Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1446ac6e-5ebd-4c97-b8b6-4c3c43317796.roa
File:                     1446ac6e-5ebd-4c97-b8b6-4c3c43317796.roa (raw, json)
Hash identifier:          CoXvi3ft0H/41hLKVDuno2QUSqVJWt/38iqcu6Sp6yM=
Subject key identifier:   05:40:A3:75:9A:A4:A3:C8:15:44:58:69:47:5F:2E:B4:28:12:F0:BB
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       27DC02BAE87936BB4E8BA3ED81118A2BB33736D1
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1446ac6e-5ebd-4c97-b8b6-4c3c43317796.roa
Signing time:             Sun 19 Oct 2025 22:52:27 +0000
ROA not before:           Sun 19 Oct 2025 22:52:27 +0000
ROA not after:            Sun 23 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.65.215.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:dc:02:ba:e8:79:36:bb:4e:8b:a3:ed:81:11:8a:2b:b3:37:36:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 19 22:52:27 2025 GMT
            Not After : Nov 23 23:59:59 2025 GMT
        Subject: serialNumber=1d37a0aafd954ece8219a8c9f90980bbb1aad923b2d859c15b286ab81ffcceff, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:28:2b:c5:62:4a:41:2d:26:03:aa:54:0f:96:
                    26:b8:65:93:1d:5e:66:f9:e7:d7:2a:71:2c:82:1b:
                    c8:ac:10:69:f2:53:33:61:df:69:f3:9c:c5:f5:48:
                    2b:42:23:62:29:5c:0d:0f:81:8c:94:af:fe:be:0c:
                    13:04:24:ec:95:e2:ac:b5:66:2a:41:b7:8b:3b:f3:
                    a4:b7:c4:f7:83:02:ac:4d:5e:e1:f7:5d:07:d5:77:
                    77:30:89:bb:55:ad:a6:c7:b6:21:73:3f:a3:38:81:
                    bb:67:16:18:b5:7a:18:cf:c0:27:08:dc:d4:2b:b2:
                    33:26:73:4a:64:89:08:82:18:18:3f:eb:86:cb:50:
                    e6:4f:cf:11:01:e7:dd:37:ec:49:43:d1:67:93:db:
                    22:cd:c5:78:1f:00:01:98:75:59:f4:e2:f8:4f:9d:
                    86:d5:d4:65:94:b3:19:7b:2b:3d:97:8a:89:4b:05:
                    13:59:12:90:40:1f:fe:ab:99:6a:92:f7:db:ff:96:
                    b7:7f:6c:cf:3f:dc:c4:49:7c:80:fe:85:f4:55:35:
                    0b:f8:85:27:64:1b:fc:b4:d8:07:1b:a2:10:5a:7d:
                    c0:09:78:83:ed:0b:4d:67:94:8b:44:0e:53:5c:a8:
                    0b:86:23:04:17:5a:93:5a:c8:5c:09:b0:2d:68:90:
                    59:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:40:A3:75:9A:A4:A3:C8:15:44:58:69:47:5F:2E:B4:28:12:F0:BB
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1446ac6e-5ebd-4c97-b8b6-4c3c43317796.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.65.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:e5:3c:2d:07:a1:c7:18:c4:18:c6:f1:2b:71:f1:8b:a0:69:
         e8:69:6b:70:13:58:ac:45:0c:fd:a3:2c:d2:2f:ed:7f:ea:17:
         81:61:97:a6:16:1d:36:af:d8:4a:df:c5:03:21:53:4f:60:2f:
         01:fe:2d:6f:68:7b:be:f6:a6:5d:ed:65:ea:14:a6:bc:11:f4:
         7a:c8:13:98:67:7a:94:25:49:e3:a4:be:43:e1:56:49:41:f9:
         78:bf:84:8b:62:0b:9c:70:7f:87:67:e5:98:51:9b:b5:83:14:
         ec:7f:58:38:78:33:fe:cb:26:6d:aa:bb:b9:eb:bd:e3:b3:34:
         e8:25:2e:ec:38:7c:f1:3d:19:92:2c:50:7f:b9:62:8e:f1:65:
         05:0b:bc:77:8a:81:8f:f1:46:d6:85:23:3d:d7:16:86:b9:ef:
         e1:2b:24:5a:9f:2a:8d:2a:06:96:bb:56:e0:fb:a6:ae:c0:68:
         86:b8:8c:02:84:8d:20:11:ed:72:77:de:cb:e9:ca:d7:0c:d3:
         c4:7c:10:5e:ce:53:9d:7b:8b:0a:1e:da:4a:7a:c4:8c:02:55:
         b7:64:d8:46:73:f5:9f:77:38:3a:fc:37:ff:56:d8:ee:10:59:
         5e:a4:7b:33:32:69:66:72:5f:2d:56:4d:d6:80:e1:d4:6b:96:
         bd:6d:c1:74
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJ9wCuuh5NrtOi6PtgRGKK7M3NtEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE5MjI1MjI3WhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AxZDM3YTBhYWZkOTU0ZWNlODIxOWE4YzlmOTA5ODBiYmIx
YWFkOTIzYjJkODU5YzE1YjI4NmFiODFmZmNjZWZmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDbKCvFYkpBLSYDqlQPlia4ZZMdXmb559cqcSyCG8isEGny
UzNh32nznMX1SCtCI2IpXA0PgYyUr/6+DBMEJOyV4qy1ZipBt4s786S3xPeDAqxN
XuH3XQfVd3cwibtVrabHtiFzP6M4gbtnFhi1ehjPwCcI3NQrsjMmc0pkiQiCGBg/
64bLUOZPzxEB59037ElD0WeT2yLNxXgfAAGYdVn04vhPnYbV1GWUsxl7Kz2XiolL
BRNZEpBAH/6rmWqS99v/lrd/bM8/3MRJfID+hfRVNQv4hSdkG/y02AcbohBafcAJ
eIPtC01nlItEDlNcqAuGIwQXWpNayFwJsC1okFnVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBUCjdZqko8gVRFhpR18utCgS8LswHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzE0NDZhYzZlLTVlYmQtNGM5Ny1iOGI2LTRjM2M0MzMxNzc5Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAASQdcwDQYJKoZIhvcNAQELBQADggEBAJPlPC0HoccYxBjG8Stx8Yugaehp
a3ATWKxFDP2jLNIv7X/qF4Fhl6YWHTav2ErfxQMhU09gLwH+LW9oe772pl3tZeoU
prwR9HrIE5hnepQlSeOkvkPhVklB+Xi/hItiC5xwf4dn5ZhRm7WDFOx/WDh4M/7L
Jm2qu7nrveOzNOglLuw4fPE9GZIsUH+5Yo7xZQULvHeKgY/xRtaFIz3XFoa57+Er
JFqfKo0qBpa7VuD7pq7AaIa4jAKEjSAR7XJ33svpytcM08R8EF7OU517iwoe2kp6
xIwCVbdk2EZz9Z93ODr8N/9W2O4QWV6kezMyaWZyXy1WTdaA4dRrlr1twXQ=
-----END CERTIFICATE-----