Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c3d56cab-ff52-47c9-8bbe-1ce3598bf804.roa
File:                     c3d56cab-ff52-47c9-8bbe-1ce3598bf804.roa (raw, json)
Hash identifier:          qdjMUgdBB3Kr0QuTh22U5RrOtVSZARisv1nBCi2omZg=
Subject key identifier:   7C:85:80:3C:B1:92:91:F5:88:2C:39:E2:C2:F3:B1:F1:71:6A:81:DE
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       10A9212E0A42011ACF4F72A7C0AA5E15E85CB147
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c3d56cab-ff52-47c9-8bbe-1ce3598bf804.roa
Signing time:             Wed 21 May 2025 00:32:02 +0000
ROA not before:           Wed 21 May 2025 00:32:02 +0000
ROA not after:            Wed 25 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        192.39.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:a9:21:2e:0a:42:01:1a:cf:4f:72:a7:c0:aa:5e:15:e8:5c:b1:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 21 00:32:02 2025 GMT
            Not After : Jun 25 23:59:59 2025 GMT
        Subject: serialNumber=8014f7c2ffb9f7c604689b39eef36009d708ad8a1c5019bc8a08b87e28812ee9, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:24:0f:c4:56:b3:f8:94:ba:2f:1a:99:e0:94:
                    13:6a:d9:60:e5:2a:13:33:05:a4:11:2d:c8:6c:c9:
                    60:9e:94:bb:1a:54:81:39:13:2a:19:fb:ab:76:2d:
                    65:02:b0:64:3d:78:40:26:ae:b9:4c:a7:58:0f:79:
                    0c:8b:3b:b6:6d:c9:2e:8e:c5:ac:20:1f:f6:c9:16:
                    97:f8:00:a2:ef:11:4b:0e:67:43:e8:58:76:8c:ba:
                    19:97:54:0f:2b:c8:1e:46:70:dc:08:54:13:1f:9b:
                    bf:9d:9a:ec:ac:c5:74:10:a9:98:50:36:f2:0b:1c:
                    52:bb:75:05:56:5e:73:41:48:5e:b7:6f:37:de:1c:
                    d9:82:c4:03:ee:6b:f7:43:4d:3d:1e:64:ff:65:59:
                    3d:d8:52:6b:c6:fe:5d:d6:f6:7a:25:f2:3b:39:d8:
                    a6:4c:b9:87:70:31:42:77:77:e7:4b:f4:4c:3e:44:
                    01:25:9f:9a:a6:47:4a:cf:b4:54:30:78:03:6a:09:
                    ce:73:e2:06:b8:99:63:05:31:e5:c1:9d:3c:86:b3:
                    7d:ef:0c:7b:66:0f:23:96:bd:9f:4b:fb:de:0f:b4:
                    e7:13:8e:4d:b8:69:90:e6:3f:52:2e:df:2d:9f:a0:
                    72:d2:f0:ae:ee:e5:bc:3d:99:31:fc:ce:3c:40:52:
                    31:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:85:80:3C:B1:92:91:F5:88:2C:39:E2:C2:F3:B1:F1:71:6A:81:DE
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c3d56cab-ff52-47c9-8bbe-1ce3598bf804.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.39.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1b:43:60:74:a4:21:eb:e6:f6:47:42:ea:2f:7a:d0:f6:77:08:
         a0:21:ef:7d:1a:e6:19:57:65:60:16:97:2f:c3:82:2c:9d:79:
         9c:6e:e1:84:d6:ba:80:87:72:1f:94:ae:12:66:0e:b2:d0:bd:
         e9:9d:e2:51:4a:16:8c:15:d4:35:ef:ec:5f:96:f5:b7:df:17:
         4f:62:8a:a0:f1:b1:05:a1:87:d9:20:ae:1b:2e:dd:29:72:3d:
         fb:ca:3a:cf:d5:bf:be:cc:ee:f3:55:cd:f7:77:84:db:d4:0c:
         5a:4d:78:04:1d:db:2c:17:ac:c0:bf:7b:ce:13:f5:e8:ce:8d:
         19:b9:a5:aa:4a:5b:8a:43:15:4e:d9:c7:f4:a1:49:26:a2:a5:
         f7:7e:56:83:11:bd:ad:2a:43:08:e1:c6:b8:a0:b7:17:16:13:
         5b:ee:0f:b3:1a:86:6e:83:2d:4f:ea:f9:6b:59:72:17:75:34:
         1d:61:d9:65:71:7e:64:2c:92:51:56:3f:60:d6:2f:48:5a:8e:
         29:2c:e5:fa:04:83:fc:41:9f:45:13:9b:d7:ad:ef:a4:1e:cb:
         22:4c:cc:bb:2a:82:96:c8:8d:c7:bd:98:b7:c9:bf:85:65:f8:
         4b:86:c5:a3:a3:71:fd:ea:cd:1a:a2:ce:ea:36:0d:1b:8e:1e:
         f3:e7:fc:9c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUEKkhLgpCARrPT3KnwKpeFehcsUcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNTIxMDAzMjAyWhcNMjUwNjI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A4MDE0ZjdjMmZmYjlmN2M2MDQ2ODliMzllZWYzNjAwOWQ3
MDhhZDhhMWM1MDE5YmM4YTA4Yjg3ZTI4ODEyZWU5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDcJA/EVrP4lLovGpnglBNq2WDlKhMzBaQRLchsyWCelLsa
VIE5EyoZ+6t2LWUCsGQ9eEAmrrlMp1gPeQyLO7ZtyS6OxawgH/bJFpf4AKLvEUsO
Z0PoWHaMuhmXVA8ryB5GcNwIVBMfm7+dmuysxXQQqZhQNvILHFK7dQVWXnNBSF63
bzfeHNmCxAPua/dDTT0eZP9lWT3YUmvG/l3W9nol8js52KZMuYdwMUJ3d+dL9Ew+
RAEln5qmR0rPtFQweANqCc5z4ga4mWMFMeXBnTyGs33vDHtmDyOWvZ9L+94PtOcT
jk24aZDmP1Iu3y2foHLS8K7u5bw9mTH8zjxAUjG9AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUfIWAPLGSkfWILDniwvOx8XFqgd4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2MzZDU2Y2FiLWZmNTItNDdjOS04YmJlLTFjZTM1OThiZjgwNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwDAJzANBgkqhkiG9w0BAQsFAAOCAQEAG0NgdKQh6+b2R0LqL3rQ9ncIoCHv
fRrmGVdlYBaXL8OCLJ15nG7hhNa6gIdyH5SuEmYOstC96Z3iUUoWjBXUNe/sX5b1
t98XT2KKoPGxBaGH2SCuGy7dKXI9+8o6z9W/vszu81XN93eE29QMWk14BB3bLBes
wL97zhP16M6NGbmlqkpbikMVTtnH9KFJJqKl935WgxG9rSpDCOHGuKC3FxYTW+4P
sxqGboMtT+r5a1lyF3U0HWHZZXF+ZCySUVY/YNYvSFqOKSzl+gSD/EGfRROb163v
pB7LIkzMuyqClsiNx72Yt8m/hWX4S4bFo6Nx/erNGqLO6jYNG44e8+f8nA==
-----END CERTIFICATE-----