Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7350acf9-3b36-491e-b975-ca6cd6b65626.roa
File:                     7350acf9-3b36-491e-b975-ca6cd6b65626.roa (raw, json)
Hash identifier:          guSw17tx/A0hT3EhbCYvnleIdbU5BKd7rQVNHWzlYcs=
Subject key identifier:   AC:C2:52:43:F1:72:58:6E:DE:ED:24:3B:86:54:84:CC:D7:A0:6E:7C
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       57B7C392142BF1CA9D569FD000CE294E85D209DB
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7350acf9-3b36-491e-b975-ca6cd6b65626.roa
Signing time:             Sat 18 Oct 2025 07:13:10 +0000
ROA not before:           Sat 18 Oct 2025 07:13:10 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.244.5.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:b7:c3:92:14:2b:f1:ca:9d:56:9f:d0:00:ce:29:4e:85:d2:09:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 18 07:13:10 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=42feb56b45109f6d61be47566cd16469e42a2c34b9e2b84485fad2b4ba352c56, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:f5:b4:a8:45:5e:0d:2f:fd:00:0e:73:64:00:
                    e5:3f:90:74:98:77:66:06:e4:8b:97:52:c6:40:fa:
                    20:96:70:02:ae:bd:17:f1:cb:d5:65:a8:b7:03:b4:
                    8b:d0:03:c6:14:1a:c2:14:6f:99:02:a7:4b:24:73:
                    76:d2:3d:c4:52:b6:96:5d:6a:c9:99:aa:e6:f8:4d:
                    d5:7b:99:1d:b3:17:f8:2a:cd:2d:ea:05:26:01:34:
                    bd:f5:0b:2d:9f:60:fd:8a:97:90:6f:66:46:55:37:
                    60:c1:93:5e:77:ba:52:19:f7:d3:ae:d1:d2:c2:0e:
                    d0:f5:9c:53:ed:1c:ff:b7:50:24:e0:e6:e3:15:ce:
                    78:6e:2b:4a:35:1a:56:b4:92:8e:78:46:63:7c:36:
                    d7:c6:47:e0:67:a2:1b:8c:13:f8:da:cc:a6:d6:a1:
                    b9:22:60:60:9e:c1:8c:17:8f:95:ab:04:89:1d:ef:
                    c0:0c:e9:05:d4:82:f7:2a:13:a0:52:ac:6c:bf:19:
                    9c:06:2e:d6:65:38:e4:6f:fa:ff:df:e3:d2:78:b4:
                    18:72:59:15:16:81:c3:84:4b:ce:c1:e4:2d:7f:65:
                    7d:25:36:fe:cf:70:ec:7c:2e:a4:51:10:73:a4:0d:
                    0d:e5:40:2f:46:f5:e3:52:01:43:97:e8:19:c2:37:
                    55:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:C2:52:43:F1:72:58:6E:DE:ED:24:3B:86:54:84:CC:D7:A0:6E:7C
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7350acf9-3b36-491e-b975-ca6cd6b65626.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.244.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:05:5a:4e:9d:be:10:bb:22:1a:fa:d6:97:af:ab:15:c7:d3:
         bf:83:d4:fa:d2:66:91:ab:bc:d0:0c:12:1c:ef:3b:71:10:8c:
         f4:16:cf:3c:09:86:91:1e:ed:9e:a7:4d:d4:df:a0:f2:0b:8e:
         0c:1a:5a:a1:f4:dc:fe:8b:d0:d3:52:f3:5e:53:c6:db:1b:0b:
         be:95:b2:95:85:5b:51:3f:89:77:1d:9b:15:d6:76:5f:93:8e:
         dc:9d:c6:03:77:41:a0:91:92:81:c4:37:af:e7:e5:7f:fc:d5:
         0d:12:74:65:8e:2e:d5:b9:58:e5:28:b3:cc:e6:ca:47:d4:0a:
         f2:42:1b:68:ab:f0:f8:1a:ef:a8:b6:94:a3:ac:fd:da:48:20:
         0d:3c:d6:67:61:9e:9b:d9:66:a4:e7:fb:f4:9d:91:bf:84:84:
         f8:45:fe:28:2c:aa:2a:53:0f:6e:f6:cb:fd:b5:79:80:ee:be:
         fe:a8:7c:aa:e7:4e:92:ba:28:d3:88:56:1b:a4:2c:22:97:68:
         5a:34:f4:66:a5:74:01:87:d4:9b:d8:34:2a:6d:87:91:06:40:
         5e:79:6f:66:b6:d7:9e:e0:13:a2:9e:ed:a7:2a:a1:6f:68:8a:
         1d:f4:45:13:ed:3d:39:02:e0:63:fd:cb:66:53:b0:f6:43:dd:
         f6:46:49:61
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUV7fDkhQr8cqdVp/QAM4pToXSCdswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE4MDcxMzEwWhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A0MmZlYjU2YjQ1MTA5ZjZkNjFiZTQ3NTY2Y2QxNjQ2OWU0
MmEyYzM0YjllMmI4NDQ4NWZhZDJiNGJhMzUyYzU2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCC9bSoRV4NL/0ADnNkAOU/kHSYd2YG5IuXUsZA+iCWcAKu
vRfxy9VlqLcDtIvQA8YUGsIUb5kCp0skc3bSPcRStpZdasmZqub4TdV7mR2zF/gq
zS3qBSYBNL31Cy2fYP2Kl5BvZkZVN2DBk153ulIZ99Ou0dLCDtD1nFPtHP+3UCTg
5uMVznhuK0o1Gla0ko54RmN8NtfGR+BnohuME/jazKbWobkiYGCewYwXj5WrBIkd
78AM6QXUgvcqE6BSrGy/GZwGLtZlOORv+v/f49J4tBhyWRUWgcOES87B5C1/ZX0l
Nv7PcOx8LqRREHOkDQ3lQC9G9eNSAUOX6BnCN1VVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUrMJSQ/FyWG7e7SQ7hlSEzNegbnwwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzczNTBhY2Y5LTNiMzYtNDkxZS1iOTc1LWNhNmNkNmI2NTYyNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAS9AUwDQYJKoZIhvcNAQELBQADggEBAHsFWk6dvhC7Ihr61pevqxXH07+D
1PrSZpGrvNAMEhzvO3EQjPQWzzwJhpEe7Z6nTdTfoPILjgwaWqH03P6L0NNS815T
xtsbC76VspWFW1E/iXcdmxXWdl+TjtydxgN3QaCRkoHEN6/n5X/81Q0SdGWOLtW5
WOUos8zmykfUCvJCG2ir8Pga76i2lKOs/dpIIA081mdhnpvZZqTn+/Sdkb+EhPhF
/igsqipTD272y/21eYDuvv6ofKrnTpK6KNOIVhukLCKXaFo09GaldAGH1JvYNCpt
h5EGQF55b2a2157gE6Ke7acqoW9oih30RRPtPTkC4GP9y2ZTsPZD3fZGSWE=
-----END CERTIFICATE-----