Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7805d95a-a36d-4d38-8d31-3a2a7cfb7545.roa
File:                     7805d95a-a36d-4d38-8d31-3a2a7cfb7545.roa (raw, json)
Hash identifier:          GclJIv40AMGRI4Dz96CMhKEi65hhGy9ocKEO6KnYczo=
Subject key identifier:   68:A5:E0:3E:E0:06:76:0B:4A:FB:1F:BB:83:84:3F:83:AA:1B:05:40
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       3546F90FB1A7282F332B720CB097273551EB63B2
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7805d95a-a36d-4d38-8d31-3a2a7cfb7545.roa
Signing time:             Wed 25 Jun 2025 00:21:03 +0000
ROA not before:           Wed 25 Jun 2025 00:21:03 +0000
ROA not after:            Wed 30 Jul 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        52.93.243.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 01 Jul 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:46:f9:0f:b1:a7:28:2f:33:2b:72:0c:b0:97:27:35:51:eb:63:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun 25 00:21:03 2025 GMT
            Not After : Jul 30 23:59:59 2025 GMT
        Subject: serialNumber=ae741c8283f93413199a01b0de306d9cd53458c77a27f69d8916e6d036459fe9, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:e1:50:b0:23:f8:79:c6:e2:4b:0d:8b:a8:bf:
                    9c:ee:0e:a2:6e:17:20:1b:cb:ed:fa:e0:61:96:12:
                    cc:05:58:9b:e4:37:47:ca:92:2e:df:b6:e0:42:c7:
                    57:91:b6:89:f8:b6:d7:9b:c1:85:af:94:30:85:4b:
                    fc:62:57:e1:b2:ad:01:8c:4a:31:79:a3:1d:3d:a5:
                    9f:8c:fe:ba:cc:6f:1e:b5:60:4a:8b:85:60:84:e5:
                    11:3c:b1:8b:cb:65:31:e1:69:38:83:6a:e3:00:72:
                    5d:f9:49:bb:5e:49:55:30:87:87:67:c1:a1:c7:46:
                    0d:20:b4:57:9d:32:8b:82:1f:e5:8d:0b:5f:e9:0d:
                    7b:42:6b:36:5e:d5:dd:85:00:79:1f:ea:34:27:d8:
                    6a:41:9e:bb:84:9b:2d:91:68:97:76:9d:f1:b0:7f:
                    58:1d:97:44:ea:c8:20:dc:5b:2f:f6:b9:3d:0c:9b:
                    41:94:c8:0e:b4:3d:d8:79:bb:b7:30:fd:13:6e:f1:
                    c5:d7:7e:85:d7:2c:12:31:e6:89:56:fb:53:f3:21:
                    e4:ab:3a:31:40:8e:6b:f6:2f:96:1d:09:d7:b5:5e:
                    0a:a4:b4:43:38:95:37:b1:d6:cb:0a:e5:8d:51:8a:
                    29:77:d5:bf:71:04:e4:09:d5:1b:84:34:59:af:e6:
                    e1:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:A5:E0:3E:E0:06:76:0B:4A:FB:1F:BB:83:84:3F:83:AA:1B:05:40
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7805d95a-a36d-4d38-8d31-3a2a7cfb7545.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.93.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:eb:84:16:83:10:79:f2:83:6b:c3:9c:2e:e6:c6:d6:80:77:
         9b:80:f1:d1:81:7d:13:3e:0e:82:52:cc:56:d1:94:9f:f9:c9:
         f7:6f:ed:2b:ee:ad:e5:5f:0b:bc:03:ed:ee:c0:93:7d:9c:93:
         dc:48:2b:63:65:75:8a:f6:5b:fe:ae:11:32:35:cd:47:1a:07:
         1e:9a:af:73:29:f8:e0:a6:7c:e7:2c:50:0e:fa:1a:c7:ca:13:
         71:59:ba:65:6a:cc:59:95:54:5f:d9:79:17:75:ae:11:a8:01:
         ef:96:32:88:8b:9f:47:71:63:0d:41:a0:b0:34:71:fe:93:ed:
         8f:59:2d:69:2b:ce:12:99:83:45:97:ce:61:c7:43:14:5c:33:
         b0:96:2b:68:85:a1:bb:58:f3:5b:ef:13:77:eb:e0:b9:11:ff:
         4e:b5:fd:30:b7:c4:50:8f:18:6f:ea:bf:ed:bc:89:b4:98:e7:
         ed:8d:59:43:37:58:91:30:73:2f:b5:08:df:58:2c:87:9a:b0:
         b7:3c:3c:f6:8f:e6:da:cb:96:15:7a:1d:a1:11:ea:c8:70:e4:
         a9:8c:78:86:a0:84:14:85:61:7f:3d:63:e7:ef:71:6c:7c:7f:
         c3:a2:b0:20:a3:f4:32:eb:6b:76:5d:4c:73:01:65:b0:5b:35:
         c4:4c:85:96
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNUb5D7GnKC8zK3IMsJcnNVHrY7IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNjI1MDAyMTAzWhcNMjUwNzMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BhZTc0MWM4MjgzZjkzNDEzMTk5YTAxYjBkZTMwNmQ5Y2Q1
MzQ1OGM3N2EyN2Y2OWQ4OTE2ZTZkMDM2NDU5ZmU5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDi4VCwI/h5xuJLDYuov5zuDqJuFyAby+364GGWEswFWJvk
N0fKki7ftuBCx1eRton4ttebwYWvlDCFS/xiV+GyrQGMSjF5ox09pZ+M/rrMbx61
YEqLhWCE5RE8sYvLZTHhaTiDauMAcl35SbteSVUwh4dnwaHHRg0gtFedMouCH+WN
C1/pDXtCazZe1d2FAHkf6jQn2GpBnruEmy2RaJd2nfGwf1gdl0TqyCDcWy/2uT0M
m0GUyA60Pdh5u7cw/RNu8cXXfoXXLBIx5olW+1PzIeSrOjFAjmv2L5YdCde1Xgqk
tEM4lTex1ssK5Y1Riil31b9xBOQJ1RuENFmv5uF5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUaKXgPuAGdgtK+x+7g4Q/g6obBUAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzc4MDVkOTVhLWEzNmQtNGQzOC04ZDMxLTNhMmE3Y2ZiNzU0NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA0XfMwDQYJKoZIhvcNAQELBQADggEBAEzrhBaDEHnyg2vDnC7mxtaAd5uA
8dGBfRM+DoJSzFbRlJ/5yfdv7SvureVfC7wD7e7Ak32ck9xIK2NldYr2W/6uETI1
zUcaBx6ar3Mp+OCmfOcsUA76GsfKE3FZumVqzFmVVF/ZeRd1rhGoAe+WMoiLn0dx
Yw1BoLA0cf6T7Y9ZLWkrzhKZg0WXzmHHQxRcM7CWK2iFobtY81vvE3fr4LkR/061
/TC3xFCPGG/qv+28ibSY5+2NWUM3WJEwcy+1CN9YLIeasLc8PPaP5trLlhV6HaER
6shw5KmMeIaghBSFYX89Y+fvcWx8f8OisCCj9DLra3ZdTHMBZbBbNcRMhZY=
-----END CERTIFICATE-----