Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ffcc9c61-8dcf-44a7-916e-1bcbd79f2317.roa
File:                     ffcc9c61-8dcf-44a7-916e-1bcbd79f2317.roa (raw, json)
Hash identifier:          bP7IXV/r1HmA0qVxfO86IUwOGG3/getzg90SCsXxqok=
Subject key identifier:   BC:98:C8:A1:82:7E:30:20:BF:59:D6:A0:1F:46:41:E1:A9:4F:77:25
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6C82645FD2C662F8242B38EA6EE4A6D942C4776E
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ffcc9c61-8dcf-44a7-916e-1bcbd79f2317.roa
Signing time:             Fri 08 May 2026 02:41:37 +0000
ROA not before:           Fri 08 May 2026 02:41:37 +0000
ROA not after:            Thu 06 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        3.78.204.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 13 May 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:82:64:5f:d2:c6:62:f8:24:2b:38:ea:6e:e4:a6:d9:42:c4:77:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May  8 02:41:37 2026 GMT
            Not After : Aug  6 23:59:59 2026 GMT
        Subject: serialNumber=7aa8ba34ac848e54e5aa80ad2a95a1ac8aaaf5c9b7f095ad89b95984169db9a4, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:35:1a:57:a8:c7:d0:5e:06:fb:24:5b:22:48:
                    05:c6:c4:e9:a8:e5:a1:0d:31:6b:f8:0d:f4:19:15:
                    60:7a:01:7c:b5:b4:ee:c1:22:d6:c7:68:c7:e0:9c:
                    8e:0f:62:4d:33:04:61:6b:a7:52:3f:6f:fb:61:38:
                    33:98:c8:8d:2e:63:f2:1e:ef:b6:41:40:14:d2:ce:
                    ce:f0:6e:bd:94:5c:75:75:be:85:99:1e:45:d1:43:
                    da:30:94:70:3f:95:c5:22:c0:91:9a:61:bc:0e:fa:
                    10:69:43:8d:8d:de:e9:c2:45:24:e0:98:74:26:90:
                    c0:e7:86:23:06:c1:f9:04:94:ea:cf:ac:87:a1:52:
                    84:43:32:f3:da:2f:a8:8d:93:99:83:bd:35:6e:40:
                    59:5e:81:dc:08:d9:e4:90:6d:70:79:89:fe:23:17:
                    e6:ad:82:72:45:8b:e2:be:84:37:ef:81:c5:d8:c6:
                    2d:0c:e8:21:9e:f0:69:19:36:2f:73:0b:de:63:de:
                    4b:07:94:ea:ad:5d:8c:6c:f8:63:b0:62:f4:a5:b7:
                    07:fe:ad:ca:f0:00:8f:94:ac:48:1c:fd:e0:aa:79:
                    d1:00:ef:84:a5:5f:98:9d:23:df:58:ac:eb:ac:b7:
                    ec:c9:d4:98:01:2e:af:c7:8f:7e:14:01:4e:16:5b:
                    3a:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:98:C8:A1:82:7E:30:20:BF:59:D6:A0:1F:46:41:E1:A9:4F:77:25
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ffcc9c61-8dcf-44a7-916e-1bcbd79f2317.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.78.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         41:01:ba:23:36:67:34:7b:4a:18:43:99:6f:ff:64:9b:28:c0:
         55:e7:d0:47:6d:98:67:5a:c5:7b:12:f6:f9:5a:28:e7:f9:23:
         06:65:1e:c9:0a:e6:6f:c7:89:e0:bf:ae:bb:a7:24:8b:a1:f6:
         8a:00:68:02:2a:0c:1a:81:c4:80:f4:5e:9c:11:33:0b:e5:d2:
         16:b2:b5:d6:9f:32:93:54:ba:6b:f8:fa:85:29:03:8b:aa:95:
         fa:ce:cb:33:e2:f6:09:a5:1d:ea:e8:4d:45:90:6a:4c:14:1d:
         4f:b9:ec:2e:bf:66:76:f4:f9:1e:a2:de:d5:5f:9e:12:fe:a8:
         12:16:df:c6:51:46:77:de:a1:10:ad:e5:d9:03:9f:1a:9e:45:
         6a:47:b9:17:44:b2:08:80:f0:38:c3:c4:55:55:cb:2a:28:85:
         48:ce:99:85:8f:9d:19:5b:f8:a9:c0:f9:01:e3:8e:2f:86:e9:
         43:40:df:d5:83:e5:9c:e6:d2:7c:48:08:b9:ab:35:26:ae:25:
         f9:7c:fb:7c:29:8a:e6:c9:cf:75:13:e7:0e:2a:32:8c:c4:54:
         ff:39:41:1b:5d:fc:70:01:1d:76:46:a9:ad:76:76:57:5d:92:
         09:f8:27:b2:e2:d6:b3:a8:e5:8f:97:37:a6:a8:ba:d6:b0:18:
         43:f3:91:fa
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbIJkX9LGYvgkKzjqbuSm2ULEd24wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTA4MDI0MTM3WhcNMjYwODA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A3YWE4YmEzNGFjODQ4ZTU0ZTVhYTgwYWQyYTk1YTFhYzhh
YWFmNWM5YjdmMDk1YWQ4OWI5NTk4NDE2OWRiOWE0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDINRpXqMfQXgb7JFsiSAXGxOmo5aENMWv4DfQZFWB6AXy1
tO7BItbHaMfgnI4PYk0zBGFrp1I/b/thODOYyI0uY/Ie77ZBQBTSzs7wbr2UXHV1
voWZHkXRQ9owlHA/lcUiwJGaYbwO+hBpQ42N3unCRSTgmHQmkMDnhiMGwfkElOrP
rIehUoRDMvPaL6iNk5mDvTVuQFlegdwI2eSQbXB5if4jF+atgnJFi+K+hDfvgcXY
xi0M6CGe8GkZNi9zC95j3ksHlOqtXYxs+GOwYvSltwf+rcrwAI+UrEgc/eCqedEA
74SlX5idI99YrOust+zJ1JgBLq/Hj34UAU4WWzqJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUvJjIoYJ+MCC/WdagH0ZB4alPdyUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2ZmY2M5YzYxLThkY2YtNDRhNy05MTZlLTFiY2JkNzlmMjMxNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIDTswwDQYJKoZIhvcNAQELBQADggEBAEEBuiM2ZzR7ShhDmW//ZJsowFXn
0EdtmGdaxXsS9vlaKOf5IwZlHskK5m/HieC/rrunJIuh9ooAaAIqDBqBxID0XpwR
Mwvl0haytdafMpNUumv4+oUpA4uqlfrOyzPi9gmlHeroTUWQakwUHU+57C6/Znb0
+R6i3tVfnhL+qBIW38ZRRnfeoRCt5dkDnxqeRWpHuRdEsgiA8DjDxFVVyyoohUjO
mYWPnRlb+KnA+QHjji+G6UNA39WD5Zzm0nxICLmrNSauJfl8+3wpiubJz3UT5w4q
MozEVP85QRtd/HABHXZGqa12dlddkgn4J7Li1rOo5Y+XN6aoutawGEPzkfo=
-----END CERTIFICATE-----
Generated at Tue May 12 22:26:52 2026 by rpki-client