Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e2847c81-5b1b-455f-b1d5-0d1a4d37380f.roa
File:                     e2847c81-5b1b-455f-b1d5-0d1a4d37380f.roa (raw, json)
Hash identifier:          3TebOxR8vNBcVX/8hg5bxrhyFkMaWaJnx6OQgEEb5OU=
Subject key identifier:   C7:1C:CF:44:7B:C1:BC:08:A2:E1:7E:12:B5:DB:7C:13:1C:21:C1:A7
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       1BDBBABDDD05CA8AC8B6141B4C3CF86B917CA5EB
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e2847c81-5b1b-455f-b1d5-0d1a4d37380f.roa
Signing time:             Thu 26 Feb 2026 01:10:04 +0000
ROA not before:           Thu 26 Feb 2026 01:10:04 +0000
ROA not after:            Wed 27 May 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        150.222.71.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:db:ba:bd:dd:05:ca:8a:c8:b6:14:1b:4c:3c:f8:6b:91:7c:a5:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 26 01:10:04 2026 GMT
            Not After : May 27 23:59:59 2026 GMT
        Subject: serialNumber=94d3bacc019a4aba645873350f1dd26a8cc05fac7684d5c234c90cae35550a4f, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:29:64:55:0c:2f:02:36:8e:96:34:e4:e5:ee:
                    58:de:3c:2b:00:62:93:e6:cf:9e:17:ae:31:7a:fa:
                    c1:dc:81:f6:8c:cc:c0:d2:e0:00:a8:49:8c:b5:83:
                    78:4e:4c:33:74:4b:d5:20:c3:17:d6:e4:0a:7e:60:
                    23:16:0f:88:8e:e3:16:e1:a8:4c:55:44:79:50:a9:
                    18:ee:f7:ed:2e:4d:24:1a:3f:63:3f:f7:be:5d:41:
                    2f:2c:a5:d0:e2:e7:cd:2a:c7:32:62:29:27:ae:c2:
                    f4:c0:4b:7b:c0:e6:e5:1f:02:dd:88:40:03:fa:28:
                    ba:89:ed:fd:f6:c6:82:e6:05:4c:34:d7:3b:f6:57:
                    98:a3:ad:d5:36:6e:04:22:33:56:23:b7:93:5e:0c:
                    cf:f1:50:c6:5e:a1:98:f6:81:be:0d:f3:2c:92:46:
                    47:61:12:db:95:1f:cb:e9:55:f7:15:30:b0:0f:49:
                    b8:61:c3:71:56:74:df:97:04:70:6c:c4:cf:8f:c8:
                    37:26:d5:51:74:ef:6b:b4:b9:e1:10:44:c6:27:ed:
                    ad:db:a4:ed:58:f8:ba:67:3d:f8:9b:8b:c1:72:bb:
                    06:0e:db:7b:7b:d5:f7:cf:52:01:6f:45:d9:35:25:
                    86:82:67:c6:56:9d:02:48:51:88:6a:ba:e9:8b:69:
                    cb:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:1C:CF:44:7B:C1:BC:08:A2:E1:7E:12:B5:DB:7C:13:1C:21:C1:A7
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e2847c81-5b1b-455f-b1d5-0d1a4d37380f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.222.71.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:4b:28:c6:c8:62:da:ce:69:ff:a8:68:24:1a:03:7c:c3:32:
         dc:33:61:81:34:d4:c7:3b:b1:1d:6b:e7:58:cd:1a:0c:95:1c:
         a7:dc:21:e6:0d:94:62:00:bf:7f:2a:69:b0:d7:b2:3e:b8:fa:
         4b:44:17:91:03:a9:c7:15:8b:bc:c0:3f:44:6f:1d:00:5d:95:
         65:cf:f9:ad:7f:eb:a7:a5:54:f4:15:ab:59:db:f2:3b:7b:56:
         32:5c:e6:58:4e:2d:b1:98:ee:f3:e8:88:0f:b5:e6:19:1b:40:
         4d:75:7a:52:c5:6b:1b:80:0f:4d:cf:04:d0:9b:02:85:cb:8b:
         cd:6d:bf:db:db:ca:65:10:51:4a:5d:43:fa:ea:9e:eb:a4:63:
         14:f1:41:14:bf:6d:18:7a:59:24:2f:41:65:cb:f6:8b:a3:3c:
         de:ab:5d:09:71:fd:1c:13:cb:ab:4e:52:46:ab:aa:77:10:bd:
         97:47:16:a6:73:31:80:53:b3:d3:2e:2e:41:60:80:6b:d4:28:
         29:bb:a9:5e:31:59:13:5d:ee:c6:71:e7:82:dd:d7:00:c7:8e:
         7f:43:c6:e1:b3:be:95:4c:b3:1d:1c:3d:5e:d5:b4:e9:22:b7:
         f9:2c:48:f4:9b:7a:7d:00:d8:46:f9:a4:32:b9:17:80:b9:ca:
         1f:8d:d3:e8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUG9u6vd0FyorIthQbTDz4a5F8peswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI2MDExMDA0WhcNMjYwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5NGQzYmFjYzAxOWE0YWJhNjQ1ODczMzUwZjFkZDI2YThj
YzA1ZmFjNzY4NGQ1YzIzNGM5MGNhZTM1NTUwYTRmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDiKWRVDC8CNo6WNOTl7ljePCsAYpPmz54XrjF6+sHcgfaM
zMDS4ACoSYy1g3hOTDN0S9UgwxfW5Ap+YCMWD4iO4xbhqExVRHlQqRju9+0uTSQa
P2M/975dQS8spdDi580qxzJiKSeuwvTAS3vA5uUfAt2IQAP6KLqJ7f32xoLmBUw0
1zv2V5ijrdU2bgQiM1Yjt5NeDM/xUMZeoZj2gb4N8yySRkdhEtuVH8vpVfcVMLAP
Sbhhw3FWdN+XBHBsxM+PyDcm1VF072u0ueEQRMYn7a3bpO1Y+LpnPfibi8FyuwYO
23t71ffPUgFvRdk1JYaCZ8ZWnQJIUYhquumLacvBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUxxzPRHvBvAii4X4Stdt8ExwhwacwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2UyODQ3YzgxLTViMWItNDU1Zi1iMWQ1LTBkMWE0ZDM3MzgwZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACW3kcwDQYJKoZIhvcNAQELBQADggEBAHRLKMbIYtrOaf+oaCQaA3zDMtwz
YYE01Mc7sR1r51jNGgyVHKfcIeYNlGIAv38qabDXsj64+ktEF5EDqccVi7zAP0Rv
HQBdlWXP+a1/66elVPQVq1nb8jt7VjJc5lhOLbGY7vPoiA+15hkbQE11elLFaxuA
D03PBNCbAoXLi81tv9vbymUQUUpdQ/rqnuukYxTxQRS/bRh6WSQvQWXL9oujPN6r
XQlx/RwTy6tOUkarqncQvZdHFqZzMYBTs9MuLkFggGvUKCm7qV4xWRNd7sZx54Ld
1wDHjn9DxuGzvpVMsx0cPV7VtOkit/ksSPSben0A2Eb5pDK5F4C5yh+N0+g=
-----END CERTIFICATE-----