Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/74fa5671-aa1e-4029-8231-1f417907916f.roa
File:                     74fa5671-aa1e-4029-8231-1f417907916f.roa (raw, json)
Hash identifier:          nnQO1OvOI3LdJUj7VYfIu0jacnUHfNQXxKsQkz17gwQ=
Subject key identifier:   9E:CB:47:09:08:A2:FB:A5:D9:2F:16:E2:DD:A2:A7:3E:72:8D:AB:DB
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       52984EAADF4B11F97FCD4D98252A8A199D792FE0
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/74fa5671-aa1e-4029-8231-1f417907916f.roa
Signing time:             Mon 11 May 2026 00:50:41 +0000
ROA not before:           Mon 11 May 2026 00:50:41 +0000
ROA not after:            Sun 09 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        205.251.249.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 14 May 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:98:4e:aa:df:4b:11:f9:7f:cd:4d:98:25:2a:8a:19:9d:79:2f:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: May 11 00:50:41 2026 GMT
            Not After : Aug  9 23:59:59 2026 GMT
        Subject: serialNumber=b3f0068569865cc0519fa1a3bbc41d0c98a2fcb3d27b6118558585525e02ec7e, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:a7:97:87:c8:b0:8c:8b:40:c0:9a:eb:f7:0a:
                    c2:46:bb:83:78:ed:ff:2a:85:22:03:31:c0:86:cc:
                    49:f6:65:0c:41:5f:12:b5:45:15:2e:4c:e2:98:3c:
                    58:63:8d:16:81:64:61:97:58:c1:75:d7:26:f6:27:
                    e0:d6:17:14:1c:f6:3f:ae:99:32:2d:04:2d:e7:3c:
                    84:92:96:43:79:77:f8:d0:c6:b2:1c:c5:95:b8:8c:
                    06:0e:78:b4:2c:a6:64:0b:dd:5e:96:8e:c4:1a:e0:
                    38:fd:2a:86:d7:53:74:a2:27:c3:f7:66:09:e1:d6:
                    45:34:4c:95:43:58:4f:54:3f:7e:35:ec:89:b2:61:
                    e3:25:43:42:14:7f:b2:9b:49:c1:ea:2c:15:db:8c:
                    72:0e:13:6a:00:65:ae:aa:c5:d7:d2:54:1d:84:4f:
                    05:64:38:02:05:0f:e5:77:8c:47:5a:b0:cd:5b:18:
                    81:c9:31:93:7a:2d:7a:dc:37:c6:7d:7f:a4:36:95:
                    75:0f:4f:fe:75:54:2e:3b:07:ec:c7:0d:08:7f:8d:
                    d5:68:57:0b:7a:f8:6d:46:48:66:ad:14:75:fe:7f:
                    94:2f:e4:68:11:84:f1:67:a9:76:1f:4b:79:bd:b5:
                    9d:3c:d6:41:a5:a1:53:d3:b0:45:c5:e9:77:59:9f:
                    23:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:CB:47:09:08:A2:FB:A5:D9:2F:16:E2:DD:A2:A7:3E:72:8D:AB:DB
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/74fa5671-aa1e-4029-8231-1f417907916f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  205.251.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:33:16:28:80:6c:ce:31:af:0e:f1:16:32:e1:5f:b7:8a:3e:
         22:24:27:47:4e:65:b5:e9:c9:6f:4f:38:2f:1e:be:40:64:42:
         41:b9:5a:84:3f:c5:e4:e1:59:20:66:c6:9f:22:79:03:0d:01:
         f6:91:26:a5:a5:0b:3f:e5:41:18:9b:ec:13:1b:e3:68:54:71:
         af:b7:9c:ce:f1:ed:6d:f5:a5:42:0e:ba:bf:d8:b3:9b:0a:78:
         94:2f:ef:0c:eb:17:6b:e8:45:b3:e3:99:c5:86:c8:db:97:be:
         11:1f:4e:7e:7e:c0:45:5e:0a:88:c2:d8:53:cc:a7:b0:ba:b0:
         e5:ac:db:d8:74:aa:5c:20:bc:c0:a2:95:cc:9d:2f:d3:b8:d7:
         8a:94:fc:5d:82:b4:98:e7:74:3a:3c:a6:79:be:df:bb:45:40:
         e0:b7:22:b3:b7:b5:c5:d1:fd:6a:99:7d:33:ae:1e:33:a9:3a:
         0f:07:fb:3c:85:bc:e3:06:c3:a2:ea:d3:17:2e:37:8e:e2:70:
         d2:c4:96:ec:99:8f:c9:a1:bb:dc:5e:1f:00:8c:33:71:9c:51:
         c0:91:11:ca:41:7e:bd:0a:c4:9d:a5:ea:af:e0:64:3f:09:6a:
         d3:0a:9b:95:8d:87:9d:61:0f:f8:a5:82:d2:aa:6b:c0:f8:c2:
         c2:30:de:e1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUphOqt9LEfl/zU2YJSqKGZ15L+AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwNTExMDA1MDQxWhcNMjYwODA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BiM2YwMDY4NTY5ODY1Y2MwNTE5ZmExYTNiYmM0MWQwYzk4
YTJmY2IzZDI3YjYxMTg1NTg1ODU1MjVlMDJlYzdlMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCop5eHyLCMi0DAmuv3CsJGu4N47f8qhSIDMcCGzEn2ZQxB
XxK1RRUuTOKYPFhjjRaBZGGXWMF11yb2J+DWFxQc9j+umTItBC3nPISSlkN5d/jQ
xrIcxZW4jAYOeLQspmQL3V6WjsQa4Dj9KobXU3SiJ8P3Zgnh1kU0TJVDWE9UP341
7ImyYeMlQ0IUf7KbScHqLBXbjHIOE2oAZa6qxdfSVB2ETwVkOAIFD+V3jEdasM1b
GIHJMZN6LXrcN8Z9f6Q2lXUPT/51VC47B+zHDQh/jdVoVwt6+G1GSGatFHX+f5Qv
5GgRhPFnqXYfS3m9tZ081kGloVPTsEXF6XdZnyNZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUnstHCQii+6XZLxbi3aKnPnKNq9swHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1Lzc0ZmE1NjcxLWFhMWUtNDAyOS04MjMxLTFmNDE3OTA3OTE2Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADN+/kwDQYJKoZIhvcNAQELBQADggEBABczFiiAbM4xrw7xFjLhX7eKPiIk
J0dOZbXpyW9POC8evkBkQkG5WoQ/xeThWSBmxp8ieQMNAfaRJqWlCz/lQRib7BMb
42hUca+3nM7x7W31pUIOur/Ys5sKeJQv7wzrF2voRbPjmcWGyNuXvhEfTn5+wEVe
CojC2FPMp7C6sOWs29h0qlwgvMCilcydL9O414qU/F2CtJjndDo8pnm+37tFQOC3
IrO3tcXR/WqZfTOuHjOpOg8H+zyFvOMGw6Lq0xcuN47icNLEluyZj8mhu9xeHwCM
M3GcUcCREcpBfr0KxJ2l6q/gZD8JatMKm5WNh51hD/ilgtKqa8D4wsIw3uE=
-----END CERTIFICATE-----