Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2ca7fb95-046b-408c-9d33-2af8b2e953f4.roa
File:                     2ca7fb95-046b-408c-9d33-2af8b2e953f4.roa (raw, json)
Hash identifier:          dwCV0QQRRHe0ezIMXTF5U8q6jFfWWSHjiknLmysj4E8=
Subject key identifier:   CE:E6:3B:2E:4B:25:1B:B2:6B:44:D6:4D:36:14:42:45:6C:69:B6:3F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       51DA9E7FA0E3AFDCA160E0A6ED96715368B54DD5
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2ca7fb95-046b-408c-9d33-2af8b2e953f4.roa
Signing time:             Fri 17 Oct 2025 00:16:48 +0000
ROA not before:           Fri 17 Oct 2025 00:16:48 +0000
ROA not after:            Fri 21 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.192.0.0/12 maxlen: 12
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 06 Nov 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:da:9e:7f:a0:e3:af:dc:a1:60:e0:a6:ed:96:71:53:68:b5:4d:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 17 00:16:48 2025 GMT
            Not After : Nov 21 23:59:59 2025 GMT
        Subject: serialNumber=663f2e79f8dad52d25f1d132fdbc80b6408bbe0597c72d995abebf74459fcd07, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:9c:f8:d2:b2:19:f3:fb:72:a4:2c:65:93:b5:
                    c3:80:5f:6c:67:2a:fb:57:cc:33:f5:b4:23:9c:bb:
                    2c:71:e6:04:86:45:55:bc:8a:d2:c6:cf:50:50:24:
                    1b:17:dd:27:4f:e2:1b:30:d2:70:7f:71:b3:2b:ac:
                    6f:25:cb:17:3d:fa:14:cc:17:ad:3c:2e:71:a7:29:
                    78:38:ce:6f:9c:55:7a:bf:47:e2:35:f8:64:8b:b7:
                    83:7b:ec:75:02:b2:4d:33:17:63:e3:f6:b9:3d:76:
                    23:11:96:4c:2e:72:29:3f:05:21:47:cd:e6:e0:e4:
                    52:bc:84:0f:b2:c2:c9:da:84:d7:fd:27:b5:49:43:
                    46:d7:ee:bf:ee:01:df:e2:5f:a7:06:e7:4b:48:20:
                    ea:78:d7:5a:d7:c3:ce:97:0c:ea:df:0e:36:de:c0:
                    2f:64:d4:af:97:89:44:d7:ce:d5:8f:ee:1e:69:e4:
                    67:80:60:bf:74:42:46:6c:38:34:9e:3a:87:d7:6c:
                    89:01:f1:37:7f:40:84:37:32:b7:8d:ff:9a:74:da:
                    1f:50:e7:90:4b:09:72:a8:fd:98:eb:51:42:32:8c:
                    c7:6d:86:d3:bf:41:74:3c:80:27:8c:7f:3d:af:61:
                    3b:95:8d:06:e9:db:b8:a0:e4:ee:46:9c:71:b1:dd:
                    b2:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:E6:3B:2E:4B:25:1B:B2:6B:44:D6:4D:36:14:42:45:6C:69:B6:3F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2ca7fb95-046b-408c-9d33-2af8b2e953f4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.192.0.0/12

    Signature Algorithm: sha256WithRSAEncryption
         95:78:f0:63:49:02:a6:0a:69:99:9c:b6:71:2e:4d:6b:cb:71:
         f6:33:49:54:fb:a5:4a:32:3f:6d:89:c4:43:5f:18:35:81:bb:
         8c:74:2b:b7:b2:31:6c:bc:43:61:44:51:19:b4:15:db:06:b9:
         3d:11:e1:7c:78:d2:48:3b:e6:86:6d:b9:68:c5:c8:e0:7b:be:
         1f:e1:fe:89:5b:a9:df:f8:6d:6c:46:ea:3d:62:40:13:e5:c0:
         0b:46:76:35:9d:c7:fe:58:72:37:43:e2:0e:ed:bc:c5:ac:ac:
         7e:00:5d:4f:da:0f:77:34:78:54:1d:ef:7c:bd:0f:25:b9:3f:
         2d:43:86:f4:81:4f:42:04:24:4c:49:9e:04:96:a9:48:83:7c:
         e8:ec:9a:c7:0b:0f:ed:66:8e:36:ca:54:cc:d0:ac:f4:cc:12:
         f4:39:11:c6:ea:f0:1a:90:4b:a4:93:59:27:14:30:af:f4:12:
         1f:d9:55:cb:c6:76:72:4e:d3:da:2f:1c:05:0b:b6:c8:a4:fe:
         b6:8f:e3:9a:20:82:da:6e:98:4d:55:d2:81:cd:99:c4:e9:f1:
         b8:82:fb:a2:a9:c8:63:b1:76:6b:bc:59:4d:e4:48:5c:b5:5c:
         2d:d2:c4:24:41:c2:5a:8a:84:63:ec:37:51:18:21:a3:00:1f:
         e8:dc:e9:55
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUUdqef6Djr9yhYOCm7ZZxU2i1TdUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE3MDAxNjQ4WhcNMjUxMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0A2NjNmMmU3OWY4ZGFkNTJkMjVmMWQxMzJmZGJjODBiNjQw
OGJiZTA1OTdjNzJkOTk1YWJlYmY3NDQ1OWZjZDA3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDanPjSshnz+3KkLGWTtcOAX2xnKvtXzDP1tCOcuyxx5gSG
RVW8itLGz1BQJBsX3SdP4hsw0nB/cbMrrG8lyxc9+hTMF608LnGnKXg4zm+cVXq/
R+I1+GSLt4N77HUCsk0zF2Pj9rk9diMRlkwucik/BSFHzebg5FK8hA+ywsnahNf9
J7VJQ0bX7r/uAd/iX6cG50tIIOp411rXw86XDOrfDjbewC9k1K+XiUTXztWP7h5p
5GeAYL90QkZsODSeOofXbIkB8Td/QIQ3MreN/5p02h9Q55BLCXKo/ZjrUUIyjMdt
htO/QXQ8gCeMfz2vYTuVjQbp27ig5O5GnHGx3bJjAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUzuY7LkslG7JrRNZNNhRCRWxptj8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzJjYTdmYjk1LTA0NmItNDA4Yy05ZDMzLTJhZjhiMmU5NTNmNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwQ2wDANBgkqhkiG9w0BAQsFAAOCAQEAlXjwY0kCpgppmZy2cS5Na8tx9jNJ
VPulSjI/bYnEQ18YNYG7jHQrt7IxbLxDYURRGbQV2wa5PRHhfHjSSDvmhm25aMXI
4Hu+H+H+iVup3/htbEbqPWJAE+XAC0Z2NZ3H/lhyN0PiDu28xaysfgBdT9oPdzR4
VB3vfL0PJbk/LUOG9IFPQgQkTEmeBJapSIN86OyaxwsP7WaONspUzNCs9MwS9DkR
xurwGpBLpJNZJxQwr/QSH9lVy8Z2ck7T2i8cBQu2yKT+to/jmiCC2m6YTVXSgc2Z
xOnxuIL7oqnIY7F2a7xZTeRIXLVcLdLEJEHCWoqEY+w3URghowAf6NzpVQ==
-----END CERTIFICATE-----