Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ede7f351-4d0f-4c75-9915-6673e09863e1.roa
File:                     ede7f351-4d0f-4c75-9915-6673e09863e1.roa (raw, json)
Hash identifier:          HG6q3zBU1Ko9MDoCDx4PmqDCYzJ6qwDFmy0lWIVsGVk=
Subject key identifier:   A8:CA:45:89:90:A8:15:10:6A:A4:F9:4F:1B:EE:77:6B:5D:EC:96:74
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5E4DC41B401F6134CAD5C2C146D8D0DF18E76B96
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ede7f351-4d0f-4c75-9915-6673e09863e1.roa
Signing time:             Tue 17 Feb 2026 00:50:10 +0000
ROA not before:           Tue 17 Feb 2026 00:50:10 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        52.15.64.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:4d:c4:1b:40:1f:61:34:ca:d5:c2:c1:46:d8:d0:df:18:e7:6b:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 17 00:50:10 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=9c95b4c901883f39e66002fa222dbcebbcaf5355a17d9b5add643b847aef7849, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:1c:54:f8:f6:01:f7:9d:ca:06:e7:6c:b7:4f:
                    57:90:40:d0:1d:e7:0a:56:db:b8:e8:8e:f2:bf:bb:
                    a2:b4:be:2b:52:05:1e:64:ba:03:a9:0e:65:e7:8a:
                    d3:bc:1a:08:96:1e:83:93:9a:fa:ad:04:2e:0d:8e:
                    ae:f3:30:cc:0c:bb:a8:be:4c:aa:a0:29:f1:9d:94:
                    24:05:cc:45:22:45:0b:9f:c3:2b:3f:de:56:6e:b5:
                    b7:d6:66:83:d2:4f:9c:fc:5b:16:9d:42:d5:cd:df:
                    f0:31:eb:fd:cc:35:1d:b1:80:b6:82:73:1d:84:7b:
                    a5:49:62:75:a8:bb:23:0e:bf:cc:a5:29:80:c5:bc:
                    7b:50:9d:6c:e7:48:1f:d1:d9:9b:c0:0a:71:9e:b0:
                    99:a9:a2:c8:cc:ce:d0:3a:4f:d6:68:f3:e7:b9:4c:
                    82:34:59:c6:46:d3:73:d4:97:11:b8:45:83:24:96:
                    77:53:c5:3b:46:6e:2b:f1:cd:f8:a5:a2:f9:ed:38:
                    97:26:a6:7a:e2:d1:64:3e:cd:26:3c:1c:e6:3b:3e:
                    d9:b0:22:35:3c:6d:ed:b8:58:c1:18:d0:ef:50:59:
                    30:45:20:60:16:9d:b5:f4:36:32:05:5b:7d:7a:96:
                    fd:3a:69:6e:df:dd:80:29:eb:5c:a8:48:e6:87:8d:
                    04:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:CA:45:89:90:A8:15:10:6A:A4:F9:4F:1B:EE:77:6B:5D:EC:96:74
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ede7f351-4d0f-4c75-9915-6673e09863e1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.15.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         a2:0e:73:9a:28:ec:89:13:cf:0e:28:ec:e2:fe:de:cd:57:21:
         4b:a0:01:5b:a9:bb:b6:4b:cb:b5:93:fc:f0:20:a6:21:bd:30:
         eb:08:cf:d2:4e:ce:70:b4:b6:ba:c5:5c:2a:d8:12:62:37:32:
         47:c2:a2:be:b4:26:e7:25:8f:cf:56:d3:6e:e9:59:69:45:ba:
         f8:1a:4c:29:42:c7:16:49:17:d4:e8:f0:d2:9a:79:5a:e8:79:
         47:2a:a9:7d:5e:7e:4e:b9:32:7d:70:e4:e2:80:3d:c3:f6:e2:
         7b:ff:58:b4:fe:74:e8:e0:94:79:1c:11:de:b1:36:69:4e:b9:
         c3:94:46:c1:7b:22:59:99:07:5c:42:68:92:4e:f5:ac:28:0f:
         4e:3e:d5:d7:95:8a:bc:a0:bc:c2:6e:2f:e5:a1:c3:94:86:18:
         dc:21:e1:b5:6d:f3:20:37:80:78:0e:57:1a:e6:67:6a:42:ee:
         12:39:e1:74:0a:de:b9:40:da:90:5d:91:07:11:b9:25:99:ed:
         5f:0f:c0:66:f9:1c:d5:e1:90:99:85:3e:bc:f7:6d:58:73:14:
         e6:b0:32:85:9d:d3:c8:e9:6f:91:d0:72:4b:3b:36:d5:e8:5d:
         cd:58:1a:13:14:11:ae:40:b7:8e:ff:3a:c7:71:da:10:d7:3f:
         73:0d:1b:85
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXk3EG0AfYTTK1cLBRtjQ3xjna5YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjE3MDA1MDEwWhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A5Yzk1YjRjOTAxODgzZjM5ZTY2MDAyZmEyMjJkYmNlYmJj
YWY1MzU1YTE3ZDliNWFkZDY0M2I4NDdhZWY3ODQ5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDHFT49gH3ncoG52y3T1eQQNAd5wpW27jojvK/u6K0vitS
BR5kugOpDmXnitO8GgiWHoOTmvqtBC4Njq7zMMwMu6i+TKqgKfGdlCQFzEUiRQuf
wys/3lZutbfWZoPST5z8WxadQtXN3/Ax6/3MNR2xgLaCcx2Ee6VJYnWouyMOv8yl
KYDFvHtQnWznSB/R2ZvACnGesJmposjMztA6T9Zo8+e5TII0WcZG03PUlxG4RYMk
lndTxTtGbivxzfilovntOJcmpnri0WQ+zSY8HOY7PtmwIjU8be24WMEY0O9QWTBF
IGAWnbX0NjIFW316lv06aW7f3YAp61yoSOaHjQQxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUqMpFiZCoFRBqpPlPG+53a13slnQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2VkZTdmMzUxLTRkMGYtNGM3NS05OTE1LTY2NzNlMDk4NjNlMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAY0D0AwDQYJKoZIhvcNAQELBQADggEBAKIOc5oo7IkTzw4o7OL+3s1XIUug
AVupu7ZLy7WT/PAgpiG9MOsIz9JOznC0trrFXCrYEmI3MkfCor60Juclj89W027p
WWlFuvgaTClCxxZJF9To8NKaeVroeUcqqX1efk65Mn1w5OKAPcP24nv/WLT+dOjg
lHkcEd6xNmlOucOURsF7IlmZB1xCaJJO9awoD04+1deVirygvMJuL+Whw5SGGNwh
4bVt8yA3gHgOVxrmZ2pC7hI54XQK3rlA2pBdkQcRuSWZ7V8PwGb5HNXhkJmFPrz3
bVhzFOawMoWd08jpb5HQcks7NtXoXc1YGhMUEa5At47/Osdx2hDXP3MNG4U=
-----END CERTIFICATE-----