Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e36dbc25-7f30-42c9-9655-13a4a2cc581c.roa
File:                     e36dbc25-7f30-42c9-9655-13a4a2cc581c.roa (raw, json)
Hash identifier:          i0QWd4ejdkgch15GRZ/iRH2tFAIfaa3GkhjuAVVTl7M=
Subject key identifier:   0C:F4:32:4B:07:EF:4C:81:BC:24:06:D3:38:8D:95:36:81:A2:9A:09
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       50D9960C0601B8D81A8F088E629AD29D76C2ED71
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e36dbc25-7f30-42c9-9655-13a4a2cc581c.roa
Signing time:             Sat 28 Feb 2026 04:01:52 +0000
ROA not before:           Sat 28 Feb 2026 04:01:52 +0000
ROA not after:            Fri 29 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        15.193.1.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:d9:96:0c:06:01:b8:d8:1a:8f:08:8e:62:9a:d2:9d:76:c2:ed:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 28 04:01:52 2026 GMT
            Not After : May 29 23:59:59 2026 GMT
        Subject: serialNumber=af252b4737f50451cfa35ffa64f01bd096c0ac2037f118b24d1b66f835287cfc, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:88:8f:44:70:6e:93:3f:0f:3d:a5:f5:bf:d7:
                    0a:44:f6:d2:a0:41:e3:d9:70:5c:74:f3:06:49:c9:
                    a3:e9:40:34:6f:01:aa:b3:77:e6:11:ca:64:fa:79:
                    b2:03:9c:31:c7:e4:27:6f:ac:1b:4f:9e:ee:1c:93:
                    29:e3:31:2b:ab:44:d6:84:dd:19:36:8b:53:c4:ee:
                    2a:b8:dd:16:0d:8d:46:4e:19:78:3e:84:84:fd:09:
                    04:dd:a7:2e:36:71:9d:e4:dd:82:49:72:6c:67:0a:
                    a8:61:b9:d2:80:a1:e0:f6:bf:bb:b2:60:e1:62:32:
                    43:d6:cf:2d:2a:fe:85:41:24:16:5f:84:5d:85:6b:
                    91:9a:40:c8:aa:99:7c:7d:82:7a:f2:09:2b:73:07:
                    a4:fb:cc:8a:27:11:82:85:ce:e7:5e:9e:cb:b6:4b:
                    cf:c6:17:02:83:64:dc:0e:e8:63:bc:66:ab:83:7e:
                    e8:2b:c4:bb:14:11:6e:ab:e5:25:00:fc:1e:eb:da:
                    ad:76:9f:9c:bf:94:a5:89:43:99:69:a5:99:58:87:
                    cb:ff:86:4e:e9:ae:7d:8e:04:05:93:e7:2d:6e:82:
                    f5:61:4d:97:33:16:90:b0:e3:fe:a6:5a:1e:90:61:
                    ca:3d:49:4e:54:67:67:2a:8d:ea:f2:bb:de:5d:31:
                    2a:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:F4:32:4B:07:EF:4C:81:BC:24:06:D3:38:8D:95:36:81:A2:9A:09
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e36dbc25-7f30-42c9-9655-13a4a2cc581c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.193.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:9a:51:52:b0:4c:e2:44:ed:41:40:88:17:a9:7f:ce:99:48:
         8e:29:04:57:26:ec:b7:4a:0c:9a:29:8a:0f:17:e5:39:54:48:
         50:9e:aa:cc:1f:99:0e:cd:ca:06:aa:be:98:7b:52:2f:09:77:
         4e:7b:98:ae:0d:ca:e7:74:b1:60:6d:f9:ae:72:f8:f2:a9:44:
         7f:d2:84:52:c9:36:1a:3b:92:dc:94:78:66:d2:cb:74:07:05:
         87:c4:d3:9e:73:44:b1:d7:03:8a:f9:b6:27:18:36:6b:10:eb:
         a0:69:cc:5c:41:53:ec:60:d4:4f:38:21:bb:cb:51:f7:17:1d:
         ff:df:8e:64:85:f1:5a:01:63:4b:e6:72:ff:21:97:85:d3:1f:
         67:01:fd:8a:a1:b5:c7:aa:b3:c3:a0:6e:24:49:4d:5e:6d:06:
         ea:fc:31:4b:2e:df:9d:d3:87:7b:74:a4:64:3d:83:df:46:b1:
         20:c6:bc:2a:a6:8c:cb:6f:e3:27:ea:53:ac:72:31:c4:78:7e:
         08:5b:27:03:bf:9c:38:eb:f2:e3:ff:22:f7:6c:3d:72:3f:28:
         38:eb:cf:b6:eb:58:71:72:83:98:5b:34:4d:29:b9:77:0a:18:
         ec:ad:7a:b4:1b:92:24:3f:80:db:b8:f7:18:92:f8:01:2d:1b:
         0a:5a:f4:77
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUNmWDAYBuNgajwiOYprSnXbC7XEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI4MDQwMTUyWhcNMjYwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BhZjI1MmI0NzM3ZjUwNDUxY2ZhMzVmZmE2NGYwMWJkMDk2
YzBhYzIwMzdmMTE4YjI0ZDFiNjZmODM1Mjg3Y2ZjMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDEiI9EcG6TPw89pfW/1wpE9tKgQePZcFx08wZJyaPpQDRv
Aaqzd+YRymT6ebIDnDHH5CdvrBtPnu4ckynjMSurRNaE3Rk2i1PE7iq43RYNjUZO
GXg+hIT9CQTdpy42cZ3k3YJJcmxnCqhhudKAoeD2v7uyYOFiMkPWzy0q/oVBJBZf
hF2Fa5GaQMiqmXx9gnryCStzB6T7zIonEYKFzudensu2S8/GFwKDZNwO6GO8ZquD
fugrxLsUEW6r5SUA/B7r2q12n5y/lKWJQ5lppZlYh8v/hk7prn2OBAWT5y1ugvVh
TZczFpCw4/6mWh6QYco9SU5UZ2cqjeryu95dMSqdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUDPQySwfvTIG8JAbTOI2VNoGimgkwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2UzNmRiYzI1LTdmMzAtNDJjOS05NjU1LTEzYTRhMmNjNTgxYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAPwQEwDQYJKoZIhvcNAQELBQADggEBAISaUVKwTOJE7UFAiBepf86ZSI4p
BFcm7LdKDJopig8X5TlUSFCeqswfmQ7Nygaqvph7Ui8Jd057mK4Nyud0sWBt+a5y
+PKpRH/ShFLJNho7ktyUeGbSy3QHBYfE055zRLHXA4r5ticYNmsQ66BpzFxBU+xg
1E84IbvLUfcXHf/fjmSF8VoBY0vmcv8hl4XTH2cB/Yqhtceqs8OgbiRJTV5tBur8
MUsu353Th3t0pGQ9g99GsSDGvCqmjMtv4yfqU6xyMcR4fghbJwO/nDjr8uP/Ivds
PXI/KDjrz7brWHFyg5hbNE0puXcKGOyterQbkiQ/gNu49xiS+AEtGwpa9Hc=
-----END CERTIFICATE-----