Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f185f8bb-54a6-4a09-8db9-eecdc9cec451.roa
File:                     f185f8bb-54a6-4a09-8db9-eecdc9cec451.roa (raw, json)
Hash identifier:          um4GEjwRXflAhTqJQEaMS2IXR1FEt/QeNB1jby1TU7I=
Subject key identifier:   95:70:A1:61:13:51:85:06:65:37:B6:5C:96:50:DE:D5:B1:4E:82:C2
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       1676CE7BB78F852ECA30DB164B9C09E6B09D0776
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f185f8bb-54a6-4a09-8db9-eecdc9cec451.roa
Signing time:             Sat 28 Feb 2026 04:00:52 +0000
ROA not before:           Sat 28 Feb 2026 04:00:52 +0000
ROA not after:            Fri 29 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        52.95.112.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:76:ce:7b:b7:8f:85:2e:ca:30:db:16:4b:9c:09:e6:b0:9d:07:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 28 04:00:52 2026 GMT
            Not After : May 29 23:59:59 2026 GMT
        Subject: serialNumber=efc31b6f288c81a788ff6e81dd46eeaeafe4193dfd2a353e8e50a3ba36ec70fd, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:b9:02:f7:bb:b2:cb:17:f0:92:d4:df:36:25:
                    c4:8f:ae:82:04:cc:0b:88:75:0e:81:fd:02:89:7b:
                    9e:dd:97:1b:0e:80:12:9b:74:9b:54:c7:7d:08:4b:
                    94:a8:6d:12:47:d1:ef:5e:39:2e:65:ba:ba:18:f4:
                    6c:19:8b:bf:f8:9c:f6:f1:a9:0c:14:e5:a5:7a:c5:
                    c4:6c:a5:f0:e4:00:7a:c0:d2:d9:ed:b3:9d:57:e8:
                    f1:40:42:99:f7:4d:0c:80:67:d6:47:94:f6:30:4a:
                    63:0c:78:c8:cd:97:f9:58:35:ca:4f:6f:12:27:07:
                    ba:5c:8d:d1:a6:c3:91:9a:ae:15:03:27:d3:cf:91:
                    42:65:bf:f6:2c:e9:53:33:c4:ec:f7:cf:f9:f1:88:
                    f3:17:b9:e1:23:b8:bc:25:ac:95:5b:6d:c0:f8:87:
                    f5:69:b3:7d:55:e1:3b:ec:f3:45:9b:d7:47:7c:8d:
                    84:f7:cd:f8:3d:da:d0:60:71:0d:a1:55:01:e1:ca:
                    35:6b:8c:6f:67:d6:92:b8:c9:31:f8:3d:d0:26:82:
                    e9:79:55:b8:01:da:82:43:ce:dd:93:88:0c:f6:17:
                    ce:ec:10:a1:d4:8a:ce:a0:ac:10:03:07:ba:3d:28:
                    cf:18:b6:e5:94:3e:fa:02:80:eb:ed:08:86:ee:7d:
                    67:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:70:A1:61:13:51:85:06:65:37:B6:5C:96:50:DE:D5:B1:4E:82:C2
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f185f8bb-54a6-4a09-8db9-eecdc9cec451.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.95.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         00:96:a3:35:bd:a6:1f:e9:ec:d6:de:3f:3b:a2:45:4b:51:3b:
         ae:e3:26:ac:ce:e0:90:98:19:a6:3a:d0:51:71:6f:42:9e:5a:
         f3:62:5e:03:d9:c8:5d:72:e8:1b:b6:7d:c5:42:3a:d2:35:63:
         52:e7:0a:2a:7e:34:d4:bf:cc:7a:b8:1e:3f:14:9d:80:65:eb:
         8c:49:55:e0:4e:28:c3:29:a3:2b:cf:4a:9e:0d:cb:fc:4e:b9:
         b5:c3:5e:84:8e:d0:7f:51:5a:9e:f7:ef:4d:b9:2b:23:53:03:
         4b:a6:e6:eb:c4:be:13:ee:70:87:b9:94:30:48:44:ea:94:2d:
         04:da:01:db:32:46:eb:0b:9a:52:c2:73:af:7d:8a:44:76:52:
         a3:b5:c4:0c:71:da:80:fe:28:69:47:e0:48:12:c0:c0:8f:47:
         8b:e3:02:96:92:04:52:6f:d6:61:5b:01:e6:81:49:b7:ef:37:
         c0:cc:10:7b:36:b4:3b:a1:50:cd:60:64:23:e6:45:9a:a4:92:
         99:14:7c:58:40:8b:cd:82:9a:95:27:01:17:1a:d9:4c:6e:6e:
         4f:d4:d6:9b:b6:00:2a:54:ff:7a:2f:7b:af:98:13:a5:bc:63:
         db:71:07:e5:3b:e6:9e:4d:a1:1e:b7:9b:5e:7a:f8:7d:5f:ff:
         ec:e0:11:4a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFnbOe7ePhS7KMNsWS5wJ5rCdB3YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI4MDQwMDUyWhcNMjYwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZmMzMWI2ZjI4OGM4MWE3ODhmZjZlODFkZDQ2ZWVhZWFm
ZTQxOTNkZmQyYTM1M2U4ZTUwYTNiYTM2ZWM3MGZkMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDUuQL3u7LLF/CS1N82JcSProIEzAuIdQ6B/QKJe57dlxsO
gBKbdJtUx30IS5SobRJH0e9eOS5luroY9GwZi7/4nPbxqQwU5aV6xcRspfDkAHrA
0tnts51X6PFAQpn3TQyAZ9ZHlPYwSmMMeMjNl/lYNcpPbxInB7pcjdGmw5GarhUD
J9PPkUJlv/Ys6VMzxOz3z/nxiPMXueEjuLwlrJVbbcD4h/Vps31V4Tvs80Wb10d8
jYT3zfg92tBgcQ2hVQHhyjVrjG9n1pK4yTH4PdAmgul5VbgB2oJDzt2TiAz2F87s
EKHUis6grBADB7o9KM8YtuWUPvoCgOvtCIbufWfjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUlXChYRNRhQZlN7ZcllDe1bFOgsIwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2YxODVmOGJiLTU0YTYtNGEwOS04ZGI5LWVlY2RjOWNlYzQ1MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQ0X3AwDQYJKoZIhvcNAQELBQADggEBAACWozW9ph/p7NbePzuiRUtRO67j
JqzO4JCYGaY60FFxb0KeWvNiXgPZyF1y6Bu2fcVCOtI1Y1LnCip+NNS/zHq4Hj8U
nYBl64xJVeBOKMMpoyvPSp4Ny/xOubXDXoSO0H9RWp737025KyNTA0um5uvEvhPu
cIe5lDBIROqULQTaAdsyRusLmlLCc699ikR2UqO1xAxx2oD+KGlH4EgSwMCPR4vj
ApaSBFJv1mFbAeaBSbfvN8DMEHs2tDuhUM1gZCPmRZqkkpkUfFhAi82CmpUnARca
2Uxubk/U1pu2ACpU/3ove6+YE6W8Y9txB+U75p5NoR63m156+H1f/+zgEUo=
-----END CERTIFICATE-----