Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b6d674d6-b09f-4cb6-86b4-df8cbbe986f6.roa
File:                     b6d674d6-b09f-4cb6-86b4-df8cbbe986f6.roa (raw, json)
Hash identifier:          J2FF1jkDZZOaxYJeyoZfgxeLizpX4dPuRFc7AWikNXE=
Subject key identifier:   C7:AC:75:B8:C6:61:2B:5C:CE:61:B7:4F:60:6A:4E:4A:09:14:EF:DD
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       3DED8C1A46C86A5D1E5EDFAC46D7C050777C36
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b6d674d6-b09f-4cb6-86b4-df8cbbe986f6.roa
Signing time:             Sat 18 Oct 2025 19:10:12 +0000
ROA not before:           Sat 18 Oct 2025 19:10:12 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.244.116.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:ed:8c:1a:46:c8:6a:5d:1e:5e:df:ac:46:d7:c0:50:77:7c:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 18 19:10:12 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=29821d98b7190bab3d30dff93f80b113ae0fe44b0b5455f415da404ff687249a, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:0d:94:ca:54:55:4d:ab:50:02:03:d8:04:d3:
                    9c:02:e7:15:45:7c:ad:c6:2f:c6:9a:33:33:fc:74:
                    01:93:f4:ba:d4:3c:64:33:cb:f6:d9:7b:3d:a8:6d:
                    64:b8:e5:e6:52:a9:35:f3:1e:a4:e9:db:54:3e:53:
                    07:2a:54:f1:25:56:70:d1:d1:35:02:97:2b:9c:66:
                    fa:7f:83:d2:13:41:47:92:df:05:10:67:49:ed:03:
                    07:a7:47:aa:57:cf:20:da:9c:2d:02:9c:8f:6e:70:
                    d5:54:88:bf:06:7f:97:6d:a8:1b:8b:67:3a:71:7b:
                    82:4c:58:0d:75:9a:1d:47:7d:86:dc:e4:a7:cb:41:
                    85:07:68:70:e4:74:4e:1b:13:5e:16:02:1c:f7:62:
                    c0:f2:42:99:b5:af:de:d9:da:5e:0c:6f:62:3b:c7:
                    07:1b:6e:73:ee:f4:dc:02:4c:f6:55:4b:41:c6:d7:
                    8a:c1:c4:60:8f:82:e0:23:8f:a2:80:c3:a1:5e:01:
                    c0:38:5e:73:92:0e:36:ea:3f:5e:00:e2:ef:4c:da:
                    b3:02:34:77:04:a6:f5:b3:16:73:fc:db:a7:79:80:
                    e7:1d:b8:05:11:fe:16:2e:38:2f:ab:61:c3:8b:49:
                    93:ee:5b:be:27:dc:c0:fd:f5:8e:4b:aa:1b:a5:03:
                    37:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:AC:75:B8:C6:61:2B:5C:CE:61:B7:4F:60:6A:4E:4A:09:14:EF:DD
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b6d674d6-b09f-4cb6-86b4-df8cbbe986f6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.244.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1c:17:88:62:74:af:3b:62:d1:c2:d4:7b:ff:83:d8:c9:a4:fa:
         0f:19:c7:d1:20:d6:41:eb:3a:a3:29:8b:9a:a3:29:87:c7:c1:
         eb:7e:fa:b9:e6:3e:58:4c:a0:40:5b:48:33:d4:10:21:54:d5:
         41:5c:6a:31:39:0d:8e:ce:24:00:f9:8b:a9:db:e8:1f:b1:d5:
         c3:f0:05:5e:6e:94:97:e0:24:d3:69:84:39:7d:e3:32:f0:af:
         ac:29:0e:30:17:14:d1:33:2a:5f:06:96:50:eb:ed:1b:de:d3:
         a4:0a:93:9c:6e:2a:e6:91:bd:ab:b1:ab:48:34:cb:96:65:70:
         97:de:7c:83:4b:5c:b0:a8:e5:37:f5:aa:01:aa:62:4f:ec:1c:
         00:38:67:79:ce:63:73:c5:04:84:65:2e:21:56:0e:31:87:30:
         3e:b6:97:52:01:d2:5f:f6:13:7c:4c:01:c0:3a:80:d1:d9:33:
         5f:d2:4b:e7:0d:5f:61:e7:41:71:bb:21:ba:7a:9b:d9:ac:a4:
         a1:cc:d4:1e:63:44:39:c3:2c:7d:f3:39:7e:f8:de:0f:e6:8c:
         9c:67:bb:0b:ff:86:dc:1a:a7:47:25:49:ba:fc:1e:17:a7:d1:
         b0:2d:11:fd:ad:63:1b:28:7e:13:1d:db:cd:60:2c:41:55:dd:
         da:a2:4e:e3
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITPe2MGkbIal0eXt+sRtfAUHd8NjANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzJkZjZmM2IzYTM0YjYzODZkMWEzMmQ4ZjRmYTMxNzhlZjMx
ODg3ZDhiNDI4ZGZhYTQ3NjAeFw0yNTEwMTgxOTEwMTJaFw0yNTExMjIyMzU5NTla
MHoxSTBHBgNVBAUTQDI5ODIxZDk4YjcxOTBiYWIzZDMwZGZmOTNmODBiMTEzYWUw
ZmU0NGIwYjU0NTVmNDE1ZGE0MDRmZjY4NzI0OWExLTArBgNVBAMTJDVmMjc2MDQ1
LTViOWYtNDVlZi05MjNkLWYzZmNlMjRhNjIyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANsNlMpUVU2rUAID2ATTnALnFUV8rcYvxpozM/x0AZP0utQ8
ZDPL9tl7PahtZLjl5lKpNfMepOnbVD5TBypU8SVWcNHRNQKXK5xm+n+D0hNBR5Lf
BRBnSe0DB6dHqlfPINqcLQKcj25w1VSIvwZ/l22oG4tnOnF7gkxYDXWaHUd9htzk
p8tBhQdocOR0ThsTXhYCHPdiwPJCmbWv3tnaXgxvYjvHBxtuc+703AJM9lVLQcbX
isHEYI+C4COPooDDoV4BwDhec5IONuo/XgDi70zaswI0dwSm9bMWc/zbp3mA5x24
BRH+Fi44L6thw4tJk+5bvifcwP31jkuqG6UDN8cCAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBTHrHW4xmErXM5ht09gak5KCRTv3TAfBgNVHSMEGDAWgBQlrdNCsB63pY6t
GZAmiLVLP4H0uDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzg1MWNlZjE3LTEz
MmEtNDMzNy1iN2QxLWJmMTZhNTJmZmQwMy9kZjZmM2IzYTM0YjYzODZkMWEzMmQ4
ZjRmYTMxNzhlZjMxODg3ZDhiNDI4ZGZhYTQ3Ni5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9mNzAzNjk2ZS1lNDdiLTRjMjAtYmQ5My02Zjgw
OTA0ZTQyZDIvYjZkNjc0ZDYtYjA5Zi00Y2I2LTg2YjQtZGY4Y2JiZTk4NmY2LnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMt
NmY4MDkwNGU0MmQyL3RqaHRHakxZOVBveGVPOHhpSDJMUW8zNnBIWS5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAhL0dDANBgkqhkiG9w0BAQsFAAOCAQEAHBeIYnSvO2LRwtR7/4PYyaT6DxnH
0SDWQes6oymLmqMph8fB6376ueY+WEygQFtIM9QQIVTVQVxqMTkNjs4kAPmLqdvo
H7HVw/AFXm6Ul+Ak02mEOX3jMvCvrCkOMBcU0TMqXwaWUOvtG97TpAqTnG4q5pG9
q7GrSDTLlmVwl958g0tcsKjlN/WqAapiT+wcADhnec5jc8UEhGUuIVYOMYcwPraX
UgHSX/YTfEwBwDqA0dkzX9JL5w1fYedBcbshunqb2aykoczUHmNEOcMsffM5fvje
D+aMnGe7C/+G3BqnRyVJuvweF6fRsC0R/a1jGyh+Ex3bzWAsQVXd2qJO4w==
-----END CERTIFICATE-----