Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7805d95a-a36d-4d38-8d31-3a2a7cfb7545.roa
File:                     7805d95a-a36d-4d38-8d31-3a2a7cfb7545.roa (raw, json)
Hash identifier:          ynSkDN5g2Z1kHqxN+y4D5uKHiOK9j5aiJmE5FlTAIPw=
Subject key identifier:   E7:19:D1:59:81:67:06:C8:C1:2D:08:DB:A1:AE:25:B9:77:F8:07:99
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0FC09E9A1AAF79DC54FF7831234A44566153A2FD
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7805d95a-a36d-4d38-8d31-3a2a7cfb7545.roa
Signing time:             Fri 15 Aug 2025 15:00:24 +0000
ROA not before:           Fri 15 Aug 2025 15:00:24 +0000
ROA not after:            Fri 19 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        52.93.243.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:c0:9e:9a:1a:af:79:dc:54:ff:78:31:23:4a:44:56:61:53:a2:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Aug 15 15:00:24 2025 GMT
            Not After : Sep 19 23:59:59 2025 GMT
        Subject: serialNumber=e8a1c3df64728a48230efd5d319db26c3ea2306ab33340668a992227fe0dc318, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:30:2d:d1:67:e5:b6:bc:3b:1f:13:15:6c:6f:
                    85:b7:15:4d:0e:e6:34:6b:d2:40:4e:f2:a9:92:1a:
                    3d:22:cb:82:e1:c7:5b:42:51:df:b5:3f:8e:72:de:
                    57:cc:ec:b5:66:c7:54:e7:3f:69:eb:db:c2:ed:12:
                    c7:fe:c1:f0:0b:41:da:64:a8:12:8e:90:6f:cc:3a:
                    8b:ed:f7:47:c4:2c:b2:84:ca:2e:63:b5:6c:cc:63:
                    57:a2:ea:0f:ee:19:32:29:c4:12:89:52:95:93:ad:
                    2d:00:dd:7e:17:d0:21:4a:e8:7d:04:9f:34:ca:63:
                    5c:37:fb:af:03:9c:9b:03:9a:a2:f4:c3:d7:ce:7a:
                    b9:58:30:0b:9f:65:21:40:5c:d9:73:0f:ec:21:1e:
                    bf:77:2a:52:6e:8a:85:4c:2a:40:da:72:28:11:2d:
                    d1:ea:46:35:21:7b:9a:24:d0:17:66:ba:da:8c:6d:
                    06:26:dc:da:2a:ff:1e:35:c5:67:e9:7e:b2:7f:bd:
                    e1:28:5e:74:5a:fe:64:d9:30:84:96:38:b1:ba:bd:
                    f5:13:66:0d:ac:ba:44:27:61:6f:3b:7b:04:1a:59:
                    e2:33:19:87:6a:e9:56:bf:61:dc:4d:d7:9e:2a:6e:
                    ed:f8:52:e2:b1:48:bd:75:ca:b6:d8:2e:85:46:41:
                    db:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:19:D1:59:81:67:06:C8:C1:2D:08:DB:A1:AE:25:B9:77:F8:07:99
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7805d95a-a36d-4d38-8d31-3a2a7cfb7545.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.93.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:fb:99:44:d3:a6:50:7f:8a:70:13:79:36:72:ba:ae:62:4e:
         17:6e:10:47:90:0e:5d:e2:23:50:72:d1:06:b4:fa:a3:c6:19:
         62:bc:d4:19:36:18:9d:af:2c:b6:74:1b:21:90:a1:c5:44:cb:
         7f:f2:06:bc:34:d1:b4:e1:2a:88:e9:d0:5a:7e:03:e3:53:eb:
         ca:3b:15:96:86:eb:9d:92:ed:a4:91:b1:95:93:36:91:41:1b:
         31:87:f2:97:5b:18:78:19:01:d1:15:8c:9a:39:d6:f2:b6:46:
         c5:d1:9a:9a:cf:eb:6e:ae:cd:9a:6d:25:8b:76:e6:01:7e:44:
         8b:1d:b1:38:b5:8b:4d:73:7e:3c:53:d7:40:e9:c6:e8:e9:e1:
         cc:98:af:ff:05:e0:ff:a4:c3:ec:1a:1f:86:8b:31:46:e0:74:
         e0:a3:71:88:34:4c:6e:08:24:82:db:21:82:6c:ae:c7:0f:f8:
         53:58:fb:3c:8e:d6:a5:e5:ee:14:4d:d8:ad:de:19:e6:a3:f5:
         fa:39:df:ea:fc:22:ec:75:9f:22:5e:66:ab:e2:39:10:59:1a:
         90:21:a2:4b:a5:00:4b:36:7f:b4:fd:60:5d:af:73:80:d4:c7:
         5c:e3:e7:f4:e3:8c:f6:d5:23:ce:90:08:3b:e8:61:66:2a:15:
         3b:1b:fd:f5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUD8CemhqvedxU/3gxI0pEVmFTov0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwODE1MTUwMDI0WhcNMjUwOTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlOGExYzNkZjY0NzI4YTQ4MjMwZWZkNWQzMTlkYjI2YzNl
YTIzMDZhYjMzMzQwNjY4YTk5MjIyN2ZlMGRjMzE4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6MC3RZ+W2vDsfExVsb4W3FU0O5jRr0kBO8qmSGj0iy4Lh
x1tCUd+1P45y3lfM7LVmx1TnP2nr28LtEsf+wfALQdpkqBKOkG/MOovt90fELLKE
yi5jtWzMY1ei6g/uGTIpxBKJUpWTrS0A3X4X0CFK6H0EnzTKY1w3+68DnJsDmqL0
w9fOerlYMAufZSFAXNlzD+whHr93KlJuioVMKkDacigRLdHqRjUhe5ok0BdmutqM
bQYm3Noq/x41xWfpfrJ/veEoXnRa/mTZMISWOLG6vfUTZg2sukQnYW87ewQaWeIz
GYdq6Va/YdxN154qbu34UuKxSL11yrbYLoVGQdsnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5xnRWYFnBsjBLQjboa4luXf4B5kwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzc4MDVkOTVhLWEzNmQtNGQzOC04ZDMxLTNhMmE3Y2ZiNzU0NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA0XfMwDQYJKoZIhvcNAQELBQADggEBAET7mUTTplB/inATeTZyuq5iThdu
EEeQDl3iI1By0Qa0+qPGGWK81Bk2GJ2vLLZ0GyGQocVEy3/yBrw00bThKojp0Fp+
A+NT68o7FZaG652S7aSRsZWTNpFBGzGH8pdbGHgZAdEVjJo51vK2RsXRmprP626u
zZptJYt25gF+RIsdsTi1i01zfjxT10Dpxujp4cyYr/8F4P+kw+waH4aLMUbgdOCj
cYg0TG4IJILbIYJsrscP+FNY+zyO1qXl7hRN2K3eGeaj9fo53+r8Iux1nyJeZqvi
ORBZGpAhokulAEs2f7T9YF2vc4DUx1zj5/TjjPbVI86QCDvoYWYqFTsb/fU=
-----END CERTIFICATE-----