Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b9aaad2e-a3d6-4f43-9732-06548d2fd3a3.roa
File:                     b9aaad2e-a3d6-4f43-9732-06548d2fd3a3.roa (raw, json)
Hash identifier:          voMZzbxpOIg/ePpofyuE1k3jR5riSNysAtEGhRwp01w=
Subject key identifier:   3E:AF:16:28:48:E6:EB:0D:0B:1E:A7:DE:6E:D6:00:7C:9C:10:B1:38
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       71528336CF46DBAA67C9D3A38BA717C5E3290B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b9aaad2e-a3d6-4f43-9732-06548d2fd3a3.roa
Signing time:             Mon 20 Oct 2025 07:53:47 +0000
ROA not before:           Mon 20 Oct 2025 07:53:47 +0000
ROA not after:            Mon 24 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.160.210.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:52:83:36:cf:46:db:aa:67:c9:d3:a3:8b:a7:17:c5:e3:29:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 20 07:53:47 2025 GMT
            Not After : Nov 24 23:59:59 2025 GMT
        Subject: serialNumber=6d9f65145a8ecb87c496cb2a0d53d608618f4707b537a696a669c9d46133f5f2, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:35:97:10:0e:7c:6a:dd:d8:11:1c:1c:c0:20:
                    b4:f4:0e:00:bc:5d:00:5f:3b:1a:0f:d4:e9:37:13:
                    08:ed:63:70:07:f6:27:9f:dd:da:5f:0d:6a:17:3e:
                    dd:91:26:79:23:20:96:2a:38:1e:f5:2d:1b:f7:98:
                    c1:53:5c:7e:c9:56:4d:82:18:7b:e0:b2:32:cb:ad:
                    8b:b0:75:1d:1e:16:5d:22:2b:76:95:48:a8:a9:76:
                    37:8d:dd:42:df:91:da:20:d6:7f:21:a5:b4:5a:4a:
                    8b:a9:11:d3:43:b7:3b:f4:cd:53:76:57:0b:25:89:
                    c5:fa:31:61:d7:e2:7a:38:f1:75:b3:e6:26:5f:ff:
                    b4:1b:12:5c:e6:61:44:53:a3:ae:df:95:1e:c7:c0:
                    ee:91:41:0f:85:b6:e4:46:2d:46:fa:5b:70:90:5e:
                    8d:ef:51:79:d4:94:17:a9:6b:c6:9d:77:23:52:10:
                    57:c7:51:1f:12:87:b5:0d:66:66:3d:f8:12:17:58:
                    ac:b9:e7:d2:a8:98:57:dd:8e:82:cc:27:72:7f:25:
                    50:06:2b:d2:b2:4e:6b:a1:c1:af:26:a8:ad:94:48:
                    54:91:3b:0b:44:70:29:a7:66:51:0f:93:18:99:21:
                    df:47:8d:5c:02:90:9f:0e:4a:bd:3b:99:c4:66:d7:
                    4a:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:AF:16:28:48:E6:EB:0D:0B:1E:A7:DE:6E:D6:00:7C:9C:10:B1:38
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b9aaad2e-a3d6-4f43-9732-06548d2fd3a3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.160.210.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a5:e4:ff:6c:02:1b:b7:db:3a:d0:b6:8c:fc:5b:b0:b7:d9:79:
         c6:42:cb:72:f1:62:cf:a9:5c:50:00:4c:b1:49:c3:df:b8:f4:
         d3:2a:54:21:4c:c0:9d:a2:dd:49:ad:9f:0c:d6:f9:a9:48:f8:
         f7:4b:69:ae:6b:08:3e:91:be:44:c6:90:6b:aa:cd:c8:6b:f2:
         53:8f:a0:71:ac:8c:e6:75:02:d4:63:49:65:5d:2e:3f:ef:c6:
         b2:63:79:2d:c4:bd:76:61:59:40:a3:ac:36:65:22:8f:df:f8:
         84:e2:e3:46:fc:1f:5d:5d:e8:b7:d0:68:7f:33:8d:7f:58:2e:
         52:8d:f6:c1:c2:a6:60:94:e0:fa:03:ec:b8:f3:ff:5d:2e:78:
         8c:45:fe:86:fb:46:16:58:ea:7a:ad:6f:02:14:a5:72:c3:5b:
         39:fa:7a:dc:48:ea:52:d1:8c:5e:96:09:99:6a:51:64:e9:45:
         d5:d4:8d:12:28:76:f5:dc:94:39:22:b0:1a:5d:d0:8f:f9:50:
         79:d2:63:b1:63:fc:71:26:60:b5:d8:11:89:9d:a3:27:4c:b3:
         7c:0b:2b:f7:d8:9c:18:59:7d:b5:77:c8:1b:df:6d:af:ce:e1:
         15:55:59:66:3d:f3:60:1b:96:75:78:01:36:a2:88:77:9f:90:
         01:02:ec:4a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITcVKDNs9G26pnydOji6cXxeMpCzANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzJkZjZmM2IzYTM0YjYzODZkMWEzMmQ4ZjRmYTMxNzhlZjMx
ODg3ZDhiNDI4ZGZhYTQ3NjAeFw0yNTEwMjAwNzUzNDdaFw0yNTExMjQyMzU5NTla
MHoxSTBHBgNVBAUTQDZkOWY2NTE0NWE4ZWNiODdjNDk2Y2IyYTBkNTNkNjA4NjE4
ZjQ3MDdiNTM3YTY5NmE2NjljOWQ0NjEzM2Y1ZjIxLTArBgNVBAMTJDVmMjc2MDQ1
LTViOWYtNDVlZi05MjNkLWYzZmNlMjRhNjIyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMU1lxAOfGrd2BEcHMAgtPQOALxdAF87Gg/U6TcTCO1jcAf2
J5/d2l8Nahc+3ZEmeSMglio4HvUtG/eYwVNcfslWTYIYe+CyMsuti7B1HR4WXSIr
dpVIqKl2N43dQt+R2iDWfyGltFpKi6kR00O3O/TNU3ZXCyWJxfoxYdfiejjxdbPm
Jl//tBsSXOZhRFOjrt+VHsfA7pFBD4W25EYtRvpbcJBeje9RedSUF6lrxp13I1IQ
V8dRHxKHtQ1mZj34EhdYrLnn0qiYV92Ogswncn8lUAYr0rJOa6HBryaorZRIVJE7
C0RwKadmUQ+TGJkh30eNXAKQnw5KvTuZxGbXSj8CAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBQ+rxYoSObrDQsep95u1gB8nBCxODAfBgNVHSMEGDAWgBQlrdNCsB63pY6t
GZAmiLVLP4H0uDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzg1MWNlZjE3LTEz
MmEtNDMzNy1iN2QxLWJmMTZhNTJmZmQwMy9kZjZmM2IzYTM0YjYzODZkMWEzMmQ4
ZjRmYTMxNzhlZjMxODg3ZDhiNDI4ZGZhYTQ3Ni5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9mNzAzNjk2ZS1lNDdiLTRjMjAtYmQ5My02Zjgw
OTA0ZTQyZDIvYjlhYWFkMmUtYTNkNi00ZjQzLTk3MzItMDY1NDhkMmZkM2EzLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMt
NmY4MDkwNGU0MmQyL3RqaHRHakxZOVBveGVPOHhpSDJMUW8zNnBIWS5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAQOg0jANBgkqhkiG9w0BAQsFAAOCAQEApeT/bAIbt9s60LaM/Fuwt9l5xkLL
cvFiz6lcUABMsUnD37j00ypUIUzAnaLdSa2fDNb5qUj490tprmsIPpG+RMaQa6rN
yGvyU4+gcayM5nUC1GNJZV0uP+/GsmN5LcS9dmFZQKOsNmUij9/4hOLjRvwfXV3o
t9BofzONf1guUo32wcKmYJTg+gPsuPP/XS54jEX+hvtGFljqeq1vAhSlcsNbOfp6
3EjqUtGMXpYJmWpRZOlF1dSNEih29dyUOSKwGl3Qj/lQedJjsWP8cSZgtdgRiZ2j
J0yzfAsr99icGFl9tXfIG99tr87hFVVZZj3zYBuWdXgBNqKId5+QAQLsSg==
-----END CERTIFICATE-----