Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f3258fb5-90ca-480b-9923-260e8ad61e8d.roa
File:                     f3258fb5-90ca-480b-9923-260e8ad61e8d.roa (raw, json)
Hash identifier:          xIMAuuy51fiTzBZt8QgglyUW3RZtejpYABspCqZu2tA=
Subject key identifier:   E5:52:4C:91:C3:61:00:D4:A2:AD:F8:B0:E2:C7:CF:65:09:CB:7A:CD
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       69086CA9B378C81F141FCBAF5C955067BEB81EB8
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f3258fb5-90ca-480b-9923-260e8ad61e8d.roa
Signing time:             Tue 05 May 2026 00:30:11 +0000
ROA not before:           Tue 05 May 2026 00:30:11 +0000
ROA not after:            Mon 03 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        15.181.32.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 13 May 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:08:6c:a9:b3:78:c8:1f:14:1f:cb:af:5c:95:50:67:be:b8:1e:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May  5 00:30:11 2026 GMT
            Not After : Aug  3 23:59:59 2026 GMT
        Subject: serialNumber=8421a094a3f75bafc0f0d056eb6393dc9b20fc3bff9eaec0e63cccefce6b6709, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:fa:67:fe:a2:d4:20:9b:94:12:32:73:44:bb:
                    7b:d0:d1:41:18:1f:63:98:13:75:20:36:0f:a1:e8:
                    d0:e4:73:a8:0f:e2:96:bb:2a:95:25:dd:28:9a:f7:
                    5e:f0:75:a5:6f:1b:74:ff:10:58:a3:b5:7f:fb:62:
                    fb:33:8b:3d:96:fe:e0:df:74:fa:fb:f8:7f:9b:39:
                    b5:77:a8:13:d9:c3:a4:7c:f2:4a:98:d2:2f:1c:cc:
                    b6:9b:1e:b8:64:3e:e9:10:33:44:4e:60:48:e2:40:
                    75:6a:30:ea:d3:4e:a7:ac:83:6e:89:a1:07:34:6a:
                    1f:ce:63:4c:61:3d:6b:4d:91:3b:75:5a:73:d2:a3:
                    72:a8:6b:28:7c:ce:16:a0:28:ae:ea:fe:03:a6:bf:
                    ce:02:c1:e2:97:be:dd:da:96:0a:c4:1a:db:1e:e2:
                    94:35:88:02:4c:f5:15:42:4c:92:b1:1a:29:0f:4f:
                    b4:c9:b7:38:89:50:09:33:1c:a2:a8:7c:b9:50:fb:
                    54:6d:5d:9a:55:39:5b:4a:f4:fd:a0:e7:3c:60:40:
                    32:cb:28:64:88:73:ae:23:cb:35:05:d3:f3:bc:60:
                    3b:0e:cf:0f:8c:f5:80:86:a1:28:f3:70:95:ac:c8:
                    31:4c:63:9c:05:30:fd:84:dd:e5:86:12:c2:ff:5e:
                    33:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:52:4C:91:C3:61:00:D4:A2:AD:F8:B0:E2:C7:CF:65:09:CB:7A:CD
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f3258fb5-90ca-480b-9923-260e8ad61e8d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.181.32.0/21

    Signature Algorithm: sha256WithRSAEncryption
         80:d6:0e:cf:d2:fa:18:77:72:15:34:40:7c:c2:b7:b4:c6:3f:
         5e:21:41:64:32:6a:d8:2a:b1:3c:d6:07:9d:1e:f1:c0:cb:8e:
         e4:d2:21:18:7a:a1:d2:ca:46:f1:44:ec:8e:3b:07:40:ca:5e:
         ce:44:24:5a:cd:a1:d9:8b:e0:d5:e7:6b:1b:23:50:eb:54:0e:
         67:0c:a8:f8:bf:9f:18:fc:33:62:13:5a:66:fd:d0:34:53:b4:
         06:c6:a3:af:be:98:d4:f4:5b:b4:a9:5c:a6:81:db:36:e3:39:
         78:d1:e1:d5:79:80:8e:14:fd:af:0d:d3:36:c3:ea:95:4e:20:
         88:bd:1f:41:e7:75:20:14:41:bc:a6:a5:d0:c8:17:93:17:89:
         e8:83:01:74:ea:23:12:47:d4:db:13:87:57:37:d2:0e:16:56:
         e0:07:06:da:79:10:e0:f7:ec:6c:8a:be:1e:48:36:d5:6b:4d:
         24:54:17:c9:c5:ed:bf:2a:d7:cf:fa:34:ca:da:0c:a2:c5:6e:
         b1:6f:df:77:8f:1a:fa:a3:4a:cc:5b:27:be:b7:75:c8:cc:cd:
         3f:d9:27:10:8f:c7:87:18:52:1a:38:48:64:8d:9b:e2:62:69:
         09:47:a4:7a:14:23:1e:19:92:06:e6:ea:64:ac:dc:41:64:ae:
         c2:72:ec:3e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUaQhsqbN4yB8UH8uvXJVQZ764HrgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTA1MDAzMDExWhcNMjYwODAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A4NDIxYTA5NGEzZjc1YmFmYzBmMGQwNTZlYjYzOTNkYzli
MjBmYzNiZmY5ZWFlYzBlNjNjY2NlZmNlNmI2NzA5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCJ+mf+otQgm5QSMnNEu3vQ0UEYH2OYE3UgNg+h6NDkc6gP
4pa7KpUl3Sia917wdaVvG3T/EFijtX/7Yvsziz2W/uDfdPr7+H+bObV3qBPZw6R8
8kqY0i8czLabHrhkPukQM0ROYEjiQHVqMOrTTqesg26JoQc0ah/OY0xhPWtNkTt1
WnPSo3Koayh8zhagKK7q/gOmv84CweKXvt3algrEGtse4pQ1iAJM9RVCTJKxGikP
T7TJtziJUAkzHKKofLlQ+1RtXZpVOVtK9P2g5zxgQDLLKGSIc64jyzUF0/O8YDsO
zw+M9YCGoSjzcJWsyDFMY5wFMP2E3eWGEsL/XjNPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5VJMkcNhANSirfiw4sfPZQnLes0wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2YzMjU4ZmI1LTkwY2EtNDgwYi05OTIzLTI2MGU4YWQ2MWU4ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMPtSAwDQYJKoZIhvcNAQELBQADggEBAIDWDs/S+hh3chU0QHzCt7TGP14h
QWQyatgqsTzWB50e8cDLjuTSIRh6odLKRvFE7I47B0DKXs5EJFrNodmL4NXnaxsj
UOtUDmcMqPi/nxj8M2ITWmb90DRTtAbGo6++mNT0W7SpXKaB2zbjOXjR4dV5gI4U
/a8N0zbD6pVOIIi9H0HndSAUQbympdDIF5MXieiDAXTqIxJH1NsTh1c30g4WVuAH
Btp5EOD37GyKvh5INtVrTSRUF8nF7b8q18/6NMraDKLFbrFv33ePGvqjSsxbJ763
dcjMzT/ZJxCPx4cYUho4SGSNm+JiaQlHpHoUIx4Zkgbm6mSs3EFkrsJy7D4=
-----END CERTIFICATE-----
Generated at Tue May 12 22:26:10 2026 by rpki-client