Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2017c636-3c80-4aff-817c-ddf18477cc2b.roa
File:                     2017c636-3c80-4aff-817c-ddf18477cc2b.roa (raw, json)
Hash identifier:          OX+ICH5llBIWokw0ylDwpXM0uSoZeqdflFYHelnYfkA=
Subject key identifier:   3B:41:00:3E:AD:6A:0A:D4:64:8F:17:30:07:54:3E:50:35:D9:3F:3D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       D8C26D4DE50DF37B7F6F99AE5506573A41A22B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2017c636-3c80-4aff-817c-ddf18477cc2b.roa
Signing time:             Tue 12 May 2026 00:41:15 +0000
ROA not before:           Tue 12 May 2026 00:41:15 +0000
ROA not after:            Mon 10 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        130.176.239.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 14 May 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            d8:c2:6d:4d:e5:0d:f3:7b:7f:6f:99:ae:55:06:57:3a:41:a2:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 12 00:41:15 2026 GMT
            Not After : Aug 10 23:59:59 2026 GMT
        Subject: serialNumber=93c0e416253e1d9e105d52efa72c1134a8b5c73fd1c1c9e4f68510525f2a0998, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:f1:7d:47:7a:ec:b8:4d:9e:f2:4c:47:7f:4b:
                    46:5e:f4:13:e3:a2:61:7f:57:23:5e:3b:ed:c9:57:
                    8f:37:ca:f9:09:96:b6:6d:f6:55:43:5d:5e:a8:c5:
                    6f:b5:e3:9e:75:97:9f:f4:1f:41:ef:bc:e1:5d:cb:
                    b8:8f:c1:ed:86:81:90:f0:e8:9f:3e:d3:4f:dd:5c:
                    dc:05:67:fb:b0:f3:ab:aa:e3:f0:ca:56:02:c1:ee:
                    e9:48:01:51:59:6b:ef:34:b2:85:e3:10:20:f0:a2:
                    ce:54:18:77:a1:62:80:66:e9:48:f5:d8:a5:b7:2e:
                    69:39:f3:0b:18:31:b7:11:cb:18:68:4b:67:f0:42:
                    d2:aa:a5:9c:07:c6:fa:d7:a3:89:6f:fc:cc:06:2c:
                    63:d1:34:11:c1:1a:3e:71:86:e7:c7:e7:fc:90:f4:
                    38:fa:3d:9f:69:ac:b9:46:db:a9:45:8e:a2:1a:23:
                    cd:87:88:69:47:7f:70:b7:e3:06:62:2f:ea:df:9b:
                    a4:9a:f5:54:37:3e:66:a1:f2:a2:d7:d6:ae:47:68:
                    a6:da:26:3d:3b:3d:94:fa:99:96:6f:87:dd:45:68:
                    c5:65:ef:cc:09:0a:96:77:37:a6:98:34:61:bd:ac:
                    39:37:a8:76:73:6a:05:5a:6f:9c:cf:39:c3:a6:92:
                    a4:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:41:00:3E:AD:6A:0A:D4:64:8F:17:30:07:54:3E:50:35:D9:3F:3D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2017c636-3c80-4aff-817c-ddf18477cc2b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.176.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:e1:00:58:8c:32:5e:1e:df:9c:4e:7c:01:c7:70:ce:d6:71:
         4d:c1:e4:16:19:56:cc:a2:a7:ec:19:d4:60:a5:a6:c7:e5:9c:
         9c:f9:d2:07:c0:5c:8d:67:92:ff:35:15:fd:d9:55:50:3b:86:
         59:6b:09:70:85:74:0c:4c:7d:de:d1:b5:da:64:19:9b:88:f7:
         72:ae:fe:18:36:35:33:5d:ad:e4:a6:46:ef:9e:f5:63:29:25:
         b5:15:5d:65:f6:94:f6:7e:99:3c:ea:aa:ed:1b:8f:df:a7:02:
         43:5c:a9:76:e1:94:98:24:43:db:1a:96:fd:f3:f8:9f:fa:95:
         bd:71:b7:db:b4:8b:15:b4:80:26:3d:f5:85:2e:0a:f8:cc:b9:
         62:38:68:38:a0:57:48:cc:a5:1a:ce:90:10:64:63:45:9e:f8:
         03:e2:f9:b9:b8:85:15:2f:d9:18:cb:92:99:2e:f4:5b:96:09:
         89:6d:db:32:81:df:da:c5:49:69:bb:f7:a0:5f:d7:22:1e:8b:
         75:a0:39:ef:89:ce:0f:33:a4:68:b1:ff:d7:0d:56:9d:69:fd:
         48:c7:ed:24:32:11:d8:7b:e2:bf:d0:34:19:3e:0d:2d:70:1a:
         75:e4:b6:8c:ae:fb:29:6e:73:75:ea:63:fd:a6:0d:e5:24:f3:
         36:54:a8:57
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUANjCbU3lDfN7f2+ZrlUGVzpBoiswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTEyMDA0MTE1WhcNMjYwODEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A5M2MwZTQxNjI1M2UxZDllMTA1ZDUyZWZhNzJjMTEzNGE4
YjVjNzNmZDFjMWM5ZTRmNjg1MTA1MjVmMmEwOTk4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC18X1Heuy4TZ7yTEd/S0Ze9BPjomF/VyNeO+3JV483yvkJ
lrZt9lVDXV6oxW+14551l5/0H0HvvOFdy7iPwe2GgZDw6J8+00/dXNwFZ/uw86uq
4/DKVgLB7ulIAVFZa+80soXjECDwos5UGHehYoBm6Uj12KW3Lmk58wsYMbcRyxho
S2fwQtKqpZwHxvrXo4lv/MwGLGPRNBHBGj5xhufH5/yQ9Dj6PZ9prLlG26lFjqIa
I82HiGlHf3C34wZiL+rfm6Sa9VQ3Pmah8qLX1q5HaKbaJj07PZT6mZZvh91FaMVl
78wJCpZ3N6aYNGG9rDk3qHZzagVab5zPOcOmkqQRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUO0EAPq1qCtRkjxcwB1Q+UDXZPz0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIwMTdjNjM2LTNjODAtNGFmZi04MTdjLWRkZjE4NDc3Y2MyYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACCsO8wDQYJKoZIhvcNAQELBQADggEBACXhAFiMMl4e35xOfAHHcM7WcU3B
5BYZVsyip+wZ1GClpsflnJz50gfAXI1nkv81Ff3ZVVA7hllrCXCFdAxMfd7Rtdpk
GZuI93Ku/hg2NTNdreSmRu+e9WMpJbUVXWX2lPZ+mTzqqu0bj9+nAkNcqXbhlJgk
Q9salv3z+J/6lb1xt9u0ixW0gCY99YUuCvjMuWI4aDigV0jMpRrOkBBkY0We+APi
+bm4hRUv2RjLkpku9FuWCYlt2zKB39rFSWm796Bf1yIei3WgOe+Jzg8zpGix/9cN
Vp1p/UjH7SQyEdh74r/QNBk+DS1wGnXktoyu+yluc3XqY/2mDeUk8zZUqFc=
-----END CERTIFICATE-----