Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/14427b1a-7a07-4587-9e33-d0764aa4fec5.roa
File:                     14427b1a-7a07-4587-9e33-d0764aa4fec5.roa (raw, json)
Hash identifier:          YZo3yJYFBlAuhRjwI7xdPAXUOsLzlNkavygp6Slwhtw=
Subject key identifier:   20:02:83:88:87:FD:D0:37:B1:7F:74:84:D5:04:7A:A9:E4:85:9E:C4
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       567B80CBE079FC1AA6B89067B8E1E374448CCE33
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/14427b1a-7a07-4587-9e33-d0764aa4fec5.roa
Signing time:             Wed 22 Oct 2025 16:51:55 +0000
ROA not before:           Wed 22 Oct 2025 16:51:55 +0000
ROA not after:            Wed 26 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        205.251.210.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 06 Nov 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:7b:80:cb:e0:79:fc:1a:a6:b8:90:67:b8:e1:e3:74:44:8c:ce:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Oct 22 16:51:55 2025 GMT
            Not After : Nov 26 23:59:59 2025 GMT
        Subject: serialNumber=a97638181a78ba38caa9fc9bdd46a91987a159293ceda9c92e23a8e6b7f73ca3, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:f9:ea:53:33:c6:0d:5d:73:48:c0:e5:09:b9:
                    47:e9:41:e9:05:43:0b:31:19:8b:e6:21:52:89:fc:
                    18:e8:69:a1:1c:f3:dd:26:ad:88:18:fd:4e:82:59:
                    fc:f6:7f:79:b5:0d:17:f0:09:2f:90:65:c2:92:a8:
                    2b:40:69:16:d4:ff:be:20:a5:0b:54:da:43:ac:97:
                    c1:f2:b5:12:d8:17:82:89:ca:e8:5f:96:6d:3c:ae:
                    55:86:2a:76:35:d6:42:9d:81:3e:3d:a6:45:77:7e:
                    82:50:ac:20:82:3c:a4:ad:8e:4c:9e:2b:09:43:ee:
                    b9:d9:99:1a:93:99:90:b4:67:64:1a:be:65:f3:d9:
                    85:7a:63:f9:b2:13:0a:8b:32:03:f8:88:d6:75:3e:
                    14:4c:6a:3b:46:00:68:25:98:6e:09:32:d5:a4:68:
                    22:55:77:5b:6a:f8:bd:e2:19:f0:d0:ab:e7:d7:f4:
                    6a:c5:ef:ba:9c:b6:72:b9:b4:39:ed:0d:39:de:c8:
                    d5:f7:d3:79:34:89:68:ca:07:85:c7:e0:d6:81:3a:
                    86:4e:3a:42:ee:be:f5:ae:73:07:ba:74:57:fc:9f:
                    87:a8:da:24:ea:c4:fc:4e:b0:61:00:24:ca:cf:b6:
                    d2:91:a1:96:7b:39:72:1f:d8:3f:29:f1:6f:50:df:
                    13:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:02:83:88:87:FD:D0:37:B1:7F:74:84:D5:04:7A:A9:E4:85:9E:C4
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/14427b1a-7a07-4587-9e33-d0764aa4fec5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  205.251.210.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1b:3f:04:d4:a1:8d:a1:fa:6a:5a:88:e2:a1:aa:81:32:eb:d0:
         3f:4e:fb:0c:06:a3:c2:8f:74:61:d8:c1:d9:93:6f:61:74:15:
         51:c8:1e:7e:ff:ba:79:c0:e9:8e:8b:69:2c:25:f7:f5:ea:02:
         4e:a7:40:70:33:5e:a0:e6:b4:b6:84:1b:1b:43:c0:36:52:20:
         f5:cf:be:03:60:0b:cc:58:5a:cd:0a:ad:87:c0:bf:ce:bc:6c:
         19:23:05:74:24:14:d0:c9:67:95:0e:5e:e3:50:61:af:60:8c:
         ef:8b:bb:eb:d9:40:c8:69:4b:58:4e:3b:56:f6:9e:8e:e3:f0:
         b9:8c:03:e3:0e:c4:d2:23:01:d5:6c:b8:66:96:00:09:fa:78:
         72:94:a1:4a:93:30:ce:84:bb:bd:e7:76:be:2f:91:7a:7d:bc:
         9d:2a:6c:5e:54:f0:ac:bb:7a:f4:5b:3a:5d:9e:5d:f2:d4:94:
         4a:1e:15:fd:ff:bd:e3:c9:51:fe:49:f9:5d:3f:a6:c5:16:c4:
         d4:75:92:30:cf:07:a9:f1:84:3b:49:42:d8:c9:44:3e:6e:1f:
         c6:17:92:a1:72:fa:e8:7b:b3:4a:8f:52:5e:9d:db:78:8e:33:
         81:41:fb:83:2c:a1:59:21:20:f9:3d:db:42:56:09:d9:ba:80:
         e1:ff:e0:78
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVnuAy+B5/BqmuJBnuOHjdESMzjMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjUxMDIyMTY1MTU1WhcNMjUxMTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BhOTc2MzgxODFhNzhiYTM4Y2FhOWZjOWJkZDQ2YTkxOTg3
YTE1OTI5M2NlZGE5YzkyZTIzYThlNmI3ZjczY2EzMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCW+epTM8YNXXNIwOUJuUfpQekFQwsxGYvmIVKJ/BjoaaEc
890mrYgY/U6CWfz2f3m1DRfwCS+QZcKSqCtAaRbU/74gpQtU2kOsl8HytRLYF4KJ
yuhflm08rlWGKnY11kKdgT49pkV3foJQrCCCPKStjkyeKwlD7rnZmRqTmZC0Z2Qa
vmXz2YV6Y/myEwqLMgP4iNZ1PhRMajtGAGglmG4JMtWkaCJVd1tq+L3iGfDQq+fX
9GrF77qctnK5tDntDTneyNX303k0iWjKB4XH4NaBOoZOOkLuvvWucwe6dFf8n4eo
2iTqxPxOsGEAJMrPttKRoZZ7OXIf2D8p8W9Q3xPXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUIAKDiIf90Dexf3SE1QR6qeSFnsQwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzE0NDI3YjFhLTdhMDctNDU4Ny05ZTMzLWQwNzY0YWE0ZmVjNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAHN+9IwDQYJKoZIhvcNAQELBQADggEBABs/BNShjaH6alqI4qGqgTLr0D9O
+wwGo8KPdGHYwdmTb2F0FVHIHn7/unnA6Y6LaSwl9/XqAk6nQHAzXqDmtLaEGxtD
wDZSIPXPvgNgC8xYWs0KrYfAv868bBkjBXQkFNDJZ5UOXuNQYa9gjO+Lu+vZQMhp
S1hOO1b2no7j8LmMA+MOxNIjAdVsuGaWAAn6eHKUoUqTMM6Eu73ndr4vkXp9vJ0q
bF5U8Ky7evRbOl2eXfLUlEoeFf3/vePJUf5J+V0/psUWxNR1kjDPB6nxhDtJQtjJ
RD5uH8YXkqFy+uh7s0qPUl6d23iOM4FB+4MsoVkhIPk920JWCdm6gOH/4Hg=
-----END CERTIFICATE-----