Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/78823995-1ea3-458b-919e-48e1b3b2cfc4.roa
File:                     78823995-1ea3-458b-919e-48e1b3b2cfc4.roa (raw, json)
Hash identifier:          k6ofnQF5Se34ojCJRO3HBk8jrgXV51iqkQwsN2ZA8DM=
Subject key identifier:   0B:E7:48:FA:25:D3:1C:38:A3:BA:D1:10:8B:F5:CF:C3:48:DB:AB:3E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       558C74AB18A066F3D82C3AD5F4D188E120C622B3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/78823995-1ea3-458b-919e-48e1b3b2cfc4.roa
Signing time:             Tue 28 Apr 2026 00:30:47 +0000
ROA not before:           Tue 28 Apr 2026 00:30:47 +0000
ROA not after:            Mon 27 Jul 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        129.30.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 14 May 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:8c:74:ab:18:a0:66:f3:d8:2c:3a:d5:f4:d1:88:e1:20:c6:22:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 28 00:30:47 2026 GMT
            Not After : Jul 27 23:59:59 2026 GMT
        Subject: serialNumber=5f9c8751850aebf10035fb31944adda0baa35f698b9d0d2097f09f43efaa07bc, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:69:69:ca:4f:d3:8b:c0:02:e5:d3:16:03:7b:
                    83:9d:d4:d5:05:6b:cf:9e:97:80:b6:33:a3:82:ff:
                    e1:35:d3:e3:9f:22:57:9f:4c:7e:37:1a:96:36:40:
                    54:54:94:bf:71:46:1b:14:bc:ea:92:7b:b3:55:44:
                    87:89:a9:39:e3:2c:ef:a2:b6:9d:ae:86:04:ee:8e:
                    2e:48:51:06:c8:7d:26:07:48:65:a7:54:45:a1:76:
                    78:cf:40:0b:01:cb:66:e9:9c:d3:7c:d0:0b:ca:33:
                    e2:d3:35:5d:5a:75:b8:80:96:eb:d4:17:4a:93:2d:
                    ac:ed:66:67:b9:1d:20:c0:1b:5b:8e:14:af:9f:b1:
                    1a:51:d1:75:31:fb:9d:32:8c:9c:37:57:b8:d8:ad:
                    41:82:a1:ff:3b:6f:f4:bd:19:52:9e:c7:44:7c:74:
                    85:ba:68:43:d6:94:20:07:8e:72:3f:9e:cb:a8:3b:
                    23:e5:6f:69:f9:bf:8e:bd:33:36:60:99:19:11:53:
                    8c:c9:73:71:84:d1:3e:f8:20:60:87:fd:f2:e9:f6:
                    80:cd:7e:ba:96:58:72:bb:0e:66:d6:98:d2:05:34:
                    82:a4:b7:20:be:7c:4e:f8:8e:8d:d8:28:e4:71:5a:
                    19:ef:3d:96:8a:5f:8d:8a:6c:4c:5a:fa:83:8f:90:
                    41:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:E7:48:FA:25:D3:1C:38:A3:BA:D1:10:8B:F5:CF:C3:48:DB:AB:3E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/78823995-1ea3-458b-919e-48e1b3b2cfc4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  129.30.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         81:47:be:b0:6c:fe:1a:61:07:aa:a6:69:d4:d9:fd:c6:76:b8:
         dc:0b:90:15:11:ce:c5:76:f0:ce:e6:eb:48:16:56:f5:e8:86:
         c1:a2:83:ed:19:1e:1c:17:e0:4f:d9:d5:7e:14:92:e1:be:28:
         db:87:a5:fb:40:14:41:a4:f7:02:7c:9d:09:52:a9:a4:ef:42:
         30:f0:ee:41:7c:44:f7:48:41:c2:ea:cd:17:2b:9a:25:06:c9:
         7a:95:69:26:b8:60:75:92:f3:46:63:f2:f2:fc:c7:b8:88:ba:
         a1:45:03:85:f2:05:c9:26:31:cd:5a:31:4e:5f:dd:26:22:63:
         e5:85:80:dd:50:49:90:b7:63:8f:c4:12:6a:0e:28:b0:46:a1:
         d7:6b:84:86:c5:ef:9b:0e:de:33:ab:fb:5a:f4:e9:38:62:dd:
         88:39:a7:62:bc:d1:94:42:ea:bd:5b:d3:cd:35:83:18:0f:25:
         8d:d2:39:15:36:3f:74:41:36:0d:0d:b5:c1:6c:dc:26:c8:5f:
         19:b2:36:88:0f:50:eb:de:f4:8e:3e:4f:61:0d:56:3e:65:de:
         a7:d5:f1:1e:aa:d8:ae:ae:16:02:eb:f6:94:0e:53:2c:3f:88:
         39:a0:7d:04:4a:6f:66:eb:2d:3f:1e:b5:4e:82:25:d6:fd:28:
         22:da:6a:5a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUVYx0qxigZvPYLDrV9NGI4SDGIrMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNDI4MDAzMDQ3WhcNMjYwNzI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZjljODc1MTg1MGFlYmYxMDAzNWZiMzE5NDRhZGRhMGJh
YTM1ZjY5OGI5ZDBkMjA5N2YwOWY0M2VmYWEwN2JjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxaWnKT9OLwALl0xYDe4Od1NUFa8+el4C2M6OC/+E10+Of
IlefTH43GpY2QFRUlL9xRhsUvOqSe7NVRIeJqTnjLO+itp2uhgTuji5IUQbIfSYH
SGWnVEWhdnjPQAsBy2bpnNN80AvKM+LTNV1adbiAluvUF0qTLaztZme5HSDAG1uO
FK+fsRpR0XUx+50yjJw3V7jYrUGCof87b/S9GVKex0R8dIW6aEPWlCAHjnI/nsuo
OyPlb2n5v469MzZgmRkRU4zJc3GE0T74IGCH/fLp9oDNfrqWWHK7DmbWmNIFNIKk
tyC+fE74jo3YKORxWhnvPZaKX42KbExa+oOPkEF1AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUC+dI+iXTHDijutEQi/XPw0jbqz4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc4ODIzOTk1LTFlYTMtNDU4Yi05MTllLTQ4ZTFiM2IyY2ZjNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCBHjANBgkqhkiG9w0BAQsFAAOCAQEAgUe+sGz+GmEHqqZp1Nn9xna43AuQ
FRHOxXbwzubrSBZW9eiGwaKD7RkeHBfgT9nVfhSS4b4o24el+0AUQaT3AnydCVKp
pO9CMPDuQXxE90hBwurNFyuaJQbJepVpJrhgdZLzRmPy8vzHuIi6oUUDhfIFySYx
zVoxTl/dJiJj5YWA3VBJkLdjj8QSag4osEah12uEhsXvmw7eM6v7WvTpOGLdiDmn
YrzRlELqvVvTzTWDGA8ljdI5FTY/dEE2DQ21wWzcJshfGbI2iA9Q6970jj5PYQ1W
PmXep9XxHqrYrq4WAuv2lA5TLD+IOaB9BEpvZustPx61ToIl1v0oItpqWg==
-----END CERTIFICATE-----