Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fd8582f2-711d-49f5-9208-ce76c6466e79.roa
File:                     fd8582f2-711d-49f5-9208-ce76c6466e79.roa (raw, json)
Hash identifier:          S9eEa8vbHAVPqorkd+sD52v7qd7C79sWZWelzA1O9Rs=
Subject key identifier:   C6:8A:29:82:D2:30:E0:28:23:C0:1E:6E:F9:0C:5F:AC:E8:F0:7B:A8
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       506E9396E0D1C75789470E86062979A146FC6B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fd8582f2-711d-49f5-9208-ce76c6466e79.roa
Signing time:             Sat 28 Feb 2026 04:00:47 +0000
ROA not before:           Sat 28 Feb 2026 04:00:47 +0000
ROA not after:            Fri 29 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        52.95.56.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:6e:93:96:e0:d1:c7:57:89:47:0e:86:06:29:79:a1:46:fc:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 28 04:00:47 2026 GMT
            Not After : May 29 23:59:59 2026 GMT
        Subject: serialNumber=5ecd8d2150b115b983ce27b649b200a410bb0cc46c0761465662250368b23407, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:f6:b2:0b:c8:80:3a:9c:36:da:be:14:50:99:
                    69:07:f9:76:cb:26:81:99:73:81:a9:77:fc:f0:70:
                    2e:e6:13:e7:c9:0d:f0:ca:45:03:63:d3:8f:25:62:
                    67:af:71:31:b7:15:be:4d:37:ae:df:44:46:70:63:
                    a4:78:8d:53:ee:67:02:bb:bc:10:d2:a9:76:92:8b:
                    ff:85:4d:46:d6:c7:89:49:44:19:00:ff:f6:0e:d6:
                    5b:b2:55:db:f6:bb:7e:30:d1:d2:4a:e3:ed:ac:b6:
                    86:fd:7d:e8:4c:14:a6:4c:07:e3:d0:2a:42:5c:10:
                    11:f3:37:ce:37:c5:da:bf:e0:02:f6:70:24:32:ec:
                    b0:20:3c:6b:9c:d4:4a:02:45:9a:98:b0:7e:3e:1b:
                    25:22:d1:fe:f9:e3:e9:4f:0c:b1:8b:36:4b:01:f0:
                    15:c4:f1:3a:0c:9d:77:3a:e8:16:53:9d:9e:60:2f:
                    bc:31:0d:9f:19:33:66:ab:77:df:6a:f2:82:73:37:
                    b3:1a:60:0e:45:5f:be:9c:62:6e:92:6b:b2:bf:b0:
                    ac:02:39:08:c2:91:ab:c2:0a:1c:88:5d:ac:db:a8:
                    77:81:dd:c7:66:c2:05:4b:4a:83:f1:1a:ea:d8:8d:
                    1f:5f:45:17:0b:d8:09:38:88:35:b0:79:f3:1e:bf:
                    37:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:8A:29:82:D2:30:E0:28:23:C0:1E:6E:F9:0C:5F:AC:E8:F0:7B:A8
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fd8582f2-711d-49f5-9208-ce76c6466e79.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.95.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a1:87:79:a4:f6:a0:40:18:3e:74:a8:bd:27:84:8f:b6:03:13:
         ba:1d:bf:ad:a3:b6:55:be:01:cd:75:50:48:25:5b:c5:37:fd:
         16:2d:b2:8e:21:f6:39:fd:4a:32:d5:3e:fe:26:c8:7b:c2:ec:
         0e:a9:6d:a0:82:76:16:70:a8:0c:b9:0f:af:15:7a:35:0e:15:
         be:4b:4d:f4:b2:19:b2:22:c1:eb:86:b7:25:b0:a2:82:bb:ef:
         44:fd:5e:d8:87:d2:f7:94:1b:8c:4f:70:e9:ce:f9:ca:2b:5a:
         4f:c5:ed:2d:97:e1:34:2e:ea:55:2b:0e:62:53:a6:cb:06:98:
         57:68:c1:5f:86:8c:50:d2:19:ad:a0:3e:e9:0c:43:03:d8:40:
         a6:ec:cb:fc:07:06:a7:52:ae:64:ca:a9:34:95:d8:4d:5a:9a:
         c1:00:ca:d5:24:b6:2a:16:00:95:5a:be:74:57:26:06:b7:28:
         72:50:c2:d6:e5:bf:a5:67:86:ce:6d:f8:57:f7:41:ae:18:c5:
         74:f5:c0:35:b1:05:37:02:9c:c9:3d:82:f6:77:a7:a3:ac:2e:
         28:f3:42:0e:7f:92:23:b3:8e:d8:f2:9b:2e:75:f3:87:0e:ad:
         e0:73:4c:cd:07:02:80:6b:29:f5:0d:da:ae:9f:72:2d:f0:f1:
         f7:a7:7a:23
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITUG6TluDRx1eJRw6GBil5oUb8azANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzJkZjZmM2IzYTM0YjYzODZkMWEzMmQ4ZjRmYTMxNzhlZjMx
ODg3ZDhiNDI4ZGZhYTQ3NjAeFw0yNjAyMjgwNDAwNDdaFw0yNjA1MjkyMzU5NTla
MHoxSTBHBgNVBAUTQDVlY2Q4ZDIxNTBiMTE1Yjk4M2NlMjdiNjQ5YjIwMGE0MTBi
YjBjYzQ2YzA3NjE0NjU2NjIyNTAzNjhiMjM0MDcxLTArBgNVBAMTJDVmMjc2MDQ1
LTViOWYtNDVlZi05MjNkLWYzZmNlMjRhNjIyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALv2sgvIgDqcNtq+FFCZaQf5dssmgZlzgal3/PBwLuYT58kN
8MpFA2PTjyViZ69xMbcVvk03rt9ERnBjpHiNU+5nAru8ENKpdpKL/4VNRtbHiUlE
GQD/9g7WW7JV2/a7fjDR0krj7ay2hv196EwUpkwH49AqQlwQEfM3zjfF2r/gAvZw
JDLssCA8a5zUSgJFmpiwfj4bJSLR/vnj6U8MsYs2SwHwFcTxOgyddzroFlOdnmAv
vDENnxkzZqt332rygnM3sxpgDkVfvpxibpJrsr+wrAI5CMKRq8IKHIhdrNuod4Hd
x2bCBUtKg/Ea6tiNH19FFwvYCTiINbB58x6/N6ECAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBTGiimC0jDgKCPAHm75DF+s6PB7qDAfBgNVHSMEGDAWgBQlrdNCsB63pY6t
GZAmiLVLP4H0uDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzg1MWNlZjE3LTEz
MmEtNDMzNy1iN2QxLWJmMTZhNTJmZmQwMy9kZjZmM2IzYTM0YjYzODZkMWEzMmQ4
ZjRmYTMxNzhlZjMxODg3ZDhiNDI4ZGZhYTQ3Ni5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9mNzAzNjk2ZS1lNDdiLTRjMjAtYmQ5My02Zjgw
OTA0ZTQyZDIvZmQ4NTgyZjItNzExZC00OWY1LTkyMDgtY2U3NmM2NDY2ZTc5LnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMt
NmY4MDkwNGU0MmQyL3RqaHRHakxZOVBveGVPOHhpSDJMUW8zNnBIWS5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAjRfODANBgkqhkiG9w0BAQsFAAOCAQEAoYd5pPagQBg+dKi9J4SPtgMTuh2/
raO2Vb4BzXVQSCVbxTf9Fi2yjiH2Of1KMtU+/ibIe8LsDqltoIJ2FnCoDLkPrxV6
NQ4VvktN9LIZsiLB64a3JbCigrvvRP1e2IfS95QbjE9w6c75yitaT8XtLZfhNC7q
VSsOYlOmywaYV2jBX4aMUNIZraA+6QxDA9hApuzL/AcGp1KuZMqpNJXYTVqawQDK
1SS2KhYAlVq+dFcmBrcoclDC1uW/pWeGzm34V/dBrhjFdPXANbEFNwKcyT2C9nen
o6wuKPNCDn+SI7OO2PKbLnXzhw6t4HNMzQcCgGsp9Q3arp9yLfDx96d6Iw==
-----END CERTIFICATE-----