Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8e3e61d4-d511-4b5c-b686-ca4337a7cd4c.roa
File:                     8e3e61d4-d511-4b5c-b686-ca4337a7cd4c.roa (raw, json)
Hash identifier:          KnIvLRWlU18/xYp3D2dXO+5ZMDbJNB1HIyC0VHRLtho=
Subject key identifier:   8E:FD:E2:4E:DF:C3:47:EE:F8:8B:B8:88:2F:DE:E6:B2:86:FF:1E:DC
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       115F769627B18E31FB5D847A8D616BAC5E1B41AA
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8e3e61d4-d511-4b5c-b686-ca4337a7cd4c.roa
Signing time:             Fri 25 Jul 2025 15:01:06 +0000
ROA not before:           Fri 25 Jul 2025 15:01:06 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.136.0.0/13 maxlen: 13
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 08 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:5f:76:96:27:b1:8e:31:fb:5d:84:7a:8d:61:6b:ac:5e:1b:41:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 25 15:01:06 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=180305c7b98025a579398fd2e983de206e55516a44f90da23ff4ca22d33a1617, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:9a:0e:b5:b1:ab:81:b7:ad:c4:04:76:36:99:
                    25:69:4d:f2:d1:24:57:2b:69:78:ba:70:1a:22:6b:
                    88:07:70:c0:7f:87:39:75:19:e0:57:a6:7d:cd:3c:
                    f0:8a:ee:e0:64:2e:09:d3:a0:74:26:28:45:f1:25:
                    31:7a:59:9d:4e:22:a3:e4:ea:54:24:8f:7f:79:17:
                    e1:27:98:f2:c4:0c:71:d9:a9:01:78:6b:22:93:6d:
                    f8:50:2c:cc:90:e4:82:29:e8:ba:1b:4b:7f:ba:02:
                    e1:12:9e:fb:89:84:79:84:8d:94:2f:cb:1e:db:dd:
                    c4:4b:fc:e1:3f:d8:72:03:13:90:a8:61:43:f1:e5:
                    87:28:45:b8:8d:0b:1d:83:7d:50:54:21:8d:c0:ed:
                    b5:e3:a7:8c:ab:58:f7:c7:f7:64:4e:a9:93:ea:fc:
                    77:02:ce:4f:73:0b:5b:da:83:1b:55:39:d7:04:9c:
                    48:d1:d7:ff:01:d7:46:b4:6b:13:e9:2b:e5:58:20:
                    7d:18:5d:a2:a6:0a:4d:3a:27:b0:d6:1d:0b:c1:a6:
                    c0:24:ff:2e:f0:51:8c:8e:92:1b:6e:80:85:0b:d9:
                    3b:80:b2:5a:2c:33:48:96:dc:a7:ea:68:dc:e7:e2:
                    04:15:aa:5e:40:2a:31:69:ff:2e:62:cb:bb:5f:6a:
                    f0:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:FD:E2:4E:DF:C3:47:EE:F8:8B:B8:88:2F:DE:E6:B2:86:FF:1E:DC
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8e3e61d4-d511-4b5c-b686-ca4337a7cd4c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.136.0.0/13

    Signature Algorithm: sha256WithRSAEncryption
         8b:f8:96:c4:fc:08:1d:fb:c7:80:16:3f:ef:37:3a:71:7d:b2:
         33:f8:aa:ee:90:db:4d:62:f4:b3:5a:7d:b4:47:52:29:84:1a:
         c4:0f:a9:b3:14:f0:57:d3:b5:96:af:92:ba:d3:19:b1:05:f1:
         8c:c0:c7:5d:cf:e9:7d:4d:94:e6:18:0e:3d:ab:cf:47:79:20:
         37:67:ff:56:dc:e3:da:f0:c3:29:27:94:2f:95:c5:a1:93:a5:
         84:30:84:d1:2b:44:f6:0e:5e:65:ee:5d:61:f2:8f:34:0b:68:
         87:da:69:36:3f:45:68:ef:c7:c3:ed:7b:6c:97:f6:a4:43:ab:
         b2:7d:9c:28:a3:6d:1d:3c:b0:88:f5:67:7e:b5:93:6f:81:7d:
         ae:68:cb:cc:ef:21:35:1a:48:14:2e:c7:3b:f2:b5:7a:8e:89:
         41:e9:01:20:61:4d:f6:49:af:82:de:2b:3d:8d:55:c8:0c:e7:
         99:2b:b6:e8:cd:dd:7b:59:63:65:38:27:6d:96:c1:1e:af:69:
         68:9e:44:3b:80:47:2b:08:32:44:14:b9:ce:6b:a4:25:b7:1d:
         86:4a:62:9b:b1:c3:9f:a1:73:02:98:df:5d:4a:35:fe:12:79:
         cb:f7:77:08:ac:0a:0d:71:1a:62:36:5a:b8:35:ab:a8:79:7b:
         ea:2d:2f:04
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUEV92liexjjH7XYR6jWFrrF4bQaowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI1MTUwMTA2WhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0AxODAzMDVjN2I5ODAyNWE1NzkzOThmZDJlOTgzZGUyMDZl
NTU1MTZhNDRmOTBkYTIzZmY0Y2EyMmQzM2ExNjE3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9mg61sauBt63EBHY2mSVpTfLRJFcraXi6cBoia4gHcMB/
hzl1GeBXpn3NPPCK7uBkLgnToHQmKEXxJTF6WZ1OIqPk6lQkj395F+EnmPLEDHHZ
qQF4ayKTbfhQLMyQ5IIp6LobS3+6AuESnvuJhHmEjZQvyx7b3cRL/OE/2HIDE5Co
YUPx5YcoRbiNCx2DfVBUIY3A7bXjp4yrWPfH92ROqZPq/HcCzk9zC1vagxtVOdcE
nEjR1/8B10a0axPpK+VYIH0YXaKmCk06J7DWHQvBpsAk/y7wUYyOkhtugIUL2TuA
slosM0iW3KfqaNzn4gQVql5AKjFp/y5iy7tfavDVAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUjv3iTt/DR+74i7iIL97msob/HtwwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzhlM2U2MWQ0LWQ1MTEtNGI1Yy1iNjg2LWNhNDMzN2E3Y2Q0Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwMDiDANBgkqhkiG9w0BAQsFAAOCAQEAi/iWxPwIHfvHgBY/7zc6cX2yM/iq
7pDbTWL0s1p9tEdSKYQaxA+psxTwV9O1lq+SutMZsQXxjMDHXc/pfU2U5hgOPavP
R3kgN2f/Vtzj2vDDKSeUL5XFoZOlhDCE0StE9g5eZe5dYfKPNAtoh9ppNj9FaO/H
w+17bJf2pEOrsn2cKKNtHTywiPVnfrWTb4F9rmjLzO8hNRpIFC7HO/K1eo6JQekB
IGFN9kmvgt4rPY1VyAznmSu26M3de1ljZTgnbZbBHq9paJ5EO4BHKwgyRBS5zmuk
Jbcdhkpim7HDn6FzApjfXUo1/hJ5y/d3CKwKDXEaYjZauDWrqHl76i0vBA==
-----END CERTIFICATE-----