Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d27c8ee8-eb90-456f-a80e-7256b52db9c0.roa
File:                     d27c8ee8-eb90-456f-a80e-7256b52db9c0.roa (raw, json)
Hash identifier:          yE1lRGqZxYZLH8VQhsA6g9rhiY+qm6ZWAjeW4JxbGd8=
Subject key identifier:   4C:48:CD:13:3A:13:8A:E8:E4:DD:9A:09:82:82:E6:3A:22:2B:DA:B4
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       1A2CFDF984CC2DF902CE27B7438034C42082D624
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d27c8ee8-eb90-456f-a80e-7256b52db9c0.roa
Signing time:             Thu 25 Sep 2025 19:27:21 +0000
ROA not before:           Thu 25 Sep 2025 19:27:21 +0000
ROA not after:            Thu 30 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.169.100.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:2c:fd:f9:84:cc:2d:f9:02:ce:27:b7:43:80:34:c4:20:82:d6:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 25 19:27:21 2025 GMT
            Not After : Oct 30 23:59:59 2025 GMT
        Subject: serialNumber=376f27c76a8f0679a283817aa07b8220947d94590fc6b4e64a458d1e29d2e521, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:b2:bf:5e:0d:04:d4:50:6e:97:a9:ef:35:68:
                    25:3b:02:6d:7b:88:d5:01:b2:0f:52:cb:1f:39:15:
                    1b:03:bc:5b:0d:bc:13:9b:80:5b:44:de:98:da:73:
                    6c:0b:9d:08:ce:43:81:f9:d0:9c:1d:a3:91:65:7e:
                    d0:1d:38:44:16:a5:db:b2:09:d5:eb:37:09:93:fe:
                    90:75:05:3d:fe:1b:17:8b:dd:0c:f1:c4:d4:e5:b4:
                    11:6a:91:df:ef:41:48:b5:00:f0:11:05:54:92:bc:
                    b2:b7:82:8c:df:10:02:fe:21:d0:92:5a:9d:c2:29:
                    3e:c1:9d:23:07:3f:6d:a1:86:c7:5d:6d:17:c6:9b:
                    31:54:10:50:77:13:f8:58:5d:51:17:c7:60:97:55:
                    fb:8d:a9:69:40:a9:dc:dc:b1:13:38:a4:39:9f:45:
                    d2:6a:a6:86:53:86:33:a5:ec:3a:13:d2:11:b5:12:
                    96:35:c1:29:30:a5:4e:83:e7:c4:b8:da:a4:92:78:
                    b4:4f:3d:85:1c:14:12:12:27:bd:ee:84:7f:d6:91:
                    3d:4d:75:ee:54:53:e0:9c:1f:f8:c9:bc:ef:a7:99:
                    2a:d5:17:d3:1e:f4:d4:58:1c:ac:95:b8:6e:d7:2c:
                    b2:6a:9e:0c:c9:85:18:33:48:fc:3f:3f:f9:f2:0a:
                    da:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:48:CD:13:3A:13:8A:E8:E4:DD:9A:09:82:82:E6:3A:22:2B:DA:B4
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d27c8ee8-eb90-456f-a80e-7256b52db9c0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.169.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:8a:24:d5:4c:c2:78:ec:81:0f:81:43:8d:5a:cd:cd:5b:5b:
         10:4c:3b:23:c6:a8:e4:2c:46:91:af:b2:0d:84:ab:12:f4:26:
         f4:92:85:0f:b9:ed:6e:31:db:33:26:8e:b1:cc:7c:25:7d:c3:
         fc:81:a3:95:18:84:43:30:9d:30:ee:c5:4a:fa:dc:ef:57:4c:
         5c:6a:de:ba:2a:69:f4:52:ff:cc:ae:6b:38:6f:64:cc:7e:c8:
         ea:22:a1:a9:b8:42:34:a8:85:6e:57:e4:4e:1f:57:c8:73:cc:
         38:ca:9f:92:5b:e9:16:59:11:5f:55:12:b5:e5:5b:4c:e0:9e:
         74:34:4e:52:56:16:a0:a5:05:4e:38:9b:45:4e:fe:f7:14:68:
         22:e8:bb:f9:d1:6e:31:93:de:f7:a9:c9:fa:ad:cb:8a:9f:4a:
         2b:77:d5:2b:f0:ba:81:9a:e7:cf:59:69:53:05:8d:d6:bd:7a:
         2e:cf:82:c3:52:c2:9e:ab:76:bc:4b:72:04:08:3f:a4:40:91:
         20:81:8b:ef:27:cb:ec:4d:e7:2b:dc:79:a8:35:d5:43:28:14:
         51:bb:88:4c:6b:33:15:25:3f:8c:03:99:c8:23:5d:f5:ef:00:
         1d:c0:07:53:93:c4:be:10:ff:f7:5e:6f:34:2d:e3:68:e5:a3:
         7e:f3:52:f3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGiz9+YTMLfkCzie3Q4A0xCCC1iQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI1MTkyNzIxWhcNMjUxMDMwMjM1OTU5
WjB6MUkwRwYDVQQFE0AzNzZmMjdjNzZhOGYwNjc5YTI4MzgxN2FhMDdiODIyMDk0
N2Q5NDU5MGZjNmI0ZTY0YTQ1OGQxZTI5ZDJlNTIxMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCasr9eDQTUUG6Xqe81aCU7Am17iNUBsg9Syx85FRsDvFsN
vBObgFtE3pjac2wLnQjOQ4H50Jwdo5FlftAdOEQWpduyCdXrNwmT/pB1BT3+GxeL
3QzxxNTltBFqkd/vQUi1APARBVSSvLK3gozfEAL+IdCSWp3CKT7BnSMHP22hhsdd
bRfGmzFUEFB3E/hYXVEXx2CXVfuNqWlAqdzcsRM4pDmfRdJqpoZThjOl7DoT0hG1
EpY1wSkwpU6D58S42qSSeLRPPYUcFBISJ73uhH/WkT1Nde5UU+CcH/jJvO+nmSrV
F9Me9NRYHKyVuG7XLLJqngzJhRgzSPw/P/nyCtrBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTEjNEzoTiujk3ZoJgoLmOiIr2rQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2QyN2M4ZWU4LWViOTAtNDU2Zi1hODBlLTcyNTZiNTJkYjljMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAADqWQwDQYJKoZIhvcNAQELBQADggEBAHWKJNVMwnjsgQ+BQ41azc1bWxBM
OyPGqOQsRpGvsg2EqxL0JvSShQ+57W4x2zMmjrHMfCV9w/yBo5UYhEMwnTDuxUr6
3O9XTFxq3roqafRS/8yuazhvZMx+yOoioam4QjSohW5X5E4fV8hzzDjKn5Jb6RZZ
EV9VErXlW0zgnnQ0TlJWFqClBU44m0VO/vcUaCLou/nRbjGT3vepyfqty4qfSit3
1SvwuoGa589ZaVMFjda9ei7PgsNSwp6rdrxLcgQIP6RAkSCBi+8ny+xN5yvceag1
1UMoFFG7iExrMxUlP4wDmcgjXfXvAB3AB1OTxL4Q//debzQt42jlo37zUvM=
-----END CERTIFICATE-----