Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0211872d-1936-42b2-b4c8-2ab2712cb4e8.roa
File:                     0211872d-1936-42b2-b4c8-2ab2712cb4e8.roa (raw, json)
Hash identifier:          rcLjmu/+Ykk77Am6ZXg/8NCjMWJLdVZ8twfQJ9isU8Q=
Subject key identifier:   04:AA:DF:E2:A4:58:63:45:72:6F:00:24:C9:74:A1:66:98:59:0F:36
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       20A7C834BD8DE7DABC23833B7495C2207F2707C8
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0211872d-1936-42b2-b4c8-2ab2712cb4e8.roa
Signing time:             Sat 28 Jun 2025 00:50:13 +0000
ROA not before:           Sat 28 Jun 2025 00:50:13 +0000
ROA not after:            Sat 02 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        15.220.250.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 01 Jul 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:a7:c8:34:bd:8d:e7:da:bc:23:83:3b:74:95:c2:20:7f:27:07:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun 28 00:50:13 2025 GMT
            Not After : Aug  2 23:59:59 2025 GMT
        Subject: serialNumber=498c9c0410d49a348daaef783e7ede812be075ce994b462a7c47b3712f565a1b, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:cc:ec:d6:aa:6d:dc:7f:b3:e9:b1:7d:41:fb:
                    29:92:03:25:07:a2:ea:7d:e5:3b:23:e2:5e:99:78:
                    26:c9:33:91:26:d6:c5:c9:dd:82:1b:6a:42:b0:40:
                    a8:5d:f0:44:32:1d:09:f9:29:04:a2:d3:00:cb:43:
                    c1:b6:15:a5:89:89:ad:8e:82:0c:a5:ba:5a:1e:a9:
                    91:59:7e:b8:4e:d9:c4:d5:ea:cc:07:0d:0b:3d:88:
                    96:7e:80:0f:6c:98:4d:26:05:79:ca:64:d9:da:93:
                    be:cb:b4:57:96:7f:61:5e:e5:67:26:8d:bd:f3:85:
                    6d:30:4e:bb:c2:4b:0f:36:b3:63:b9:a0:c1:8b:b9:
                    27:ed:ea:1f:95:eb:a5:2a:dd:e1:67:78:c0:5e:63:
                    31:3c:7b:ce:0a:88:59:3c:3c:27:8e:5c:9f:35:19:
                    55:cc:19:7b:03:d7:ca:6b:9b:ef:30:da:80:1d:39:
                    29:f6:73:3d:e8:3d:21:95:48:15:1d:97:b7:0d:11:
                    fe:fe:3b:ac:9a:6f:cc:1f:97:3a:f3:39:27:1e:8f:
                    71:c1:81:5b:51:ac:40:5a:ac:2f:47:85:9c:f6:1a:
                    ab:f1:79:0b:94:54:7e:9a:9d:81:2a:69:f7:5f:f3:
                    a1:17:0f:45:f1:4f:ed:b2:cb:90:96:2d:89:27:5c:
                    14:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:AA:DF:E2:A4:58:63:45:72:6F:00:24:C9:74:A1:66:98:59:0F:36
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0211872d-1936-42b2-b4c8-2ab2712cb4e8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.220.250.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2e:04:b7:60:ad:28:cb:58:28:a1:22:fc:39:7c:43:98:53:85:
         fe:9a:89:f7:06:96:11:54:c2:70:4c:1d:ad:69:81:ac:a1:64:
         3a:0e:49:9b:12:1b:38:d0:f8:22:3c:aa:dd:bd:75:e7:ac:02:
         14:ee:66:7b:37:55:84:63:66:24:2c:f7:4f:9d:a3:0a:0c:96:
         8f:31:32:27:a6:b3:c8:67:9a:3a:06:72:da:02:d0:c6:66:c3:
         b3:e0:2a:a6:bc:2a:03:51:ec:6b:9d:e8:d8:46:85:59:f0:12:
         53:34:1d:f2:c8:24:bf:e2:a4:1d:f0:ea:b5:47:ef:51:1b:7b:
         f4:96:78:b1:14:8b:f1:62:0e:03:c9:28:02:5e:6d:98:3d:b0:
         88:bb:98:53:da:68:81:35:6d:45:8a:ca:a1:19:dd:74:64:a1:
         b2:68:17:50:6c:b4:ec:c5:f3:00:bd:3c:6d:27:cc:8d:c9:4e:
         8b:2d:d0:01:f4:c8:97:d6:a6:37:e0:61:4a:f2:8f:3f:b2:4c:
         71:4d:5c:a1:76:b0:e5:9c:4d:2b:0d:b6:b2:14:57:16:39:a2:
         3d:db:d4:53:6d:05:2f:40:80:13:7b:98:03:73:ad:97:a9:45:
         bb:ca:6c:47:3b:4b:68:c0:93:dd:24:6e:d8:39:8c:34:22:79:
         9c:d6:7f:25
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIKfINL2N59q8I4M7dJXCIH8nB8gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNjI4MDA1MDEzWhcNMjUwODAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A0OThjOWMwNDEwZDQ5YTM0OGRhYWVmNzgzZTdlZGU4MTJi
ZTA3NWNlOTk0YjQ2MmE3YzQ3YjM3MTJmNTY1YTFiMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtzOzWqm3cf7PpsX1B+ymSAyUHoup95Tsj4l6ZeCbJM5Em
1sXJ3YIbakKwQKhd8EQyHQn5KQSi0wDLQ8G2FaWJia2OggyluloeqZFZfrhO2cTV
6swHDQs9iJZ+gA9smE0mBXnKZNnak77LtFeWf2Fe5Wcmjb3zhW0wTrvCSw82s2O5
oMGLuSft6h+V66Uq3eFneMBeYzE8e84KiFk8PCeOXJ81GVXMGXsD18prm+8w2oAd
OSn2cz3oPSGVSBUdl7cNEf7+O6yab8wflzrzOScej3HBgVtRrEBarC9HhZz2Gqvx
eQuUVH6anYEqafdf86EXD0XxT+2yy5CWLYknXBSjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBKrf4qRYY0VybwAkyXShZphZDzYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzAyMTE4NzJkLTE5MzYtNDJiMi1iNGM4LTJhYjI3MTJjYjRlOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEP3PowDQYJKoZIhvcNAQELBQADggEBAC4Et2CtKMtYKKEi/Dl8Q5hThf6a
ifcGlhFUwnBMHa1pgayhZDoOSZsSGzjQ+CI8qt29deesAhTuZns3VYRjZiQs90+d
owoMlo8xMiems8hnmjoGctoC0MZmw7PgKqa8KgNR7Gud6NhGhVnwElM0HfLIJL/i
pB3w6rVH71Ebe/SWeLEUi/FiDgPJKAJebZg9sIi7mFPaaIE1bUWKyqEZ3XRkobJo
F1BstOzF8wC9PG0nzI3JTost0AH0yJfWpjfgYUryjz+yTHFNXKF2sOWcTSsNtrIU
VxY5oj3b1FNtBS9AgBN7mANzrZepRbvKbEc7S2jAk90kbtg5jDQieZzWfyU=
-----END CERTIFICATE-----