04NDNiLWZhNjFjMDgzNGMxMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAY2nwAwDQYJKoZIhvcNAQELBQADggEBABVJ8uSPLpohPtT2l9dwZC5EtgQL
nKDLYesu6P/WffcRsKzOravJFESKRYYMuBfBw8Tq7t8bYBBoxCbrOFNxGQzCvSk7
yIwq37G2vxdkh+zNKpZNT9Sw8xbrq/M2X5bnvZ25xjX0WSQ/HA943SG1dsqB29vw
zC4ExnNVxXFyJq7eDEUXMsHs3kMSXqzmyfeU5LUocG1+KYE448pyKaM4Y1lUYJ4A
c3a5FpD76m0zhn50EMmF6wv4wBZ4g8/Usn0CZTi1IjDbhNJJ1670AkMQcJy9kpOU
7BmlLVJljl7PVuHEMPU9pN+7L3YQw1SEDwImUK9lqoxH62lyWnIAGvnkzUo=
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:56:39 2026 by rpki-client