Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6b9099d3-0730-40ba-bfda-3f00718bdd29.roa
File:                     6b9099d3-0730-40ba-bfda-3f00718bdd29.roa (raw, json)
Hash identifier:          TeRSUMBGaku6ZUaao7p6ul8OGTj+sPdbiiVDdfeV9R0=
Subject key identifier:   36:EB:2F:75:49:8C:74:EC:65:8D:DF:D0:0F:1A:AC:EC:F6:A7:AE:14
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6EE2AB5382E8060750A7B82FC3693CA33C9ADDD2
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6b9099d3-0730-40ba-bfda-3f00718bdd29.roa
Signing time:             Fri 06 Jun 2025 00:50:27 +0000
ROA not before:           Fri 06 Jun 2025 00:50:27 +0000
ROA not after:            Fri 11 Jul 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        52.46.96.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 17 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:e2:ab:53:82:e8:06:07:50:a7:b8:2f:c3:69:3c:a3:3c:9a:dd:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun  6 00:50:27 2025 GMT
            Not After : Jul 11 23:59:59 2025 GMT
        Subject: serialNumber=c9c5a6dfe9911941ab0fb2e34cb5a63aa1a022d0c2736aa8852e1d6cb6735139, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:44:8f:9c:61:77:a5:9c:3e:0d:2a:52:f4:a6:
                    ca:4c:22:35:0a:3c:a5:75:10:99:0a:0e:a4:b1:b2:
                    f7:e9:01:bf:48:c6:0c:f4:99:56:8d:4c:94:dd:a2:
                    8d:81:8a:6c:3e:d2:f5:df:99:45:f5:7e:63:d7:88:
                    8a:77:79:b6:b0:64:0b:d7:80:1a:ff:b0:a2:f8:65:
                    b1:7f:a5:b6:23:01:d9:3e:bb:70:d4:77:55:6a:3c:
                    b2:8d:35:22:cf:fa:48:e4:66:95:19:57:a6:aa:07:
                    71:65:fb:7f:dd:fe:d8:e6:97:7b:c3:f9:c6:51:59:
                    1a:a7:65:49:48:20:a7:53:8a:96:f7:d2:0b:05:b9:
                    1e:b6:c6:90:78:90:c0:46:73:28:d4:54:d0:7c:bc:
                    c0:8f:a5:01:a7:03:cd:68:d1:51:34:34:49:45:29:
                    e1:7e:63:b7:9e:9f:e5:8b:bd:f5:94:0e:55:98:54:
                    3c:7a:4c:ca:ba:49:3d:d1:b8:3a:8d:34:7c:83:6d:
                    fe:5d:79:f3:af:77:99:b4:ab:ce:a9:1f:a2:54:8f:
                    5b:63:9a:72:5a:61:c6:09:a3:6b:6e:18:27:da:f0:
                    41:85:38:63:5f:84:79:db:08:e7:61:15:f4:a0:73:
                    0e:f9:58:62:e7:7a:c6:b2:84:8d:76:ac:da:d2:5d:
                    07:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:EB:2F:75:49:8C:74:EC:65:8D:DF:D0:0F:1A:AC:EC:F6:A7:AE:14
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6b9099d3-0730-40ba-bfda-3f00718bdd29.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.46.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         83:24:5c:0a:08:83:43:53:78:a2:3a:97:38:1e:05:f2:0d:76:
         c6:d7:6c:f5:fd:ce:76:1a:d2:3a:ab:91:b7:05:67:f7:35:d7:
         74:24:00:29:e4:cc:85:91:12:eb:92:6b:76:62:54:2a:ef:ac:
         29:9c:61:45:65:86:4d:75:fb:b1:16:34:11:3a:74:10:80:fc:
         5c:3f:7e:d7:4b:26:37:e0:c5:a8:b8:3a:b9:8f:81:a2:39:d1:
         17:c2:8d:e6:68:b4:c2:b2:c6:f5:25:f1:c0:45:de:2f:08:ac:
         25:b8:38:c6:1c:9c:07:e2:26:15:69:10:e3:3e:82:7a:85:6d:
         47:c1:81:33:1d:3f:9b:f6:35:b2:7d:01:a2:5e:9f:f3:e8:d9:
         be:40:91:dd:db:03:5d:c1:04:66:d7:9d:7f:f9:1f:8c:18:a2:
         09:b3:83:6f:7b:53:2c:8e:78:8a:d8:6e:6d:41:79:f9:cc:cb:
         a3:1d:1f:46:6e:17:d8:c7:b6:c8:1f:95:be:97:7a:e7:0a:69:
         6a:e3:53:59:22:58:65:1e:ea:85:fb:d1:c2:fb:be:6c:08:fc:
         b9:c4:fa:5b:e0:17:71:1f:08:08:2a:1d:70:02:1b:37:fc:18:
         6c:3c:8f:c4:95:60:43:7e:20:8e:39:54:ea:13:ba:e1:ba:04:
         a7:9f:e8:d4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbuKrU4LoBgdQp7gvw2k8ozya3dIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNjA2MDA1MDI3WhcNMjUwNzExMjM1OTU5
WjB6MUkwRwYDVQQFE0BjOWM1YTZkZmU5OTExOTQxYWIwZmIyZTM0Y2I1YTYzYWEx
YTAyMmQwYzI3MzZhYTg4NTJlMWQ2Y2I2NzM1MTM5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8RI+cYXelnD4NKlL0pspMIjUKPKV1EJkKDqSxsvfpAb9I
xgz0mVaNTJTdoo2Bimw+0vXfmUX1fmPXiIp3ebawZAvXgBr/sKL4ZbF/pbYjAdk+
u3DUd1VqPLKNNSLP+kjkZpUZV6aqB3Fl+3/d/tjml3vD+cZRWRqnZUlIIKdTipb3
0gsFuR62xpB4kMBGcyjUVNB8vMCPpQGnA81o0VE0NElFKeF+Y7een+WLvfWUDlWY
VDx6TMq6ST3RuDqNNHyDbf5defOvd5m0q86pH6JUj1tjmnJaYcYJo2tuGCfa8EGF
OGNfhHnbCOdhFfSgcw75WGLnesayhI12rNrSXQcdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUNusvdUmMdOxljd/QDxqs7PanrhQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzZiOTA5OWQzLTA3MzAtNDBiYS1iZmRhLTNmMDA3MThiZGQyOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU0LmAwDQYJKoZIhvcNAQELBQADggEBAIMkXAoIg0NTeKI6lzgeBfINdsbX
bPX9znYa0jqrkbcFZ/c113QkACnkzIWREuuSa3ZiVCrvrCmcYUVlhk11+7EWNBE6
dBCA/Fw/ftdLJjfgxai4OrmPgaI50RfCjeZotMKyxvUl8cBF3i8IrCW4OMYcnAfi
JhVpEOM+gnqFbUfBgTMdP5v2NbJ9AaJen/Po2b5Akd3bA13BBGbXnX/5H4wYogmz
g297UyyOeIrYbm1BefnMy6MdH0ZuF9jHtsgflb6XeucKaWrjU1kiWGUe6oX70cL7
vmwI/LnE+lvgF3EfCAgqHXACGzf8GGw8j8SVYEN+II45VOoTuuG6BKef6NQ=
-----END CERTIFICATE-----