Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f9dfe7ea-06c1-4617-a844-a1f05375174d.roa
File:                     f9dfe7ea-06c1-4617-a844-a1f05375174d.roa (raw, json)
Hash identifier:          f2oF0uindcA2QfnohPVqvjqIrhPmC+6EZKWVixxrsy8=
Subject key identifier:   E0:F5:06:C7:6D:5B:31:6C:79:96:BB:FB:0B:B5:C7:73:47:D9:F6:D8
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4C307ED45664760BA1A880B11BA457DBC06A7352
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f9dfe7ea-06c1-4617-a844-a1f05375174d.roa
Signing time:             Tue 24 Feb 2026 03:10:36 +0000
ROA not before:           Tue 24 Feb 2026 03:10:36 +0000
ROA not after:            Mon 25 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.235.232.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:30:7e:d4:56:64:76:0b:a1:a8:80:b1:1b:a4:57:db:c0:6a:73:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 24 03:10:36 2026 GMT
            Not After : May 25 23:59:59 2026 GMT
        Subject: serialNumber=da89f5d4942ad7a8ec3704c8b5c8ca8cd1312892898cd566de9c0303f241b32d, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:51:47:80:fe:09:f2:12:0f:06:49:14:ef:62:
                    64:0c:85:ff:e9:22:82:00:b8:69:a3:3d:18:59:5d:
                    3f:21:14:97:59:f7:13:90:5c:75:e3:99:66:d9:d8:
                    e5:c7:ef:ce:fa:7b:a8:73:96:82:56:24:51:a4:8c:
                    c7:f6:73:f8:98:56:98:e2:2c:a1:50:ee:b7:2b:be:
                    09:f6:c0:a0:0a:f2:eb:4b:8d:1e:ab:fd:b0:54:de:
                    53:c1:1c:aa:e0:41:4f:d7:a8:7c:23:5a:16:72:e3:
                    a8:6a:0f:b0:6a:11:d1:dd:a0:49:07:0e:9d:a9:d9:
                    2e:70:2f:e0:cb:96:99:3d:a0:b9:07:a7:3a:de:29:
                    1a:c4:2b:75:72:18:bf:3e:fa:fb:5e:71:7a:1d:37:
                    57:11:b9:7f:22:a8:23:05:a3:5f:55:d1:52:91:9d:
                    b7:66:f9:c7:2f:7e:a5:28:0a:06:15:df:f3:ae:80:
                    83:95:03:15:7c:37:44:17:06:dd:71:37:75:59:4e:
                    48:e2:e7:78:1c:cd:ca:f8:e7:35:9a:ee:96:27:75:
                    d1:04:6a:b6:3c:31:14:3c:5f:ea:5e:bd:b4:96:78:
                    8d:69:6c:24:f2:f2:0d:86:fc:46:9f:ae:92:4f:d9:
                    94:ab:99:41:04:69:95:ba:c0:10:8c:ec:56:a3:18:
                    f7:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:F5:06:C7:6D:5B:31:6C:79:96:BB:FB:0B:B5:C7:73:47:D9:F6:D8
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f9dfe7ea-06c1-4617-a844-a1f05375174d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.235.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5c:24:30:c7:f8:12:b8:ea:6b:d4:cb:65:52:e2:90:f3:55:44:
         af:fc:19:78:7d:8d:a4:11:51:a0:19:ab:93:1f:21:cd:8f:7e:
         db:4f:67:0a:bc:4e:f8:0e:69:f3:42:95:cf:57:7d:64:39:bc:
         e8:2e:67:c6:1a:aa:a1:9f:e0:32:3d:54:97:be:8a:40:43:b5:
         8a:fd:0d:aa:f9:aa:b1:e9:1e:98:ba:68:e3:04:ca:6a:4f:28:
         33:d6:fd:1f:4d:2a:ea:0a:2d:69:9e:ab:39:df:a5:65:98:01:
         99:fc:c3:cb:75:c9:e1:d1:f2:84:95:2e:9d:c5:ef:13:0d:7c:
         81:8f:e0:66:a2:8a:95:72:81:bf:a9:fd:60:3b:3e:e6:98:83:
         c5:49:f6:7e:80:86:6c:b0:0f:1e:17:d7:da:89:b5:66:7b:92:
         38:8a:8f:cb:9e:74:b7:02:aa:df:df:72:2a:a9:6d:da:14:c8:
         12:16:13:f7:63:88:3a:c8:55:3a:04:d0:6d:4b:91:be:06:9c:
         c0:34:71:3e:d0:31:d8:fa:6a:e4:a4:fa:27:c6:77:11:6b:c6:
         92:fa:fb:27:59:6c:14:55:99:3d:65:d3:89:fc:cb:40:9f:d3:
         be:06:32:4a:85:e5:ed:fc:51:7e:91:38:a5:f4:74:1a:48:dd:
         22:c8:a2:ff
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTDB+1FZkdguhqICxG6RX28Bqc1IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI0MDMxMDM2WhcNMjYwNTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BkYTg5ZjVkNDk0MmFkN2E4ZWMzNzA0YzhiNWM4Y2E4Y2Qx
MzEyODkyODk4Y2Q1NjZkZTljMDMwM2YyNDFiMzJkMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFUUeA/gnyEg8GSRTvYmQMhf/pIoIAuGmjPRhZXT8hFJdZ
9xOQXHXjmWbZ2OXH7876e6hzloJWJFGkjMf2c/iYVpjiLKFQ7rcrvgn2wKAK8utL
jR6r/bBU3lPBHKrgQU/XqHwjWhZy46hqD7BqEdHdoEkHDp2p2S5wL+DLlpk9oLkH
pzreKRrEK3VyGL8++vtecXodN1cRuX8iqCMFo19V0VKRnbdm+ccvfqUoCgYV3/Ou
gIOVAxV8N0QXBt1xN3VZTkji53gczcr45zWa7pYnddEEarY8MRQ8X+pevbSWeI1p
bCTy8g2G/EafrpJP2ZSrmUEEaZW6wBCM7FajGPdnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4PUGx21bMWx5lrv7C7XHc0fZ9tgwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2Y5ZGZlN2VhLTA2YzEtNDYxNy1hODQ0LWExZjA1Mzc1MTc0ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAI26+gwDQYJKoZIhvcNAQELBQADggEBAFwkMMf4Erjqa9TLZVLikPNVRK/8
GXh9jaQRUaAZq5MfIc2PfttPZwq8TvgOafNClc9XfWQ5vOguZ8YaqqGf4DI9VJe+
ikBDtYr9Dar5qrHpHpi6aOMEympPKDPW/R9NKuoKLWmeqznfpWWYAZn8w8t1yeHR
8oSVLp3F7xMNfIGP4GaiipVygb+p/WA7PuaYg8VJ9n6AhmywDx4X19qJtWZ7kjiK
j8uedLcCqt/fciqpbdoUyBIWE/djiDrIVToE0G1Lkb4GnMA0cT7QMdj6auSk+ifG
dxFrxpL6+ydZbBRVmT1l04n8y0Cf074GMkqF5e38UX6ROKX0dBpI3SLIov8=
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:48:29 2026 by rpki-client