Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7805d95a-a36d-4d38-8d31-3a2a7cfb7545.roa
File:                     7805d95a-a36d-4d38-8d31-3a2a7cfb7545.roa (raw, json)
Hash identifier:          65zVni6ThdgttoYLlu3tDelNNPnwFmOFvhZBjOzcZWI=
Subject key identifier:   0B:21:3F:54:E2:89:C3:1D:A8:B3:87:57:EE:51:D2:41:06:D4:4D:5A
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       27001CA8DC2B59306CC7A18B887A6A76FB6E2F0A
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7805d95a-a36d-4d38-8d31-3a2a7cfb7545.roa
Signing time:             Mon 04 May 2026 14:41:27 +0000
ROA not before:           Mon 04 May 2026 14:41:27 +0000
ROA not after:            Sun 02 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        52.93.243.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 13 May 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:00:1c:a8:dc:2b:59:30:6c:c7:a1:8b:88:7a:6a:76:fb:6e:2f:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May  4 14:41:27 2026 GMT
            Not After : Aug  2 23:59:59 2026 GMT
        Subject: serialNumber=c5abd27c15287d054396f1fcd6b86acc684ab3511e5644bb9f55f98c127891b5, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:2d:8b:b0:e8:3e:fa:ba:9a:27:97:7b:a6:9a:
                    5f:e9:fb:e1:57:cc:db:e7:41:16:d9:1f:c9:d6:ae:
                    9e:39:38:d7:82:93:14:ce:f1:d9:50:14:76:a6:d3:
                    2d:41:b8:a2:07:08:80:57:7f:e9:d0:cb:b4:37:96:
                    de:4f:69:65:35:e6:ff:ee:22:cf:19:88:45:51:e7:
                    21:b5:86:78:b4:1c:14:70:f4:2e:98:82:7e:e5:35:
                    77:8c:e9:41:e2:eb:41:2b:d4:1f:76:bc:fd:44:7b:
                    c7:cd:3b:03:d2:ed:c6:cd:eb:12:96:2c:cc:4f:b4:
                    cb:fc:f0:7c:bc:97:54:25:f1:4c:4f:8d:4b:06:ed:
                    92:d9:71:21:a7:5b:60:8a:a4:5c:38:1c:74:85:1b:
                    10:d9:5b:98:3c:e6:7e:6b:f7:ce:f0:ee:96:87:0c:
                    ef:7e:f6:dc:f3:8d:d5:61:8a:2d:f6:5a:4b:e5:79:
                    1c:a4:4b:07:a0:f9:c1:ef:68:d0:77:e1:e4:f6:1b:
                    17:ae:67:27:39:da:af:03:f0:cc:6a:ca:a9:b7:d1:
                    3d:b8:6d:d8:74:3b:29:59:50:9a:82:44:9c:5b:fe:
                    be:3f:1b:cc:ff:b6:6a:3b:17:97:38:17:4f:a3:f0:
                    86:ae:5c:a5:c6:f9:2c:76:46:42:5b:b3:4f:21:2b:
                    22:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:21:3F:54:E2:89:C3:1D:A8:B3:87:57:EE:51:D2:41:06:D4:4D:5A
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7805d95a-a36d-4d38-8d31-3a2a7cfb7545.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.93.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:92:8f:be:be:91:19:29:46:1b:ee:b2:af:14:25:0e:6d:4f:
         28:17:2a:76:5d:e7:eb:fa:de:87:e4:1f:cb:e5:8b:19:a5:72:
         e6:dc:49:05:9d:b0:24:b4:3f:df:03:34:17:d1:06:ff:29:e9:
         72:f7:a1:15:7c:15:81:44:41:1c:95:be:c8:7c:0b:0e:63:55:
         d0:63:d9:75:c7:34:ed:81:ef:68:9d:3e:e6:cf:c1:92:7f:8d:
         33:b6:d7:fe:c7:73:7c:24:ba:cc:91:b4:72:d3:05:40:c7:1a:
         93:53:48:5d:bc:b0:e0:b3:ee:88:ef:26:c6:61:ce:2a:fd:96:
         fb:e9:5d:a7:6b:67:fa:37:0c:3c:94:1a:e7:0b:f9:32:f9:a0:
         79:cf:15:55:ae:ab:e7:30:a2:f7:7a:7f:b2:d1:e5:93:76:92:
         4e:1b:f7:e8:c1:ea:65:fa:87:c1:c3:67:a5:c1:e0:da:93:9d:
         47:0f:5a:be:80:33:3c:6a:71:60:0e:24:c9:ef:f2:0f:53:8b:
         6a:26:37:0e:9b:61:36:47:d5:30:07:dd:98:ff:80:a9:e0:f4:
         b2:39:ff:45:fa:25:59:a0:13:ff:48:ea:6a:b9:b3:43:c0:e0:
         3a:b5:f3:cd:1b:0b:fc:00:26:76:97:5f:f3:a1:9d:d0:e9:9b:
         b9:53:29:0e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJwAcqNwrWTBsx6GLiHpqdvtuLwowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTA0MTQ0MTI3WhcNMjYwODAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNWFiZDI3YzE1Mjg3ZDA1NDM5NmYxZmNkNmI4NmFjYzY4
NGFiMzUxMWU1NjQ0YmI5ZjU1Zjk4YzEyNzg5MWI1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCMLYuw6D76uponl3umml/p++FXzNvnQRbZH8nWrp45ONeC
kxTO8dlQFHam0y1BuKIHCIBXf+nQy7Q3lt5PaWU15v/uIs8ZiEVR5yG1hni0HBRw
9C6Ygn7lNXeM6UHi60Er1B92vP1Ee8fNOwPS7cbN6xKWLMxPtMv88Hy8l1Ql8UxP
jUsG7ZLZcSGnW2CKpFw4HHSFGxDZW5g85n5r987w7paHDO9+9tzzjdVhii32Wkvl
eRykSweg+cHvaNB34eT2GxeuZyc52q8D8Mxqyqm30T24bdh0OylZUJqCRJxb/r4/
G8z/tmo7F5c4F0+j8IauXKXG+Sx2RkJbs08hKyL7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUCyE/VOKJwx2os4dX7lHSQQbUTVowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzc4MDVkOTVhLWEzNmQtNGQzOC04ZDMxLTNhMmE3Y2ZiNzU0NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA0XfMwDQYJKoZIhvcNAQELBQADggEBAFmSj76+kRkpRhvusq8UJQ5tTygX
KnZd5+v63ofkH8vlixmlcubcSQWdsCS0P98DNBfRBv8p6XL3oRV8FYFEQRyVvsh8
Cw5jVdBj2XXHNO2B72idPubPwZJ/jTO21/7Hc3wkusyRtHLTBUDHGpNTSF28sOCz
7ojvJsZhzir9lvvpXadrZ/o3DDyUGucL+TL5oHnPFVWuq+cwovd6f7LR5ZN2kk4b
9+jB6mX6h8HDZ6XB4NqTnUcPWr6AMzxqcWAOJMnv8g9Ti2omNw6bYTZH1TAH3Zj/
gKng9LI5/0X6JVmgE/9I6mq5s0PA4Dq1880bC/wAJnaXX/OhndDpm7lTKQ4=
-----END CERTIFICATE-----