Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b7529512-d3e8-458c-b43f-9e84bd73caed.roa
File:                     b7529512-d3e8-458c-b43f-9e84bd73caed.roa (raw, json)
Hash identifier:          i7RGd+9GpUnyExiKWrCDfks3XmK9LlXaKS7yLZpskl8=
Subject key identifier:   7C:CC:C9:7A:CC:1D:61:C9:66:D3:4B:EB:7D:53:D7:8E:55:2D:EC:57
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       09C9E7E02BA8221010875DF5C1F7428D51A4EE9C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b7529512-d3e8-458c-b43f-9e84bd73caed.roa
Signing time:             Tue 05 May 2026 01:00:13 +0000
ROA not before:           Tue 05 May 2026 01:00:13 +0000
ROA not after:            Mon 03 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        15.177.64.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 13 May 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:c9:e7:e0:2b:a8:22:10:10:87:5d:f5:c1:f7:42:8d:51:a4:ee:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May  5 01:00:13 2026 GMT
            Not After : Aug  3 23:59:59 2026 GMT
        Subject: serialNumber=6d4283626d9cabf093f59a47cfa96af6cc4eca4db0bd2b8950d2243edc9fc15f, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:3e:51:90:13:08:d4:c7:4b:84:3c:7b:b5:dd:
                    9b:0b:4c:cf:7c:c2:6a:88:42:3e:7e:a9:8b:b0:50:
                    75:8a:43:67:d4:60:c7:4b:33:56:c6:72:c9:73:ac:
                    26:d7:7e:60:78:df:09:f4:09:00:46:76:dc:f7:54:
                    b7:e6:af:f9:5d:99:8d:43:3a:63:4a:f3:49:9f:7d:
                    f1:e2:55:7c:12:33:06:af:4b:87:80:4f:04:f4:70:
                    87:70:b5:25:e5:ba:22:8c:a8:ed:5b:a6:87:6f:cb:
                    5c:2e:a7:ec:f6:80:d7:49:de:0b:c4:49:4a:9d:2d:
                    df:38:82:7a:12:83:ae:20:99:6c:e2:bf:f6:06:84:
                    42:d9:53:be:ea:ad:1e:df:2c:e6:05:9f:85:8e:2c:
                    12:a5:bc:18:57:96:d0:0f:ec:f8:54:88:68:94:0f:
                    4e:12:b3:d9:34:04:98:a9:b6:34:ef:ad:43:7a:15:
                    bc:0c:d5:da:f2:d9:92:30:96:5e:c6:32:a9:16:aa:
                    10:a8:76:03:89:a9:d6:05:ba:86:2f:c0:d7:bc:c2:
                    42:14:59:91:2a:69:fc:1a:fe:02:28:68:93:ef:e9:
                    07:85:fc:3f:94:f7:9a:af:7b:e2:84:48:6e:93:07:
                    67:d6:fd:ad:49:e4:85:b1:a8:67:43:db:73:16:54:
                    4c:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:CC:C9:7A:CC:1D:61:C9:66:D3:4B:EB:7D:53:D7:8E:55:2D:EC:57
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b7529512-d3e8-458c-b43f-9e84bd73caed.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.177.64.0/23

    Signature Algorithm: sha256WithRSAEncryption
         48:0a:a5:42:33:91:67:35:15:d7:91:81:cd:e4:d5:bc:89:95:
         72:07:6c:24:5e:7b:c6:0b:8b:35:b8:68:c6:00:96:ef:d9:22:
         29:bd:70:04:8e:12:cf:8d:35:94:44:51:94:75:da:75:e8:a2:
         a3:b4:22:d2:43:0a:5e:e1:eb:14:fe:1f:71:96:78:63:16:f0:
         25:53:e8:32:a4:d4:50:a0:b9:ba:f4:6f:13:c5:c4:35:7b:42:
         34:40:bc:19:64:1b:34:81:74:5e:10:89:c5:b7:c0:63:8b:10:
         31:4b:8f:95:1a:12:ef:03:cb:f0:f1:81:fd:32:ab:4b:48:cc:
         77:99:82:a8:0d:cb:d9:83:4c:0f:c6:ea:2c:91:5d:67:b0:b9:
         f4:72:f4:1a:8c:9d:f1:4a:fe:80:32:51:6a:8a:f9:89:93:dd:
         8f:fa:13:4c:cb:bf:ec:56:df:f7:96:df:9c:7c:a5:5d:28:32:
         cc:5e:93:4e:07:4a:f3:f5:a6:3d:18:5f:fc:9c:08:34:58:ae:
         47:63:3c:14:3e:a3:76:10:3a:eb:c7:88:19:8b:19:04:92:f5:
         97:48:96:76:39:10:5e:28:0e:a1:73:6c:84:37:47:48:b4:da:
         84:e5:f2:c9:02:a5:6d:81:c3:99:44:e0:70:59:68:a7:a6:1a:
         56:79:29:80
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCcnn4CuoIhAQh131wfdCjVGk7pwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTA1MDEwMDEzWhcNMjYwODAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A2ZDQyODM2MjZkOWNhYmYwOTNmNTlhNDdjZmE5NmFmNmNj
NGVjYTRkYjBiZDJiODk1MGQyMjQzZWRjOWZjMTVmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqPlGQEwjUx0uEPHu13ZsLTM98wmqIQj5+qYuwUHWKQ2fU
YMdLM1bGcslzrCbXfmB43wn0CQBGdtz3VLfmr/ldmY1DOmNK80mfffHiVXwSMwav
S4eATwT0cIdwtSXluiKMqO1bpodvy1wup+z2gNdJ3gvESUqdLd84gnoSg64gmWzi
v/YGhELZU77qrR7fLOYFn4WOLBKlvBhXltAP7PhUiGiUD04Ss9k0BJiptjTvrUN6
FbwM1dry2ZIwll7GMqkWqhCodgOJqdYFuoYvwNe8wkIUWZEqafwa/gIoaJPv6QeF
/D+U95qve+KESG6TB2fW/a1J5IWxqGdD23MWVExJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfMzJeswdYclm00vrfVPXjlUt7FcwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2I3NTI5NTEyLWQzZTgtNDU4Yy1iNDNmLTllODRiZDczY2FlZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEPsUAwDQYJKoZIhvcNAQELBQADggEBAEgKpUIzkWc1FdeRgc3k1byJlXIH
bCRee8YLizW4aMYAlu/ZIim9cASOEs+NNZREUZR12nXooqO0ItJDCl7h6xT+H3GW
eGMW8CVT6DKk1FCgubr0bxPFxDV7QjRAvBlkGzSBdF4QicW3wGOLEDFLj5UaEu8D
y/Dxgf0yq0tIzHeZgqgNy9mDTA/G6iyRXWewufRy9BqMnfFK/oAyUWqK+YmT3Y/6
E0zLv+xW3/eW35x8pV0oMsxek04HSvP1pj0YX/ycCDRYrkdjPBQ+o3YQOuvHiBmL
GQSS9ZdIlnY5EF4oDqFzbIQ3R0i02oTl8skCpW2Bw5lE4HBZaKemGlZ5KYA=
-----END CERTIFICATE-----