Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/59fbdcdd-19dc-465d-ac38-ac0a5641f63f.roa
File:                     59fbdcdd-19dc-465d-ac38-ac0a5641f63f.roa (raw, json)
Hash identifier:          gkYJQ18LzAdPWRh6ukEfScr6P+zqbSQj5USTY8kCIEk=
Subject key identifier:   F6:B2:31:A0:B2:3F:37:CB:0A:3E:91:3F:1F:DF:53:F4:E4:9F:4F:51
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       64348A5297E955A61B0200A31712D99A4AD5B83B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/59fbdcdd-19dc-465d-ac38-ac0a5641f63f.roa
Signing time:             Fri 08 May 2026 02:00:34 +0000
ROA not before:           Fri 08 May 2026 02:00:34 +0000
ROA not after:            Thu 06 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        52.200.0.0/13 maxlen: 13
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 13 May 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:34:8a:52:97:e9:55:a6:1b:02:00:a3:17:12:d9:9a:4a:d5:b8:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May  8 02:00:34 2026 GMT
            Not After : Aug  6 23:59:59 2026 GMT
        Subject: serialNumber=0e40c3f59bdb173f0292db85e6bcf52e55abc2512229554cff6bc9febfb88972, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:cf:f1:4d:da:88:6c:a5:6f:95:ba:0a:05:69:
                    a7:53:9f:a5:25:67:87:5a:d2:b9:02:c9:f0:14:59:
                    da:19:4b:58:4b:ca:f1:f2:7f:56:95:33:7f:54:b9:
                    d2:ba:6a:dc:39:ef:c2:3a:00:b9:5f:38:85:cf:40:
                    b1:b0:0e:8f:c3:08:7d:e1:b0:c7:de:57:13:53:c4:
                    0e:d5:7a:f2:d7:e3:af:c3:13:48:da:a9:c4:59:ac:
                    6d:7b:dd:19:de:fc:85:b5:4e:0b:41:57:34:88:b7:
                    c9:7e:27:4f:ed:48:3c:7b:f2:ae:8f:b2:9c:6c:92:
                    5b:7b:f4:63:be:e9:3d:e3:ae:f1:ca:c8:3d:93:e5:
                    12:e9:16:1c:e9:88:0e:31:48:e8:d9:2a:56:62:d2:
                    1c:01:41:f8:e6:67:d7:f2:51:12:04:ee:5d:15:73:
                    37:52:33:f7:72:49:3f:4c:78:e8:a6:62:44:db:21:
                    9f:fd:2f:21:bc:1d:35:a9:b7:19:b1:6d:50:83:4e:
                    88:1d:2b:5d:53:dd:32:29:35:61:b5:58:3e:bb:f3:
                    d3:9f:a5:92:0b:cd:86:8c:50:44:c2:53:db:ec:74:
                    25:b9:73:4f:b6:03:5c:5f:90:80:46:07:0a:db:39:
                    ef:d4:71:42:9b:e4:e1:f1:a9:ff:01:8a:2a:1d:b4:
                    e5:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:B2:31:A0:B2:3F:37:CB:0A:3E:91:3F:1F:DF:53:F4:E4:9F:4F:51
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/59fbdcdd-19dc-465d-ac38-ac0a5641f63f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.200.0.0/13

    Signature Algorithm: sha256WithRSAEncryption
         23:d5:c7:f9:5d:b8:c0:3e:f4:1f:82:4e:4e:a1:3a:ed:51:8d:
         0d:7a:4e:41:15:72:a8:71:10:e3:d4:0a:4c:7d:21:e2:11:e9:
         cd:f9:8e:ad:78:42:75:c1:3b:2c:8e:23:06:5f:04:34:f1:16:
         fe:55:49:59:84:fe:74:44:fb:2e:fa:5d:50:50:7c:43:64:65:
         c1:ef:7d:8a:1c:24:7f:37:28:4d:7a:03:88:26:ec:c8:52:d4:
         e0:34:c8:9d:47:70:3f:da:7c:2a:9c:21:58:8e:82:7d:90:f7:
         7d:0c:55:e3:de:d8:19:9d:b9:ed:43:53:a6:34:b0:41:ea:e3:
         3e:74:b0:78:06:43:6e:d7:6f:36:a6:70:55:b7:c9:3e:f9:2c:
         c0:c8:4d:5a:8b:cf:e9:95:d3:01:ee:85:b5:23:94:02:7c:0b:
         12:c5:14:29:4b:55:40:c9:3b:f0:29:01:76:2f:e5:00:80:9b:
         9d:b3:3a:1c:ae:b8:6c:e2:cd:0b:74:eb:83:7e:e6:a2:90:97:
         13:02:63:b4:2c:1f:52:da:d1:bb:68:4c:67:f3:0d:8f:1a:91:
         88:95:83:68:ee:26:53:1e:4d:fb:81:e1:3a:66:43:68:ad:92:
         83:d6:ee:4c:59:19:f7:b7:a8:82:64:b1:ed:2c:a7:28:51:43:
         4a:4b:ea:ee
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUZDSKUpfpVaYbAgCjFxLZmkrVuDswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTA4MDIwMDM0WhcNMjYwODA2MjM1OTU5
WjB6MUkwRwYDVQQFE0AwZTQwYzNmNTliZGIxNzNmMDI5MmRiODVlNmJjZjUyZTU1
YWJjMjUxMjIyOTU1NGNmZjZiYzlmZWJmYjg4OTcyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDIz/FN2ohspW+VugoFaadTn6UlZ4da0rkCyfAUWdoZS1hL
yvHyf1aVM39UudK6atw578I6ALlfOIXPQLGwDo/DCH3hsMfeVxNTxA7VevLX46/D
E0jaqcRZrG173Rne/IW1TgtBVzSIt8l+J0/tSDx78q6Pspxsklt79GO+6T3jrvHK
yD2T5RLpFhzpiA4xSOjZKlZi0hwBQfjmZ9fyURIE7l0VczdSM/dyST9MeOimYkTb
IZ/9LyG8HTWptxmxbVCDTogdK11T3TIpNWG1WD6789OfpZILzYaMUETCU9vsdCW5
c0+2A1xfkIBGBwrbOe/UcUKb5OHxqf8BiiodtOWrAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU9rIxoLI/N8sKPpE/H99T9OSfT1EwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzU5ZmJkY2RkLTE5ZGMtNDY1ZC1hYzM4LWFjMGE1NjQxZjYzZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwM0yDANBgkqhkiG9w0BAQsFAAOCAQEAI9XH+V24wD70H4JOTqE67VGNDXpO
QRVyqHEQ49QKTH0h4hHpzfmOrXhCdcE7LI4jBl8ENPEW/lVJWYT+dET7LvpdUFB8
Q2Rlwe99ihwkfzcoTXoDiCbsyFLU4DTInUdwP9p8KpwhWI6CfZD3fQxV497YGZ25
7UNTpjSwQerjPnSweAZDbtdvNqZwVbfJPvkswMhNWovP6ZXTAe6FtSOUAnwLEsUU
KUtVQMk78CkBdi/lAICbnbM6HK64bOLNC3Trg37mopCXEwJjtCwfUtrRu2hMZ/MN
jxqRiJWDaO4mUx5N+4HhOmZDaK2Sg9buTFkZ97eogmSx7SynKFFDSkvq7g==
-----END CERTIFICATE-----