Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ea749162-2fbf-4892-994c-3592660aee67.roa
File:                     ea749162-2fbf-4892-994c-3592660aee67.roa (raw, json)
Hash identifier:          mloqyrO8RvpUvVLvQo/9AMNJ8od2FNwt6yccwBKArpQ=
Subject key identifier:   FA:53:3C:F6:C5:E6:DA:25:B4:77:7D:FF:B1:39:57:79:7B:9E:49:D3
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       45AD79F04CC7A359C70A5AD13D9A2E863D63BCD4
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ea749162-2fbf-4892-994c-3592660aee67.roa
Signing time:             Sat 28 Feb 2026 04:20:06 +0000
ROA not before:           Sat 28 Feb 2026 04:20:06 +0000
ROA not after:            Fri 29 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.79.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:ad:79:f0:4c:c7:a3:59:c7:0a:5a:d1:3d:9a:2e:86:3d:63:bc:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 28 04:20:06 2026 GMT
            Not After : May 29 23:59:59 2026 GMT
        Subject: serialNumber=ee64793d241c52265d55925aaa63eb351ba6ce36912036fe80cfa9bca49a1d6b, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:8a:97:46:d9:cf:95:2b:81:56:41:d1:2e:06:
                    cf:d3:ef:b7:f4:34:b5:38:50:76:9c:73:26:ae:a3:
                    75:79:88:a4:1a:31:b7:eb:5f:af:0a:cf:52:b4:77:
                    0b:88:48:89:42:9d:6f:9d:8c:c0:fd:bf:a1:7e:d2:
                    e0:f7:79:80:90:32:64:dd:7d:a3:03:a6:34:0e:49:
                    18:e8:04:c6:1b:72:63:a7:d5:e1:15:a7:15:c4:24:
                    5d:61:14:fa:20:4a:ac:ee:fe:cb:e3:9c:b7:7f:94:
                    a3:7e:51:7f:56:d2:81:c1:fd:6e:9a:69:18:e4:ae:
                    9a:ab:5c:82:e0:d9:d1:af:e3:69:83:7d:d5:50:18:
                    e6:e2:13:77:ad:72:32:90:03:6b:c9:cc:3c:75:50:
                    9b:6f:12:eb:92:1e:6e:6d:dd:e3:29:92:1c:16:c2:
                    a1:c1:64:2e:c1:ca:86:ff:fe:f8:32:9b:e2:73:12:
                    c4:18:55:40:5c:2e:fd:b0:70:af:d7:58:af:f1:3a:
                    96:a2:a6:72:77:c5:82:a2:ba:5d:9e:00:1a:57:b0:
                    e2:c3:ba:ad:b5:65:a1:eb:6f:ac:12:6d:59:74:e1:
                    6f:6c:7f:89:88:34:eb:90:84:af:6a:16:67:5f:43:
                    a4:2c:77:87:d5:3d:99:de:b4:64:b0:bb:72:f1:41:
                    ea:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:53:3C:F6:C5:E6:DA:25:B4:77:7D:FF:B1:39:57:79:7B:9E:49:D3
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ea749162-2fbf-4892-994c-3592660aee67.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.79.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1c:6a:5e:bb:10:a6:e1:a2:38:0b:2b:7b:dc:9d:12:1f:a3:75:
         25:7d:56:4f:44:98:1d:1d:ad:4d:b5:d8:18:00:3b:b2:7c:6a:
         f5:9d:a3:f0:0e:ee:52:84:7f:89:d4:69:86:d5:20:98:78:8e:
         d7:a1:49:b6:16:f0:d6:10:68:99:73:d9:37:df:70:ff:e0:d8:
         27:29:d6:6e:73:86:8b:f1:43:b2:c8:f4:3f:18:2e:06:2f:9f:
         82:0a:28:d5:30:92:57:ec:c1:be:62:6d:80:94:47:d4:28:c7:
         99:94:98:d4:ae:ca:0d:d7:4e:c8:71:ae:73:cf:6b:30:cd:24:
         c5:e0:66:ae:34:ae:9b:b0:20:73:25:85:d2:ea:0f:8b:e4:4f:
         b0:9f:aa:06:53:8a:98:91:42:30:0e:f6:05:78:d6:f9:37:87:
         59:b0:24:69:2c:85:6d:b2:0e:6c:b4:d9:9b:8d:df:85:ba:84:
         44:7b:5c:c0:e3:79:61:0f:6c:20:57:9e:2b:fc:21:14:30:bf:
         38:32:cc:16:5e:da:1e:9c:67:81:67:4c:57:dc:50:7f:d4:bc:
         44:a2:ec:21:b0:46:6a:a9:cf:d3:39:68:c6:46:8c:7e:13:69:
         f7:67:85:85:98:55:c2:4e:33:63:af:db:d5:43:e6:24:1a:72:
         47:21:21:03
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIURa158EzHo1nHClrRPZouhj1jvNQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI4MDQyMDA2WhcNMjYwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZTY0NzkzZDI0MWM1MjI2NWQ1NTkyNWFhYTYzZWIzNTFi
YTZjZTM2OTEyMDM2ZmU4MGNmYTliY2E0OWExZDZiMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCGipdG2c+VK4FWQdEuBs/T77f0NLU4UHaccyauo3V5iKQa
MbfrX68Kz1K0dwuISIlCnW+djMD9v6F+0uD3eYCQMmTdfaMDpjQOSRjoBMYbcmOn
1eEVpxXEJF1hFPogSqzu/svjnLd/lKN+UX9W0oHB/W6aaRjkrpqrXILg2dGv42mD
fdVQGObiE3etcjKQA2vJzDx1UJtvEuuSHm5t3eMpkhwWwqHBZC7Byob//vgym+Jz
EsQYVUBcLv2wcK/XWK/xOpaipnJ3xYKiul2eABpXsOLDuq21ZaHrb6wSbVl04W9s
f4mINOuQhK9qFmdfQ6Qsd4fVPZnetGSwu3LxQeqBAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU+lM89sXm2iW0d33/sTlXeXueSdMwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2VhNzQ5MTYyLTJmYmYtNDg5Mi05OTRjLTM1OTI2NjBhZWU2Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2TzANBgkqhkiG9w0BAQsFAAOCAQEAHGpeuxCm4aI4Cyt73J0SH6N1JX1W
T0SYHR2tTbXYGAA7snxq9Z2j8A7uUoR/idRphtUgmHiO16FJthbw1hBomXPZN99w
/+DYJynWbnOGi/FDssj0PxguBi+fggoo1TCSV+zBvmJtgJRH1CjHmZSY1K7KDddO
yHGuc89rMM0kxeBmrjSum7AgcyWF0uoPi+RPsJ+qBlOKmJFCMA72BXjW+TeHWbAk
aSyFbbIObLTZm43fhbqERHtcwON5YQ9sIFeeK/whFDC/ODLMFl7aHpxngWdMV9xQ
f9S8RKLsIbBGaqnP0zloxkaMfhNp92eFhZhVwk4zY6/b1UPmJBpyRyEhAw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:24:14 2026 by rpki-client