Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f566bb29-f2a4-47a7-a98d-3bd53d752be9.roa
File:                     f566bb29-f2a4-47a7-a98d-3bd53d752be9.roa (raw, json)
Hash identifier:          5jwokoiBhrEyaR5qrv7C0kgA0ybZzy7LnvUQErI2W1g=
Subject key identifier:   B1:72:B4:62:A4:4D:D7:47:07:BC:E8:63:08:06:81:FE:25:87:9E:AE
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       53B7F80C7D7D93D4ABE2777C6C2CF268FF1106F1
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f566bb29-f2a4-47a7-a98d-3bd53d752be9.roa
Signing time:             Sat 26 Jul 2025 00:31:32 +0000
ROA not before:           Sat 26 Jul 2025 00:31:32 +0000
ROA not after:            Sat 30 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        15.181.243.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:b7:f8:0c:7d:7d:93:d4:ab:e2:77:7c:6c:2c:f2:68:ff:11:06:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 26 00:31:32 2025 GMT
            Not After : Aug 30 23:59:59 2025 GMT
        Subject: serialNumber=af9fd1eba0fabb2ad63c3c6874c4668fc4a8fcb97b3f79e7784b0cc0ebb45c93, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:b0:46:63:96:62:8e:34:a2:d4:a6:ab:75:ec:
                    07:e3:9f:ac:c6:c4:84:ff:c1:96:3e:f1:22:fa:1b:
                    53:aa:06:dc:8e:b7:0f:0d:da:51:b0:f8:a9:0e:b4:
                    3b:76:86:35:7f:a1:9a:a7:12:5f:74:42:13:c8:a9:
                    e7:cf:b7:78:e2:c7:9a:8f:2c:c0:3d:87:80:b0:ac:
                    e7:eb:4a:2a:26:57:09:ef:28:6c:2e:c7:32:6a:dc:
                    30:51:33:dc:08:b7:67:a1:46:54:aa:28:59:da:18:
                    aa:2d:04:9f:c8:8f:9f:f9:68:13:6a:ce:d1:0b:ec:
                    cb:95:78:6e:70:a2:dd:c7:04:26:fc:e9:60:a6:a9:
                    1a:c6:66:33:b1:cc:11:45:b4:a8:4f:52:47:d6:2b:
                    dd:ec:d7:55:0f:0e:a7:e0:f7:03:86:f1:7b:36:45:
                    34:db:b6:9b:90:a5:d1:fb:4e:2d:64:ab:e6:ec:bb:
                    23:37:3d:48:af:df:ff:b5:1e:b6:d4:dd:83:41:6d:
                    4d:b1:a2:ec:25:0b:24:99:4d:15:19:46:c6:0f:cb:
                    5e:ca:87:46:ac:1b:61:d9:77:80:ba:4e:cf:10:97:
                    9e:a4:b7:d0:5a:5b:23:5c:99:0a:15:c9:91:15:72:
                    e4:5c:d6:6f:c1:61:4b:a1:56:aa:f2:43:59:6f:98:
                    5f:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:72:B4:62:A4:4D:D7:47:07:BC:E8:63:08:06:81:FE:25:87:9E:AE
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f566bb29-f2a4-47a7-a98d-3bd53d752be9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.181.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:88:cf:5f:e4:f0:ad:e1:6c:b4:6b:f4:99:87:3f:94:2b:87:
         b4:e0:d4:65:41:7c:c9:86:9d:3e:5b:7d:13:90:09:d8:f3:3c:
         8c:b7:ef:fb:3c:70:80:84:e6:b2:5a:3a:73:24:df:51:fd:39:
         49:f4:e8:d2:e0:4e:e7:73:b5:a9:fb:79:32:68:bc:c2:e4:bc:
         c9:f6:81:b6:10:78:c8:ab:62:6e:2f:f0:29:bf:a8:f7:0d:cd:
         d5:68:23:e4:64:4d:e0:8d:ba:67:86:e0:89:0e:33:85:7f:9a:
         ef:b5:ba:27:a7:ed:72:54:07:22:79:88:5a:36:10:d5:f4:7e:
         9c:cb:dd:7f:0f:91:17:5b:77:04:dd:10:3d:cd:b5:51:cf:a9:
         4b:0f:86:07:75:d2:bc:10:b0:06:41:35:80:2e:74:24:db:78:
         21:b6:b5:f8:39:6e:91:a4:b2:a9:bb:72:97:03:f8:d5:10:96:
         ec:dc:39:e1:e7:a3:a2:f0:a4:05:a6:19:16:f9:7f:9c:77:a4:
         0e:5b:ba:fb:b8:96:b6:79:58:2d:c6:3e:a3:31:b7:5d:47:ad:
         55:dd:c4:02:6f:84:3a:b5:a0:23:cf:ea:34:ae:7e:3b:7a:95:
         2d:d0:69:31:ab:04:5f:0b:3b:75:c3:29:cd:c8:0d:47:0b:67:
         d4:9a:4c:bf
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUU7f4DH19k9Sr4nd8bCzyaP8RBvEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI2MDAzMTMyWhcNMjUwODMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BhZjlmZDFlYmEwZmFiYjJhZDYzYzNjNjg3NGM0NjY4ZmM0
YThmY2I5N2IzZjc5ZTc3ODRiMGNjMGViYjQ1YzkzMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCWsEZjlmKONKLUpqt17Afjn6zGxIT/wZY+8SL6G1OqBtyO
tw8N2lGw+KkOtDt2hjV/oZqnEl90QhPIqefPt3jix5qPLMA9h4CwrOfrSiomVwnv
KGwuxzJq3DBRM9wIt2ehRlSqKFnaGKotBJ/Ij5/5aBNqztEL7MuVeG5wot3HBCb8
6WCmqRrGZjOxzBFFtKhPUkfWK93s11UPDqfg9wOG8Xs2RTTbtpuQpdH7Ti1kq+bs
uyM3PUiv3/+1HrbU3YNBbU2xouwlCySZTRUZRsYPy17Kh0asG2HZd4C6Ts8Ql56k
t9BaWyNcmQoVyZEVcuRc1m/BYUuhVqryQ1lvmF/7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUsXK0YqRN10cHvOhjCAaB/iWHnq4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2Y1NjZiYjI5LWYyYTQtNDdhNy1hOThkLTNiZDUzZDc1MmJlOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAPtfMwDQYJKoZIhvcNAQELBQADggEBAHKIz1/k8K3hbLRr9JmHP5Qrh7Tg
1GVBfMmGnT5bfROQCdjzPIy37/s8cICE5rJaOnMk31H9OUn06NLgTudztan7eTJo
vMLkvMn2gbYQeMirYm4v8Cm/qPcNzdVoI+RkTeCNumeG4IkOM4V/mu+1uien7XJU
ByJ5iFo2ENX0fpzL3X8PkRdbdwTdED3NtVHPqUsPhgd10rwQsAZBNYAudCTbeCG2
tfg5bpGksqm7cpcD+NUQluzcOeHno6LwpAWmGRb5f5x3pA5buvu4lrZ5WC3GPqMx
t11HrVXdxAJvhDq1oCPP6jSufjt6lS3QaTGrBF8LO3XDKc3IDUcLZ9SaTL8=
-----END CERTIFICATE-----