Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f1b64b94-b1ab-4ac2-acf5-cc70cdd284b5.roa
File:                     f1b64b94-b1ab-4ac2-acf5-cc70cdd284b5.roa (raw, json)
Hash identifier:          3tU5yU0zjlc0lq3M9w48nBteiypxgebpz3lVtqvtydE=
Subject key identifier:   5F:F3:87:D1:E0:2F:3B:19:42:E3:E0:02:40:D9:41:8C:3E:45:B0:E8
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0AB53B5B852768EDCDDDD795FA23C22FA892594F
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f1b64b94-b1ab-4ac2-acf5-cc70cdd284b5.roa
Signing time:             Tue 17 Feb 2026 01:01:01 +0000
ROA not before:           Tue 17 Feb 2026 01:01:01 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        141.139.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:b5:3b:5b:85:27:68:ed:cd:dd:d7:95:fa:23:c2:2f:a8:92:59:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 17 01:01:01 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=e257b37daac0aa3c14f03874b735e4ff7df400c60ea4d2f2a18a406728e26f6d, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:45:0a:11:62:8d:7b:b5:af:03:4a:2c:2d:72:
                    8b:93:bf:f0:28:fe:32:0b:c1:5f:14:93:c7:cb:8e:
                    07:e0:2c:38:bb:f9:e3:57:ac:72:99:ff:87:fa:36:
                    27:e5:d8:f8:10:18:17:e8:26:7f:33:a3:ad:9f:9e:
                    7a:37:ed:e2:9b:0f:44:2c:94:3c:2e:12:af:92:74:
                    06:16:7e:ef:48:01:c5:64:d5:6e:73:c2:24:f7:c7:
                    6f:a6:a7:70:17:ae:c4:a8:7a:72:03:d5:21:3e:84:
                    c1:38:0e:ed:df:f8:8e:8a:00:1b:d2:71:5c:71:95:
                    c6:cb:42:e8:f9:dd:3d:40:56:21:5a:8c:cc:7e:82:
                    e7:05:66:c4:f5:20:1e:a7:f6:71:c4:02:9f:b1:c8:
                    f9:a5:29:de:a7:19:6f:a7:60:db:cf:31:fe:0d:ee:
                    78:dd:a1:2c:75:09:a9:9f:41:fe:6b:4c:9c:85:4d:
                    81:b3:6a:d5:65:d6:21:60:71:02:15:8a:7e:85:d5:
                    fb:d2:86:e3:51:2d:9e:db:8d:8b:82:11:16:44:15:
                    ec:01:64:e3:29:15:f2:32:22:dd:ed:b0:77:d4:9c:
                    b8:b6:3d:d3:df:5c:8f:fc:66:ab:b0:61:33:fb:af:
                    57:87:fd:9a:02:ee:e2:d2:b8:4c:21:ce:75:9e:e6:
                    97:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:F3:87:D1:E0:2F:3B:19:42:E3:E0:02:40:D9:41:8C:3E:45:B0:E8
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f1b64b94-b1ab-4ac2-acf5-cc70cdd284b5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.139.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         9d:66:6f:04:b3:f8:81:fc:b8:df:69:55:81:da:de:e7:59:b3:
         b2:23:a2:4f:cf:35:41:0b:85:a7:f1:68:de:02:e9:0c:b0:48:
         8e:2c:9c:01:0a:ef:02:47:ac:d0:fe:16:99:59:1f:35:e4:8a:
         41:39:04:2b:73:9f:15:00:f2:2d:40:f4:da:60:3c:a9:f5:fa:
         e4:1d:59:cf:7c:87:0b:b7:75:e4:50:75:c6:96:7e:5a:40:50:
         fe:ff:50:73:d0:0e:e0:8e:a3:a1:86:18:0b:c1:02:7e:11:e2:
         61:49:e6:d7:cd:07:96:c2:bf:14:59:c8:80:68:60:5c:ca:4e:
         26:bd:ee:52:b2:e1:95:2d:8d:5c:3b:2e:93:ae:91:60:a6:6b:
         dd:85:62:0e:45:f4:8f:7b:43:64:eb:f9:f6:3d:bb:c1:4f:45:
         e5:e4:0c:e0:4a:05:69:0c:ff:8d:e3:71:6d:09:d0:3e:bf:79:
         82:f4:63:e9:ee:47:93:5d:2a:10:b6:a0:d3:df:a8:00:4b:ca:
         b7:a3:80:58:db:0d:80:5e:15:d3:71:0f:c8:be:6d:b7:a9:97:
         b2:ec:0e:4f:0b:67:a9:e8:c1:fc:3d:9a:21:42:6f:85:93:e5:
         96:b5:d9:38:92:27:d7:36:66:ff:b4:c2:92:1a:4d:41:54:c6:
         67:47:fd:e5
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUCrU7W4UnaO3N3deV+iPCL6iSWU8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjE3MDEwMTAxWhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BlMjU3YjM3ZGFhYzBhYTNjMTRmMDM4NzRiNzM1ZTRmZjdk
ZjQwMGM2MGVhNGQyZjJhMThhNDA2NzI4ZTI2ZjZkMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXRQoRYo17ta8DSiwtcouTv/Ao/jILwV8Uk8fLjgfgLDi7
+eNXrHKZ/4f6Nifl2PgQGBfoJn8zo62fnno37eKbD0QslDwuEq+SdAYWfu9IAcVk
1W5zwiT3x2+mp3AXrsSoenID1SE+hME4Du3f+I6KABvScVxxlcbLQuj53T1AViFa
jMx+gucFZsT1IB6n9nHEAp+xyPmlKd6nGW+nYNvPMf4N7njdoSx1CamfQf5rTJyF
TYGzatVl1iFgcQIVin6F1fvShuNRLZ7bjYuCERZEFewBZOMpFfIyIt3tsHfUnLi2
PdPfXI/8ZquwYTP7r1eH/ZoC7uLSuEwhznWe5pfTAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUX/OH0eAvOxlC4+ACQNlBjD5FsOgwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2YxYjY0Yjk0LWIxYWItNGFjMi1hY2Y1LWNjNzBjZGQyODRiNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCNizANBgkqhkiG9w0BAQsFAAOCAQEAnWZvBLP4gfy432lVgdre51mzsiOi
T881QQuFp/Fo3gLpDLBIjiycAQrvAkes0P4WmVkfNeSKQTkEK3OfFQDyLUD02mA8
qfX65B1Zz3yHC7d15FB1xpZ+WkBQ/v9Qc9AO4I6joYYYC8ECfhHiYUnm180HlsK/
FFnIgGhgXMpOJr3uUrLhlS2NXDsuk66RYKZr3YViDkX0j3tDZOv59j27wU9F5eQM
4EoFaQz/jeNxbQnQPr95gvRj6e5Hk10qELag09+oAEvKt6OAWNsNgF4V03EPyL5t
t6mXsuwOTwtnqejB/D2aIUJvhZPllrXZOJIn1zZm/7TCkhpNQVTGZ0f95Q==
-----END CERTIFICATE-----