Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bc2fc086-41fe-4ccc-8335-5e3a89d95c41.roa
File:                     bc2fc086-41fe-4ccc-8335-5e3a89d95c41.roa (raw, json)
Hash identifier:          a9YEPRO5z130XDfuSjtNYTS+c3cdOCjfIggNt0KsgN8=
Subject key identifier:   95:FD:E9:5D:DC:64:87:04:7E:B2:A0:B3:B3:3F:94:93:03:9E:1F:B1
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5FAB1E262167E17F3D3BDEE096D02F3DC6B1900B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bc2fc086-41fe-4ccc-8335-5e3a89d95c41.roa
Signing time:             Sun 19 Oct 2025 22:13:54 +0000
ROA not before:           Sun 19 Oct 2025 22:13:54 +0000
ROA not after:            Sun 23 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.227.101.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:ab:1e:26:21:67:e1:7f:3d:3b:de:e0:96:d0:2f:3d:c6:b1:90:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 19 22:13:54 2025 GMT
            Not After : Nov 23 23:59:59 2025 GMT
        Subject: serialNumber=47642c2d4516f7c287bb43762acf9ccb9e12aa89e2edc8d26e1b6c9af24c28e9, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:4e:fd:a2:f9:4c:25:ba:8b:e2:c6:5f:6e:9c:
                    b9:7c:36:d7:87:7d:94:d5:70:63:c5:2c:d2:11:72:
                    7e:2c:a5:37:40:37:21:a4:4b:f2:8d:f6:9e:42:9a:
                    c9:05:46:01:a9:50:a5:34:3e:8f:06:0e:7e:15:71:
                    c2:89:61:25:ab:33:24:de:cf:38:cf:6c:80:ce:9b:
                    43:91:2f:50:60:f3:75:1d:2d:b7:49:04:00:55:c4:
                    01:42:4a:ce:26:fb:e7:49:d3:5b:4d:2e:81:27:24:
                    93:b1:36:09:d4:b7:21:94:eb:a6:24:ef:b3:2f:28:
                    04:81:dd:f2:a6:69:25:4e:0a:ad:af:e0:83:22:0b:
                    0f:a1:ae:25:7a:21:02:d7:5f:15:b8:c6:32:7c:07:
                    01:63:ba:61:18:91:fb:41:8d:16:01:ba:c6:7c:0d:
                    ad:5e:bd:61:b6:1f:7c:60:19:0d:f8:e9:e4:75:f2:
                    bd:7e:51:d9:70:ce:3a:df:d9:6a:67:1e:e8:7f:90:
                    4e:14:79:f7:7d:22:21:e0:e3:e8:c0:97:b4:8a:e7:
                    49:44:53:6d:3c:29:5e:8d:fc:64:14:b8:5d:f2:7c:
                    70:3c:a2:af:92:91:e7:28:4f:f1:d2:85:43:71:08:
                    55:6f:3b:8f:d8:b9:0b:bd:b2:59:71:ee:c0:45:2a:
                    c9:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:FD:E9:5D:DC:64:87:04:7E:B2:A0:B3:B3:3F:94:93:03:9E:1F:B1
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bc2fc086-41fe-4ccc-8335-5e3a89d95c41.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.227.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:72:3b:70:a2:42:1f:6b:9e:75:0a:e5:f4:1f:92:4e:77:13:
         ab:a6:d8:10:d3:d5:be:c5:06:74:02:d5:f4:d1:f0:1b:73:2b:
         ee:44:ca:94:a6:43:00:71:5e:5a:fd:cb:58:15:3b:c8:f6:1f:
         df:a0:07:11:c9:91:67:d3:58:81:f7:7d:46:b4:c1:cc:57:2f:
         92:77:95:6e:6a:e9:6b:f5:de:5c:ca:45:28:3e:d3:8a:d1:ed:
         a6:9c:a3:7d:a9:91:19:48:f0:0c:38:f6:27:89:08:f4:cb:d4:
         e3:8b:7f:54:66:cc:6a:71:0e:51:a4:65:b5:4c:06:a2:db:23:
         df:a6:f6:f7:d5:90:02:24:fe:3d:69:cd:3d:47:2a:01:54:45:
         6f:c3:75:7d:03:c3:c8:c2:5a:50:d1:d9:0b:5a:be:a1:ec:7a:
         64:d6:61:d1:4a:8c:76:69:31:34:27:ec:41:7a:85:99:9d:8f:
         aa:3e:aa:b8:c8:8d:e5:d3:69:bc:2c:24:db:42:9a:e3:44:91:
         e2:e2:44:a7:65:16:fa:df:af:72:4c:ec:bb:b7:f0:94:2a:f3:
         fd:48:fa:18:f7:a4:90:31:28:6a:78:8b:fe:96:5b:3c:29:d2:
         63:07:3c:3a:01:d1:8f:0d:b5:91:7f:1e:fb:17:f2:03:7e:57:
         e3:35:66:b9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUX6seJiFn4X89O97gltAvPcaxkAswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE5MjIxMzU0WhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A0NzY0MmMyZDQ1MTZmN2MyODdiYjQzNzYyYWNmOWNjYjll
MTJhYTg5ZTJlZGM4ZDI2ZTFiNmM5YWYyNGMyOGU5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDATv2i+Uwluovixl9unLl8NteHfZTVcGPFLNIRcn4spTdA
NyGkS/KN9p5CmskFRgGpUKU0Po8GDn4VccKJYSWrMyTezzjPbIDOm0ORL1Bg83Ud
LbdJBABVxAFCSs4m++dJ01tNLoEnJJOxNgnUtyGU66Yk77MvKASB3fKmaSVOCq2v
4IMiCw+hriV6IQLXXxW4xjJ8BwFjumEYkftBjRYBusZ8Da1evWG2H3xgGQ346eR1
8r1+Udlwzjrf2WpnHuh/kE4Uefd9IiHg4+jAl7SK50lEU208KV6N/GQUuF3yfHA8
oq+SkecoT/HShUNxCFVvO4/YuQu9sllx7sBFKslPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUlf3pXdxkhwR+sqCzsz+UkwOeH7EwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2JjMmZjMDg2LTQxZmUtNGNjYy04MzM1LTVlM2E4OWQ5NWM0MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAN42UwDQYJKoZIhvcNAQELBQADggEBABlyO3CiQh9rnnUK5fQfkk53E6um
2BDT1b7FBnQC1fTR8BtzK+5EypSmQwBxXlr9y1gVO8j2H9+gBxHJkWfTWIH3fUa0
wcxXL5J3lW5q6Wv13lzKRSg+04rR7aaco32pkRlI8Aw49ieJCPTL1OOLf1RmzGpx
DlGkZbVMBqLbI9+m9vfVkAIk/j1pzT1HKgFURW/DdX0Dw8jCWlDR2QtavqHsemTW
YdFKjHZpMTQn7EF6hZmdj6o+qrjIjeXTabwsJNtCmuNEkeLiRKdlFvrfr3JM7Lu3
8JQq8/1I+hj3pJAxKGp4i/6WWzwp0mMHPDoB0Y8NtZF/HvsX8gN+V+M1Zrk=
-----END CERTIFICATE-----