Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/cdb194e0-bcdf-4e9f-b8f5-1963887cc121.roa
File:                     cdb194e0-bcdf-4e9f-b8f5-1963887cc121.roa (raw, json)
Hash identifier:          9GSlfu5AyxWAXSzOsr2PRR7ubkkGCFOXUpMTrr8+1Ks=
Subject key identifier:   71:98:4C:2A:46:40:51:CA:B5:85:94:BF:B1:56:9B:DA:CC:03:0E:8B
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       74ED5B8255FF7B6CF5880E6A7FBE8B3DC7C1C6B6
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/cdb194e0-bcdf-4e9f-b8f5-1963887cc121.roa
Signing time:             Mon 13 Oct 2025 16:10:35 +0000
ROA not before:           Mon 13 Oct 2025 16:10:35 +0000
ROA not after:            Mon 17 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        205.251.202.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 22 Oct 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:ed:5b:82:55:ff:7b:6c:f5:88:0e:6a:7f:be:8b:3d:c7:c1:c6:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Oct 13 16:10:35 2025 GMT
            Not After : Nov 17 23:59:59 2025 GMT
        Subject: serialNumber=547bced2d900727f007258f5c9faba6c33e9294e0fffee8ec27254dafa320bf9, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:a1:37:f2:a1:51:d8:5c:a5:ca:a9:b6:cc:0c:
                    ce:7a:da:d9:17:82:66:a2:0a:55:7d:d5:9a:fe:1f:
                    f9:33:1e:9c:80:be:2a:b3:69:02:6d:a7:0c:42:b8:
                    b0:ff:54:51:78:e4:18:00:53:5b:b4:61:b4:68:6e:
                    76:ea:53:fa:1b:cd:b5:10:a1:36:81:bc:e0:ca:25:
                    20:e7:c4:82:aa:57:d7:49:80:08:f7:93:45:c7:7f:
                    03:3c:39:03:ed:57:6f:58:ea:29:bd:41:15:83:01:
                    7b:fe:35:10:ed:ae:0d:ef:ed:37:c0:6b:dc:68:27:
                    97:f0:86:5e:b5:5d:7e:66:5d:14:c9:98:d9:85:dc:
                    af:69:79:e5:e1:75:f7:70:92:21:4f:12:17:9e:b0:
                    e0:84:2f:fb:33:89:e8:de:4f:7d:0d:18:a5:e5:76:
                    59:c8:06:21:d9:27:b8:ca:d3:67:0f:31:5f:51:bd:
                    f7:86:29:4c:1c:ee:09:9b:b0:7f:80:14:3a:72:ac:
                    f2:3a:6f:be:03:0d:d8:7c:47:d9:48:8f:20:14:9d:
                    90:f2:c4:63:8b:1f:5b:ff:23:5c:39:9a:d2:e7:e2:
                    3d:49:6e:11:64:18:91:ac:a8:f7:c5:f8:39:64:fe:
                    64:90:dc:1c:b5:1d:3b:eb:67:71:10:4c:61:75:a1:
                    28:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:98:4C:2A:46:40:51:CA:B5:85:94:BF:B1:56:9B:DA:CC:03:0E:8B
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/cdb194e0-bcdf-4e9f-b8f5-1963887cc121.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  205.251.202.0/23

    Signature Algorithm: sha256WithRSAEncryption
         09:b5:91:27:55:17:cd:11:cb:c3:55:a7:ea:c4:99:c0:e2:21:
         9a:4c:c6:59:73:be:df:26:9d:f6:60:b5:50:f2:64:9e:3c:fd:
         f9:68:8b:eb:80:91:ff:f6:ed:8e:44:ef:a0:75:ca:13:ff:23:
         84:a2:40:95:3d:ac:55:5a:91:9f:94:d6:91:5d:01:f1:4e:4c:
         32:ae:5d:18:87:73:e7:b5:bb:1e:a7:c6:9e:27:20:ca:2b:ef:
         26:22:ba:90:0c:c1:45:89:26:32:6e:50:d2:72:be:68:8b:b0:
         9a:04:b3:ad:b4:b5:44:26:13:aa:ca:f2:da:8e:b2:d1:7b:1e:
         99:65:7f:22:6b:71:ff:08:e7:e4:49:97:20:e4:4f:1f:01:9c:
         86:61:46:4f:ca:5a:46:e8:2f:7e:52:6f:4b:76:f1:41:23:e9:
         d8:0a:e4:76:75:54:93:64:38:00:94:d8:24:6d:99:c6:8a:fb:
         f4:d6:8c:24:ad:0b:cc:c7:f6:42:ed:f9:e7:27:81:d9:53:8c:
         84:ce:b9:da:dc:82:ed:47:8d:16:58:e7:b9:89:cc:a3:cb:82:
         05:37:fa:7d:0e:f6:57:de:7c:82:be:33:ac:64:cf:0c:7e:ae:
         d3:20:cc:52:80:95:08:a2:ae:73:5e:ce:66:9c:c1:5c:10:91:
         e4:7d:a6:d9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdO1bglX/e2z1iA5qf76LPcfBxrYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjUxMDEzMTYxMDM1WhcNMjUxMTE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NDdiY2VkMmQ5MDA3MjdmMDA3MjU4ZjVjOWZhYmE2YzMz
ZTkyOTRlMGZmZmVlOGVjMjcyNTRkYWZhMzIwYmY5MS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDloTfyoVHYXKXKqbbMDM562tkXgmaiClV91Zr+H/kzHpyA
viqzaQJtpwxCuLD/VFF45BgAU1u0YbRobnbqU/obzbUQoTaBvODKJSDnxIKqV9dJ
gAj3k0XHfwM8OQPtV29Y6im9QRWDAXv+NRDtrg3v7TfAa9xoJ5fwhl61XX5mXRTJ
mNmF3K9peeXhdfdwkiFPEheesOCEL/sziejeT30NGKXldlnIBiHZJ7jK02cPMV9R
vfeGKUwc7gmbsH+AFDpyrPI6b74DDdh8R9lIjyAUnZDyxGOLH1v/I1w5mtLn4j1J
bhFkGJGsqPfF+Dlk/mSQ3By1HTvrZ3EQTGF1oSidAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUcZhMKkZAUcq1hZS/sVab2swDDoswHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2NkYjE5NGUwLWJjZGYtNGU5Zi1iOGY1LTE5NjM4ODdjYzEyMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAHN+8owDQYJKoZIhvcNAQELBQADggEBAAm1kSdVF80Ry8NVp+rEmcDiIZpM
xllzvt8mnfZgtVDyZJ48/floi+uAkf/27Y5E76B1yhP/I4SiQJU9rFVakZ+U1pFd
AfFOTDKuXRiHc+e1ux6nxp4nIMor7yYiupAMwUWJJjJuUNJyvmiLsJoEs620tUQm
E6rK8tqOstF7HpllfyJrcf8I5+RJlyDkTx8BnIZhRk/KWkboL35Sb0t28UEj6dgK
5HZ1VJNkOACU2CRtmcaK+/TWjCStC8zH9kLt+ecngdlTjITOudrcgu1HjRZY57mJ
zKPLggU3+n0O9lfefIK+M6xkzwx+rtMgzFKAlQiirnNezmacwVwQkeR9ptk=
-----END CERTIFICATE-----