Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a75187c8-f4dc-4841-a284-6d39f4bc3430.roa
File:                     a75187c8-f4dc-4841-a284-6d39f4bc3430.roa (raw, json)
Hash identifier:          v1AjaDoEMtP3LtMu/nBR/NzJTgaYSMAgx+n8WR+7TVA=
Subject key identifier:   0E:46:A3:DA:7B:B2:BB:EA:EB:62:9F:52:31:D8:B9:EF:AB:23:5E:70
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       12793841F0F27AF204B805BB7B19E9580524DD7D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a75187c8-f4dc-4841-a284-6d39f4bc3430.roa
Signing time:             Sun 19 Oct 2025 15:03:36 +0000
ROA not before:           Sun 19 Oct 2025 15:03:36 +0000
ROA not after:            Sun 23 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.225.146.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:79:38:41:f0:f2:7a:f2:04:b8:05:bb:7b:19:e9:58:05:24:dd:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 19 15:03:36 2025 GMT
            Not After : Nov 23 23:59:59 2025 GMT
        Subject: serialNumber=caf41838b0cdca014491e12cef279605b5e26db983c7499f2ef398cc842eb532, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:f9:fa:1a:8f:35:a6:37:8e:73:95:ac:77:1b:
                    97:9b:49:7e:dd:f6:27:bd:cd:d4:a6:8f:60:42:c8:
                    7b:60:2d:43:ee:cb:79:54:e1:2d:c3:82:9d:f3:43:
                    59:b2:9d:58:45:2b:e8:4b:20:cd:b3:47:d0:27:be:
                    8f:d4:67:8b:2c:93:00:4c:6f:52:75:e8:4f:e7:5b:
                    0f:1f:da:81:ea:d2:3e:57:06:ae:d2:f1:93:d6:c8:
                    f2:b7:35:86:18:54:6d:f6:b6:d7:d1:6d:ac:c4:0f:
                    f6:e5:9e:61:0f:58:d7:2e:dc:be:bf:82:9b:3f:7a:
                    58:5d:79:a7:f3:0f:59:a9:c6:4d:01:5f:81:6f:3a:
                    93:bd:1c:37:7f:c7:77:72:f5:f6:f6:70:f9:7e:62:
                    60:30:9c:63:16:45:7b:35:99:42:77:c0:cc:f5:85:
                    76:da:41:0a:f7:aa:bd:36:fe:9b:32:55:bd:a8:3b:
                    5e:47:a2:91:9e:78:54:cb:27:39:b3:80:99:c5:74:
                    df:bc:4e:89:ea:25:5c:66:84:74:72:41:07:19:4a:
                    47:59:f7:09:d7:ce:b1:93:bb:0b:b5:0e:49:c4:b2:
                    68:05:2c:ea:c4:5e:3e:4e:11:b4:5b:a7:b9:9a:6a:
                    72:b0:c5:c8:26:91:d1:f0:6c:04:a7:52:68:b2:d6:
                    0b:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:46:A3:DA:7B:B2:BB:EA:EB:62:9F:52:31:D8:B9:EF:AB:23:5E:70
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a75187c8-f4dc-4841-a284-6d39f4bc3430.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.225.146.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ac:d5:35:85:d8:cb:07:af:72:ac:f4:fa:0b:e7:e4:36:f3:a1:
         a1:6f:12:57:80:a2:d5:4a:59:c6:ad:92:9b:05:7b:8c:94:e9:
         96:b7:33:76:4e:ff:11:f7:8c:e2:fb:27:f3:a7:84:13:da:d2:
         4c:66:5f:6c:04:b3:05:f8:79:33:83:2e:33:21:60:64:55:de:
         37:48:cf:d8:24:d7:e7:a0:bd:90:28:ec:82:2f:0e:28:bf:06:
         70:cb:fb:e8:b4:e6:8a:14:6e:0b:1e:cf:0b:33:8b:fe:85:26:
         ff:80:7c:6d:3e:66:22:10:4c:da:ca:3c:4e:f1:81:22:fe:b2:
         b3:5c:2e:90:e2:46:bb:a6:d5:7f:db:23:e8:2a:ea:f9:5e:6b:
         49:9a:c3:fe:d7:34:4a:d2:9e:6d:90:71:9d:7a:f7:17:da:9a:
         99:08:e7:8e:51:cb:22:15:3d:57:11:dd:b5:21:45:5c:22:d0:
         12:cf:51:82:02:0a:5d:a0:d0:27:fe:9f:ea:92:e4:c3:7b:4d:
         8c:5e:3b:da:7e:85:18:3a:8f:16:a9:f6:e5:5c:e5:91:84:37:
         d5:e6:5c:a9:2c:a9:92:a8:94:41:57:08:51:51:90:60:dc:42:
         3f:13:3e:7e:ea:fb:e4:63:7c:c2:b3:70:50:8b:56:3f:c6:63:
         60:ec:33:aa
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEnk4QfDyevIEuAW7exnpWAUk3X0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE5MTUwMzM2WhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjYWY0MTgzOGIwY2RjYTAxNDQ5MWUxMmNlZjI3OTYwNWI1
ZTI2ZGI5ODNjNzQ5OWYyZWYzOThjYzg0MmViNTMyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCi+foajzWmN45zlax3G5ebSX7d9ie9zdSmj2BCyHtgLUPu
y3lU4S3Dgp3zQ1mynVhFK+hLIM2zR9Anvo/UZ4sskwBMb1J16E/nWw8f2oHq0j5X
Bq7S8ZPWyPK3NYYYVG32ttfRbazED/blnmEPWNcu3L6/gps/elhdeafzD1mpxk0B
X4FvOpO9HDd/x3dy9fb2cPl+YmAwnGMWRXs1mUJ3wMz1hXbaQQr3qr02/psyVb2o
O15HopGeeFTLJzmzgJnFdN+8TonqJVxmhHRyQQcZSkdZ9wnXzrGTuwu1DknEsmgF
LOrEXj5OEbRbp7maanKwxcgmkdHwbASnUmiy1gtBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUDkaj2nuyu+rrYp9SMdi576sjXnAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2E3NTE4N2M4LWY0ZGMtNDg0MS1hMjg0LTZkMzlmNGJjMzQzMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEN4ZIwDQYJKoZIhvcNAQELBQADggEBAKzVNYXYywevcqz0+gvn5DbzoaFv
EleAotVKWcatkpsFe4yU6Za3M3ZO/xH3jOL7J/OnhBPa0kxmX2wEswX4eTODLjMh
YGRV3jdIz9gk1+egvZAo7IIvDii/BnDL++i05ooUbgsezwszi/6FJv+AfG0+ZiIQ
TNrKPE7xgSL+srNcLpDiRrum1X/bI+gq6vlea0maw/7XNErSnm2QcZ169xfampkI
545RyyIVPVcR3bUhRVwi0BLPUYICCl2g0Cf+n+qS5MN7TYxeO9p+hRg6jxap9uVc
5ZGEN9XmXKksqZKolEFXCFFRkGDcQj8TPn7q++RjfMKzcFCLVj/GY2DsM6o=
-----END CERTIFICATE-----