Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/df607230-41e6-480a-813d-bbc6101bd307.roa
File:                     df607230-41e6-480a-813d-bbc6101bd307.roa (raw, json)
Hash identifier:          0BVOfy8mksp5oMVtzRM17zYG4/0jxiU+2RdVwTtEvig=
Subject key identifier:   20:DB:DE:07:C2:C4:CA:5B:86:A5:58:64:64:FB:02:B2:34:F8:E4:6A
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       67F4AD616A991E813F635E1D0B08430813DBEC8B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/df607230-41e6-480a-813d-bbc6101bd307.roa
Signing time:             Tue 17 Feb 2026 00:30:48 +0000
ROA not before:           Tue 17 Feb 2026 00:30:48 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        52.19.192.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:f4:ad:61:6a:99:1e:81:3f:63:5e:1d:0b:08:43:08:13:db:ec:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 17 00:30:48 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=0c740d5f6651b709f2f905f63c70335dd6eccd51ec715dc2d4df639119b34b84, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:9c:14:43:9a:e9:4d:98:fc:24:d1:4f:3b:eb:
                    c0:3c:1d:ab:20:07:0a:5b:52:26:35:1b:df:a6:89:
                    b6:98:56:cb:e6:d7:6c:3e:b9:d6:dd:14:22:60:84:
                    5b:80:a8:dd:e6:a8:42:46:0e:d1:31:e7:12:05:79:
                    6d:31:e9:60:95:1e:e2:0e:06:30:d2:45:88:94:e7:
                    fd:cf:03:47:34:0b:19:63:37:55:33:64:a2:13:61:
                    53:9a:0a:b5:cd:81:01:82:30:04:d2:03:fc:cc:f5:
                    17:93:a9:d8:d6:3f:27:9d:eb:09:6e:4f:9a:95:de:
                    5d:e1:e1:69:f1:13:cb:e1:d8:8f:20:77:e4:f3:5a:
                    69:8d:b6:f1:10:be:2e:22:2e:1c:cf:51:0f:69:76:
                    a7:d1:5c:31:ed:f6:24:6a:07:93:1f:ff:13:ec:16:
                    6e:7c:b1:35:33:11:d9:44:33:cb:7d:54:60:1c:ac:
                    e6:4c:9b:6c:ac:22:1d:a3:eb:c9:78:98:e1:3f:8f:
                    cd:9e:74:83:98:08:31:7f:31:81:f5:12:3c:5e:21:
                    14:e7:61:2e:36:85:e2:98:69:d2:8f:ae:35:ba:f9:
                    3c:98:b1:8b:db:46:80:ed:03:c9:56:fa:a1:3f:0c:
                    30:d4:44:2f:59:00:4c:d7:88:ec:ac:fd:85:c2:ee:
                    97:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:DB:DE:07:C2:C4:CA:5B:86:A5:58:64:64:FB:02:B2:34:F8:E4:6A
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/df607230-41e6-480a-813d-bbc6101bd307.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.19.192.0/19

    Signature Algorithm: sha256WithRSAEncryption
         41:e9:d2:19:c9:9d:a5:c1:bc:4f:d0:b9:7c:40:ab:61:63:4f:
         e2:45:12:bd:b7:11:94:68:ce:41:fd:2c:43:04:1c:1e:c7:71:
         68:e0:21:be:b4:64:56:8a:b5:a6:8b:33:f4:57:79:88:18:8c:
         1e:68:97:47:f3:28:4b:b0:7e:47:b7:95:23:15:46:39:04:20:
         e5:17:2d:57:44:5f:c3:5a:9c:26:18:78:de:94:ab:ba:ee:b6:
         1f:e2:fa:48:bb:be:58:f1:a0:a7:88:29:30:19:86:dd:65:1d:
         dc:26:78:dc:e9:3a:c8:3a:64:75:63:c0:e3:e0:17:11:1f:f8:
         f0:55:94:f2:f1:04:47:f2:7e:a8:21:90:b6:13:71:69:8b:2b:
         67:f1:23:b0:8a:a5:51:83:d4:26:90:14:e4:89:e6:ef:d6:2e:
         e5:56:0c:4d:38:2e:02:50:ca:55:25:be:ce:28:24:00:2f:90:
         1d:f3:1f:37:d4:1c:ac:56:11:91:71:ce:90:e5:25:a7:d7:00:
         4d:c7:5c:bc:cb:26:fd:dc:8e:ec:d3:6f:c5:0b:05:38:b1:fe:
         36:d8:96:bd:b0:ff:70:70:70:a6:67:c2:21:46:b7:c8:c0:c7:
         cb:69:fa:2a:0e:af:5f:5a:4b:b1:16:2a:7b:0a:c8:8f:f5:2f:
         73:29:70:c7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZ/StYWqZHoE/Y14dCwhDCBPb7IswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjE3MDAzMDQ4WhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwYzc0MGQ1ZjY2NTFiNzA5ZjJmOTA1ZjYzYzcwMzM1ZGQ2
ZWNjZDUxZWM3MTVkYzJkNGRmNjM5MTE5YjM0Yjg0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCznBRDmulNmPwk0U8768A8HasgBwpbUiY1G9+mibaYVsvm
12w+udbdFCJghFuAqN3mqEJGDtEx5xIFeW0x6WCVHuIOBjDSRYiU5/3PA0c0Cxlj
N1UzZKITYVOaCrXNgQGCMATSA/zM9ReTqdjWPyed6wluT5qV3l3h4WnxE8vh2I8g
d+TzWmmNtvEQvi4iLhzPUQ9pdqfRXDHt9iRqB5Mf/xPsFm58sTUzEdlEM8t9VGAc
rOZMm2ysIh2j68l4mOE/j82edIOYCDF/MYH1EjxeIRTnYS42heKYadKPrjW6+TyY
sYvbRoDtA8lW+qE/DDDURC9ZAEzXiOys/YXC7pc5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUINveB8LEyluGpVhkZPsCsjT45GowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2RmNjA3MjMwLTQxZTYtNDgwYS04MTNkLWJiYzYxMDFiZDMwNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU0E8AwDQYJKoZIhvcNAQELBQADggEBAEHp0hnJnaXBvE/QuXxAq2FjT+JF
Er23EZRozkH9LEMEHB7HcWjgIb60ZFaKtaaLM/RXeYgYjB5ol0fzKEuwfke3lSMV
RjkEIOUXLVdEX8NanCYYeN6Uq7ruth/i+ki7vljxoKeIKTAZht1lHdwmeNzpOsg6
ZHVjwOPgFxEf+PBVlPLxBEfyfqghkLYTcWmLK2fxI7CKpVGD1CaQFOSJ5u/WLuVW
DE04LgJQylUlvs4oJAAvkB3zHzfUHKxWEZFxzpDlJafXAE3HXLzLJv3cjuzTb8UL
BTix/jbYlr2w/3BwcKZnwiFGt8jAx8tp+ioOr19aS7EWKnsKyI/1L3MpcMc=
-----END CERTIFICATE-----