Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fca6d70d-1316-46fc-b4aa-08847d22c1a7.roa
File:                     fca6d70d-1316-46fc-b4aa-08847d22c1a7.roa (raw, json)
Hash identifier:          arq6QgZPYrSlOg7S/byUVO6dat1qIUkxKWbsozKDtjs=
Subject key identifier:   36:86:B5:AF:ED:3A:49:AF:ED:32:0F:1D:E0:AB:E6:2E:29:CA:1E:48
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7A572DA565A9D6855F9EEDA4C494CCF7AB4F0581
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fca6d70d-1316-46fc-b4aa-08847d22c1a7.roa
Signing time:             Sat 28 Feb 2026 03:31:26 +0000
ROA not before:           Sat 28 Feb 2026 03:31:26 +0000
ROA not after:            Fri 29 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        15.177.106.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:57:2d:a5:65:a9:d6:85:5f:9e:ed:a4:c4:94:cc:f7:ab:4f:05:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 28 03:31:26 2026 GMT
            Not After : May 29 23:59:59 2026 GMT
        Subject: serialNumber=f24c913edb52d972b2fc061e78b65f28ea623fe0c90b553003a0b12f961fbdac, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:50:03:b1:59:13:14:49:14:f5:e7:03:f1:be:
                    e4:8f:54:1b:f5:95:16:6f:aa:49:02:56:3f:aa:37:
                    df:47:ab:eb:8f:c5:e1:d8:3c:aa:aa:5f:b2:31:3e:
                    3b:26:21:1c:73:29:70:35:eb:7b:e9:43:e2:ad:33:
                    99:16:5a:4a:e1:f2:42:c1:78:db:da:f9:90:7e:be:
                    a2:bd:7f:e9:b9:92:73:af:11:45:69:82:6c:ef:15:
                    d1:de:37:b8:b1:3c:af:31:35:79:57:db:d7:67:91:
                    ad:85:fd:4b:94:5a:6d:fe:a3:c2:ec:ec:a8:a9:2c:
                    b7:2b:32:98:f3:1b:9c:95:0a:34:4f:ee:0e:13:a6:
                    0f:a5:29:da:14:be:86:79:de:26:f5:eb:ca:fd:98:
                    34:54:16:63:c2:f1:21:ea:6e:16:62:a3:cc:e4:fb:
                    35:f0:9b:e5:ce:15:bc:8d:2f:82:e9:95:10:7c:14:
                    66:a9:de:84:35:de:5c:52:c4:b6:18:5f:fb:c7:35:
                    24:d3:23:75:95:1e:66:f1:1d:73:a7:60:f1:53:ed:
                    76:ab:6b:05:f9:c7:7b:a4:bf:3f:18:f5:86:d8:8d:
                    9d:8c:4a:09:ca:30:f8:fa:79:15:17:15:81:ac:d9:
                    f2:13:0c:3c:55:84:74:dd:b1:2f:67:e6:11:7b:ea:
                    40:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:86:B5:AF:ED:3A:49:AF:ED:32:0F:1D:E0:AB:E6:2E:29:CA:1E:48
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fca6d70d-1316-46fc-b4aa-08847d22c1a7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.177.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:d9:42:b0:c8:9e:20:3a:c8:68:b8:da:01:8b:3e:c4:cd:cf:
         0e:a6:63:55:ea:6d:bd:15:d6:d2:d9:81:4c:54:1e:99:7b:39:
         08:79:a8:98:c7:f7:78:51:ae:78:c7:74:a5:4d:1c:af:92:dd:
         06:3b:3a:12:2e:fc:b2:3c:5d:ac:d8:89:22:0e:b9:08:d3:5c:
         a4:d8:2e:fc:10:71:87:9a:62:97:65:24:c9:f3:45:31:19:ec:
         56:48:36:48:c5:48:31:5d:35:be:97:a3:2d:14:d6:a7:41:8c:
         34:7d:87:8a:04:17:56:2c:d0:95:b6:dd:2c:68:12:84:6a:8d:
         c2:01:21:08:04:0f:f5:55:6f:32:c0:0c:c3:03:9e:1d:a8:d7:
         6d:60:14:3f:42:be:5f:a2:98:e0:00:d6:b3:d0:8d:b8:4f:1b:
         79:c1:c8:7f:86:87:92:08:25:f2:45:7f:d5:45:3f:7a:cd:2c:
         1b:0b:2f:86:2e:50:74:f1:ba:8e:29:f8:2c:b0:11:bd:40:b8:
         eb:8a:09:ba:20:06:f5:56:99:c8:36:d8:65:cb:85:a5:4d:6d:
         b2:1f:62:cd:e6:44:07:17:fc:d7:cc:b5:65:90:8a:2f:fe:1c:
         e2:ee:7d:e3:c7:95:7b:15:d8:6b:5c:a8:26:15:78:55:91:c7:
         65:e6:ef:ee
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUelctpWWp1oVfnu2kxJTM96tPBYEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI4MDMzMTI2WhcNMjYwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMjRjOTEzZWRiNTJkOTcyYjJmYzA2MWU3OGI2NWYyOGVh
NjIzZmUwYzkwYjU1MzAwM2EwYjEyZjk2MWZiZGFjMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWUAOxWRMUSRT15wPxvuSPVBv1lRZvqkkCVj+qN99Hq+uP
xeHYPKqqX7IxPjsmIRxzKXA163vpQ+KtM5kWWkrh8kLBeNva+ZB+vqK9f+m5knOv
EUVpgmzvFdHeN7ixPK8xNXlX29dnka2F/UuUWm3+o8Ls7KipLLcrMpjzG5yVCjRP
7g4Tpg+lKdoUvoZ53ib168r9mDRUFmPC8SHqbhZio8zk+zXwm+XOFbyNL4LplRB8
FGap3oQ13lxSxLYYX/vHNSTTI3WVHmbxHXOnYPFT7XarawX5x3ukvz8Y9YbYjZ2M
SgnKMPj6eRUXFYGs2fITDDxVhHTdsS9n5hF76kDFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUNoa1r+06Sa/tMg8d4KvmLinKHkgwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2ZjYTZkNzBkLTEzMTYtNDZmYy1iNGFhLTA4ODQ3ZDIyYzFhNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAPsWowDQYJKoZIhvcNAQELBQADggEBAKnZQrDIniA6yGi42gGLPsTNzw6m
Y1Xqbb0V1tLZgUxUHpl7OQh5qJjH93hRrnjHdKVNHK+S3QY7OhIu/LI8XazYiSIO
uQjTXKTYLvwQcYeaYpdlJMnzRTEZ7FZINkjFSDFdNb6Xoy0U1qdBjDR9h4oEF1Ys
0JW23SxoEoRqjcIBIQgED/VVbzLADMMDnh2o121gFD9Cvl+imOAA1rPQjbhPG3nB
yH+Gh5IIJfJFf9VFP3rNLBsLL4YuUHTxuo4p+CywEb1AuOuKCbogBvVWmcg22GXL
haVNbbIfYs3mRAcX/NfMtWWQii/+HOLufePHlXsV2GtcqCYVeFWRx2Xm7+4=
-----END CERTIFICATE-----