Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/92ddcfaf-d8a4-42b1-9cb3-cb4948b16c3f.roa
File:                     92ddcfaf-d8a4-42b1-9cb3-cb4948b16c3f.roa (raw, json)
Hash identifier:          y+9O66oz0tk6fKJhSSV7uvcyVNJA1gYIFs4F0GMeXpQ=
Subject key identifier:   49:23:42:F8:24:5A:86:24:41:4A:2F:9D:9D:A2:39:5C:C5:B2:A8:33
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6FDE6DFCEC2223B2E935272ED1E2E97A17000119
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/92ddcfaf-d8a4-42b1-9cb3-cb4948b16c3f.roa
Signing time:             Sun 19 Oct 2025 04:31:43 +0000
ROA not before:           Sun 19 Oct 2025 04:31:43 +0000
ROA not after:            Sun 23 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.155.76.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:de:6d:fc:ec:22:23:b2:e9:35:27:2e:d1:e2:e9:7a:17:00:01:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 19 04:31:43 2025 GMT
            Not After : Nov 23 23:59:59 2025 GMT
        Subject: serialNumber=cd5aecae2704090bfc13e706a3dfce4d2777e0222fd84cb024ca1724d9f58ada, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:65:60:25:f2:cd:8f:b9:17:cf:b7:e0:87:a2:
                    6c:95:e0:66:14:08:63:0e:02:a3:07:8d:e2:1a:17:
                    e0:27:f2:c9:c6:bc:5f:48:85:86:26:6b:20:0d:3c:
                    bf:60:87:c7:ff:b4:0b:50:78:ad:e1:0a:77:a5:68:
                    52:05:61:33:31:1b:f9:92:67:63:03:37:ca:c2:13:
                    d8:46:3f:e3:ee:d8:42:5d:bc:ab:5a:5f:4f:db:e6:
                    01:13:97:15:62:fa:d5:1a:f8:df:17:dd:67:15:a9:
                    c7:20:f4:2a:07:5d:c7:88:b6:cf:c5:6b:ed:cd:fe:
                    24:46:99:2e:1d:58:46:61:4c:0e:64:cd:4f:70:f1:
                    8a:b6:a5:79:a7:51:d7:f2:73:2c:e2:2f:96:ea:9c:
                    db:ab:f4:1c:aa:33:86:5a:67:af:a2:5e:6a:c6:ed:
                    dc:5e:b7:f1:98:ec:5b:51:2a:40:43:e1:84:b0:f3:
                    da:94:75:1a:d1:42:21:cb:51:5a:81:9a:56:e6:45:
                    19:91:b8:ea:b1:67:98:8a:0a:55:18:23:f3:58:66:
                    09:cc:01:92:52:d6:d5:ec:bc:50:3e:4e:f3:da:ca:
                    f6:b0:4d:d3:e2:8e:bf:e1:ce:5b:24:02:51:70:f4:
                    4d:58:de:2c:eb:16:df:dd:e2:46:cc:e6:4b:a5:55:
                    a0:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:23:42:F8:24:5A:86:24:41:4A:2F:9D:9D:A2:39:5C:C5:B2:A8:33
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/92ddcfaf-d8a4-42b1-9cb3-cb4948b16c3f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.155.76.0/23

    Signature Algorithm: sha256WithRSAEncryption
         49:78:99:e1:32:e6:47:79:74:eb:12:24:e6:47:e9:c5:5a:45:
         13:3e:41:ce:82:b7:ea:2e:e0:0e:2f:7f:61:63:bf:7b:41:6e:
         68:9f:18:6c:f1:f1:99:50:4d:bb:15:4d:ab:c1:03:4c:ab:b4:
         1c:44:c3:26:eb:92:13:20:dc:f8:b8:7c:07:ad:51:32:e8:d6:
         4e:71:83:d9:e1:b7:5e:73:fd:bf:bc:13:b1:5b:e3:a5:57:ac:
         ed:89:56:4e:11:5f:48:21:da:c0:32:df:fe:fb:af:4a:c9:58:
         b3:73:01:99:ef:e4:e4:69:c7:23:97:cf:e7:0f:68:07:ed:7f:
         30:68:b0:ce:e9:d4:d7:79:87:6b:85:f4:71:76:de:33:74:71:
         7f:86:87:af:cf:4f:d9:18:1e:80:5f:2e:4a:09:51:e2:4b:86:
         97:0d:2b:db:27:50:0f:2a:53:f7:89:32:d3:c7:68:92:f6:8a:
         23:ad:2d:cc:3e:69:f9:9a:c8:99:b6:09:51:b7:8b:a5:aa:72:
         da:5e:76:4d:39:3a:2a:a9:8f:3a:c8:d0:e7:21:40:5f:50:bd:
         d0:44:60:85:a4:54:5d:0e:5a:9a:c3:79:5d:24:27:38:8d:97:
         06:f1:85:35:ac:fb:f0:cb:0e:74:87:d4:a6:16:3b:8e:4f:61:
         68:c5:e2:45
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUb95t/OwiI7LpNScu0eLpehcAARkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE5MDQzMTQzWhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjZDVhZWNhZTI3MDQwOTBiZmMxM2U3MDZhM2RmY2U0ZDI3
NzdlMDIyMmZkODRjYjAyNGNhMTcyNGQ5ZjU4YWRhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2ZWAl8s2PuRfPt+CHomyV4GYUCGMOAqMHjeIaF+An8snG
vF9IhYYmayANPL9gh8f/tAtQeK3hCnelaFIFYTMxG/mSZ2MDN8rCE9hGP+Pu2EJd
vKtaX0/b5gETlxVi+tUa+N8X3WcVqccg9CoHXceIts/Fa+3N/iRGmS4dWEZhTA5k
zU9w8Yq2pXmnUdfycyziL5bqnNur9ByqM4ZaZ6+iXmrG7dxet/GY7FtRKkBD4YSw
89qUdRrRQiHLUVqBmlbmRRmRuOqxZ5iKClUYI/NYZgnMAZJS1tXsvFA+TvPayvaw
TdPijr/hzlskAlFw9E1Y3izrFt/d4kbM5kulVaBzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUSSNC+CRahiRBSi+dnaI5XMWyqDMwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzkyZGRjZmFmLWQ4YTQtNDJiMS05Y2IzLWNiNDk0OGIxNmMzZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAESm0wwDQYJKoZIhvcNAQELBQADggEBAEl4meEy5kd5dOsSJOZH6cVaRRM+
Qc6Ct+ou4A4vf2Fjv3tBbmifGGzx8ZlQTbsVTavBA0yrtBxEwybrkhMg3Pi4fAet
UTLo1k5xg9nht15z/b+8E7Fb46VXrO2JVk4RX0gh2sAy3/77r0rJWLNzAZnv5ORp
xyOXz+cPaAftfzBosM7p1Nd5h2uF9HF23jN0cX+Gh6/PT9kYHoBfLkoJUeJLhpcN
K9snUA8qU/eJMtPHaJL2iiOtLcw+afmayJm2CVG3i6Wqctpedk05OiqpjzrI0Och
QF9QvdBEYIWkVF0OWprDeV0kJziNlwbxhTWs+/DLDnSH1KYWO45PYWjF4kU=
-----END CERTIFICATE-----