Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/283d9ad9-8773-4702-8d3e-c2a0b3d78076.roa
File:                     283d9ad9-8773-4702-8d3e-c2a0b3d78076.roa (raw, json)
Hash identifier:          aD8eaiHZGdTtz9u6bmaeFodtHggat1ykdyDR3nuilRg=
Subject key identifier:   3D:43:5B:0C:FF:8E:6E:27:B8:54:3E:9B:13:03:A5:15:57:8B:3A:C9
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0A8B0153B4762EC940F7D94BA935C9FEE0768EDC
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/283d9ad9-8773-4702-8d3e-c2a0b3d78076.roa
Signing time:             Mon 18 Aug 2025 18:07:12 +0000
ROA not before:           Mon 18 Aug 2025 18:07:12 +0000
ROA not after:            Mon 22 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        3.2.76.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:8b:01:53:b4:76:2e:c9:40:f7:d9:4b:a9:35:c9:fe:e0:76:8e:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Aug 18 18:07:12 2025 GMT
            Not After : Sep 22 23:59:59 2025 GMT
        Subject: serialNumber=fee7d0924725d57e5f5cf41d5a958419b28f79ebdf016625e1b18e219aca6d00, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:e8:5d:ab:a7:27:6d:56:f0:2a:5c:9e:f7:6c:
                    f9:8b:f5:34:c4:ce:23:59:77:c3:8a:b3:89:6c:6c:
                    f0:f2:6f:0f:55:e3:f6:63:99:e1:3d:1b:54:b0:a4:
                    65:6b:c8:7e:d6:e2:da:9e:64:f7:b2:ae:92:45:56:
                    57:da:79:74:3e:08:45:97:6a:c3:74:26:48:16:36:
                    b7:87:b4:2d:7f:2b:52:d0:17:a8:e6:32:22:ff:5b:
                    8c:eb:07:2c:51:47:64:a8:5c:49:59:cb:75:72:fc:
                    1b:ca:71:e8:9e:30:40:57:99:b0:df:3a:ac:f6:c2:
                    f9:a2:93:82:f8:58:dd:ea:4a:23:c2:2d:22:64:2f:
                    25:3d:b3:82:39:a7:c6:9d:6c:7b:d6:ee:d3:42:1f:
                    7e:52:5b:0a:8c:ba:2b:fa:22:68:c3:ab:73:85:d8:
                    c9:1a:39:c3:3b:66:52:17:7a:c7:8f:42:a0:6a:02:
                    98:f5:04:31:2b:2d:3c:74:92:77:a7:20:33:9d:8e:
                    13:d4:af:a8:13:44:33:04:a3:b7:86:fb:13:0d:2e:
                    8b:c8:cc:83:7d:a4:24:0c:03:81:f8:0d:cd:a2:b6:
                    6c:ea:af:f6:79:58:2d:87:1f:47:6a:ef:ad:94:95:
                    67:7f:d4:73:e9:74:ec:51:18:ae:56:c2:0a:d6:30:
                    4d:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:43:5B:0C:FF:8E:6E:27:B8:54:3E:9B:13:03:A5:15:57:8B:3A:C9
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/283d9ad9-8773-4702-8d3e-c2a0b3d78076.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.2.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:b9:4b:06:95:7d:a2:d2:c7:d7:16:1a:ba:de:b3:ec:ed:04:
         23:b0:db:52:53:eb:55:c9:0d:9d:85:1a:8a:b5:98:cf:e5:89:
         54:d8:fb:6a:80:c9:0f:47:c3:ac:be:96:32:3b:1e:4f:fd:81:
         c1:9c:29:de:b2:29:39:f7:4d:43:0f:90:8a:63:6f:36:93:55:
         00:12:9c:12:ad:45:9f:4c:f3:de:2a:10:54:2d:19:8f:05:7e:
         ca:a3:17:d4:81:86:2a:63:7e:6a:eb:bf:8c:be:e3:47:44:fc:
         de:6c:6b:40:ca:52:13:b1:0c:f9:13:15:ee:a2:bf:88:d9:a1:
         49:81:cb:19:07:5a:65:5d:3f:36:42:79:08:4b:22:7b:ec:ba:
         8c:68:12:28:ec:47:17:05:9e:6a:90:11:a2:cb:3b:1e:a3:82:
         a7:92:23:0e:47:2c:22:fb:61:c6:21:a7:35:dc:ba:74:82:5d:
         bd:e2:e8:53:48:34:c7:41:45:72:13:59:27:8d:71:62:51:1b:
         dd:56:22:a9:18:24:f6:7e:2d:e8:ba:02:2e:e2:ca:d3:8e:47:
         9f:08:ee:6e:2c:e9:e6:2a:f7:50:1b:70:b5:d8:39:f3:8d:75:
         7f:c7:ea:af:76:48:36:80:e8:ba:87:25:9f:82:e5:4c:d9:39:
         f2:47:99:b1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCosBU7R2LslA99lLqTXJ/uB2jtwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwODE4MTgwNzEyWhcNMjUwOTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BmZWU3ZDA5MjQ3MjVkNTdlNWY1Y2Y0MWQ1YTk1ODQxOWIy
OGY3OWViZGYwMTY2MjVlMWIxOGUyMTlhY2E2ZDAwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCt6F2rpydtVvAqXJ73bPmL9TTEziNZd8OKs4lsbPDybw9V
4/ZjmeE9G1SwpGVryH7W4tqeZPeyrpJFVlfaeXQ+CEWXasN0JkgWNreHtC1/K1LQ
F6jmMiL/W4zrByxRR2SoXElZy3Vy/BvKceieMEBXmbDfOqz2wvmik4L4WN3qSiPC
LSJkLyU9s4I5p8adbHvW7tNCH35SWwqMuiv6ImjDq3OF2MkaOcM7ZlIXesePQqBq
Apj1BDErLTx0knenIDOdjhPUr6gTRDMEo7eG+xMNLovIzIN9pCQMA4H4Dc2itmzq
r/Z5WC2HH0dq762UlWd/1HPpdOxRGK5WwgrWME1/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUPUNbDP+Obie4VD6bEwOlFVeLOskwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzI4M2Q5YWQ5LTg3NzMtNDcwMi04ZDNlLWMyYTBiM2Q3ODA3Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAADAkwwDQYJKoZIhvcNAQELBQADggEBAIq5SwaVfaLSx9cWGrres+ztBCOw
21JT61XJDZ2FGoq1mM/liVTY+2qAyQ9Hw6y+ljI7Hk/9gcGcKd6yKTn3TUMPkIpj
bzaTVQASnBKtRZ9M894qEFQtGY8FfsqjF9SBhipjfmrrv4y+40dE/N5sa0DKUhOx
DPkTFe6iv4jZoUmByxkHWmVdPzZCeQhLInvsuoxoEijsRxcFnmqQEaLLOx6jgqeS
Iw5HLCL7YcYhpzXcunSCXb3i6FNINMdBRXITWSeNcWJRG91WIqkYJPZ+Lei6Ai7i
ytOOR58I7m4s6eYq91AbcLXYOfONdX/H6q92SDaA6LqHJZ+C5UzZOfJHmbE=
-----END CERTIFICATE-----