Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/eaa82859-b5c2-4279-abc5-1f7ca0d59969.roa
File:                     eaa82859-b5c2-4279-abc5-1f7ca0d59969.roa (raw, json)
Hash identifier:          pDETQvYIBvW4AyDWBxvb8GgPN3tkd+ESYW8bX6jkJBk=
Subject key identifier:   A1:61:63:C0:63:BD:61:BE:E6:23:DA:76:FE:E1:52:C4:36:99:F5:4A
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5CEA62BE7CA9AB2679A601F6473E102E8288A6D6
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/eaa82859-b5c2-4279-abc5-1f7ca0d59969.roa
Signing time:             Fri 08 May 2026 01:50:08 +0000
ROA not before:           Fri 08 May 2026 01:50:08 +0000
ROA not after:            Thu 06 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        52.13.240.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 13 May 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:ea:62:be:7c:a9:ab:26:79:a6:01:f6:47:3e:10:2e:82:88:a6:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May  8 01:50:08 2026 GMT
            Not After : Aug  6 23:59:59 2026 GMT
        Subject: serialNumber=4da222fbf0c4efddbb02019bdc53f20f8a540d5f72499057c394f69889fb5169, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:c6:6f:97:a2:85:ed:c5:d6:71:2d:38:38:7d:
                    10:18:61:22:9a:4b:6d:83:4a:51:a2:11:12:54:cd:
                    28:82:60:26:f6:47:b8:cd:4f:70:53:3d:39:99:5d:
                    d0:a0:1f:df:e1:f2:59:c8:9b:5d:86:96:0e:f9:ee:
                    ae:14:0e:72:0d:72:4c:a7:7c:a9:7c:86:b4:d5:8c:
                    d7:26:08:43:76:e0:22:af:b6:d8:7c:f6:93:cf:3a:
                    70:72:a8:bf:5a:44:e2:62:44:96:d2:5b:c1:f0:54:
                    39:6d:99:6c:c1:b0:e0:54:78:4d:08:61:f3:fd:bb:
                    a6:69:6d:a9:8e:9f:72:ec:77:f9:97:94:77:fb:46:
                    8d:03:ca:7b:ff:27:47:b5:9a:31:bb:fd:0f:08:de:
                    b3:61:1d:e1:8f:ce:c5:5c:f9:d3:ae:50:2e:9d:0d:
                    47:20:bc:2c:ab:90:da:ac:48:b9:47:e3:1d:39:7d:
                    46:56:db:60:bf:f6:03:43:5d:96:99:da:15:99:c8:
                    32:4e:76:3d:a9:23:d6:ca:59:d8:ca:1a:2a:2c:75:
                    b2:bc:8e:0b:21:d6:88:2c:88:4e:43:e0:d5:fd:8b:
                    bf:d7:31:21:85:82:ba:1b:b0:a7:25:cc:8c:4f:3d:
                    31:da:46:80:b2:2a:96:36:f9:5b:83:8a:2f:50:d3:
                    7f:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:61:63:C0:63:BD:61:BE:E6:23:DA:76:FE:E1:52:C4:36:99:F5:4A
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/eaa82859-b5c2-4279-abc5-1f7ca0d59969.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.13.240.0/21

    Signature Algorithm: sha256WithRSAEncryption
         76:8a:6b:6b:73:8e:66:cb:e0:a0:16:91:39:74:e6:d0:e7:23:
         72:b4:31:8e:60:04:70:89:2c:77:60:84:49:0e:e0:1c:a0:4c:
         3f:08:2f:27:77:61:8f:2b:13:59:d2:a4:53:d7:19:a5:fc:3d:
         ac:bd:e3:c5:f4:a1:ba:33:57:e4:8d:8f:d3:1c:17:17:f3:3a:
         7c:4d:a4:7c:e1:a3:53:07:f4:3c:93:7b:d1:a7:83:64:91:5c:
         af:f7:8e:e7:26:0a:d4:04:e0:34:5b:44:b3:a2:da:3a:fd:5a:
         53:28:cf:a3:47:78:9b:b2:82:af:62:4b:cc:60:32:5f:f7:04:
         01:be:60:a6:88:c3:c3:fe:ef:97:e8:02:35:32:7a:45:d3:90:
         e7:68:d9:46:ba:c7:25:32:10:02:c0:21:1d:b5:63:66:bf:4c:
         3f:c2:16:b2:f8:5f:85:fb:61:ac:ad:b0:c9:5f:70:76:61:43:
         b9:46:c2:17:94:db:6c:0f:e8:05:38:4b:8a:39:22:6f:45:b4:
         8c:c2:a4:6d:30:c2:b0:f9:4a:6f:83:7e:e5:02:7b:e8:d2:c9:
         9e:c0:ec:35:3d:ce:0e:ae:bf:6a:8a:cf:a0:9c:66:a5:e8:c1:
         0b:15:80:ab:5c:21:d5:0c:72:dd:04:1a:ed:fd:dc:2e:a5:0c:
         a0:79:2d:bb
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXOpivnypqyZ5pgH2Rz4QLoKIptYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTA4MDE1MDA4WhcNMjYwODA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZGEyMjJmYmYwYzRlZmRkYmIwMjAxOWJkYzUzZjIwZjhh
NTQwZDVmNzI0OTkwNTdjMzk0ZjY5ODg5ZmI1MTY5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtxm+XooXtxdZxLTg4fRAYYSKaS22DSlGiERJUzSiCYCb2
R7jNT3BTPTmZXdCgH9/h8lnIm12Glg757q4UDnINckynfKl8hrTVjNcmCEN24CKv
tth89pPPOnByqL9aROJiRJbSW8HwVDltmWzBsOBUeE0IYfP9u6ZpbamOn3Lsd/mX
lHf7Ro0Dynv/J0e1mjG7/Q8I3rNhHeGPzsVc+dOuUC6dDUcgvCyrkNqsSLlH4x05
fUZW22C/9gNDXZaZ2hWZyDJOdj2pI9bKWdjKGiosdbK8jgsh1ogsiE5D4NX9i7/X
MSGFgrobsKclzIxPPTHaRoCyKpY2+VuDii9Q03+hAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUoWFjwGO9Yb7mI9p2/uFSxDaZ9UowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2VhYTgyODU5LWI1YzItNDI3OS1hYmM1LTFmN2NhMGQ1OTk2OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAM0DfAwDQYJKoZIhvcNAQELBQADggEBAHaKa2tzjmbL4KAWkTl05tDnI3K0
MY5gBHCJLHdghEkO4BygTD8ILyd3YY8rE1nSpFPXGaX8Pay948X0obozV+SNj9Mc
FxfzOnxNpHzho1MH9DyTe9Gng2SRXK/3jucmCtQE4DRbRLOi2jr9WlMoz6NHeJuy
gq9iS8xgMl/3BAG+YKaIw8P+75foAjUyekXTkOdo2Ua6xyUyEALAIR21Y2a/TD/C
FrL4X4X7YaytsMlfcHZhQ7lGwheU22wP6AU4S4o5Im9FtIzCpG0wwrD5Sm+DfuUC
e+jSyZ7A7DU9zg6uv2qKz6CcZqXowQsVgKtcIdUMct0EGu393C6lDKB5Lbs=
-----END CERTIFICATE-----