Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/7ab4749a-d738-4b7a-bb25-de70caff0d86.roa
File:                     7ab4749a-d738-4b7a-bb25-de70caff0d86.roa (raw, json)
Hash identifier:          UUjTIct7OVABNpzmCeOouApP1VmeWW0RcNObxE4SQ3c=
Subject key identifier:   5F:87:07:BF:89:92:B9:6D:E9:91:E6:37:1B:81:65:87:94:2E:B4:A9
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       1BE71DCFBAF83E79DF3FA548E3BF1AD8DD31DDF7
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/7ab4749a-d738-4b7a-bb25-de70caff0d86.roa
Signing time:             Thu 18 Sep 2025 19:55:51 +0000
ROA not before:           Thu 18 Sep 2025 19:55:51 +0000
ROA not after:            Thu 23 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        216.137.34.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 20 Sep 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:e7:1d:cf:ba:f8:3e:79:df:3f:a5:48:e3:bf:1a:d8:dd:31:dd:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Sep 18 19:55:51 2025 GMT
            Not After : Oct 23 23:59:59 2025 GMT
        Subject: serialNumber=6f0f9c89f2d6f629f4757d433c776f921755908be571eb2a8ea2c71ba52c64bd, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:df:44:e8:4a:a6:79:68:e2:8e:8a:d1:c7:4e:
                    31:bf:a0:d1:61:5b:68:b7:b7:d0:ba:e5:9e:6f:b0:
                    d8:5f:30:3e:18:ee:9c:9d:2a:2e:f0:b7:33:d3:ee:
                    c6:91:7c:d9:9f:25:b4:8f:95:a8:e0:11:91:3a:15:
                    d6:15:09:d6:ad:4f:b9:54:20:5e:43:c9:fc:84:20:
                    bb:d1:c3:f0:10:26:23:cf:72:a5:75:9e:66:2c:3b:
                    ee:fa:a7:44:39:2e:23:d5:b9:7e:2e:34:1d:b0:51:
                    f6:c8:8a:66:19:07:e9:80:19:8e:f9:36:15:35:37:
                    e8:c0:5f:5e:60:55:41:1a:de:bd:ba:38:40:d2:ac:
                    e3:81:14:e0:ee:3a:b5:ab:83:91:e0:e3:50:8c:11:
                    98:85:76:63:7d:cf:db:b4:c1:9e:5a:ec:4b:b7:a1:
                    70:8b:2f:b2:36:ec:c9:89:f3:95:1e:a1:ea:6e:40:
                    38:44:7f:d1:d1:48:79:5b:80:76:28:42:3f:3e:e3:
                    a7:b5:83:0d:1a:90:1b:05:0c:fb:12:3b:4d:01:42:
                    78:fa:28:94:8b:34:c6:80:a3:50:1e:60:3b:d3:32:
                    bc:70:ac:85:35:fd:aa:f0:6f:f4:56:37:2a:2f:24:
                    0c:c2:da:dd:4f:01:09:01:3b:5a:c8:8f:23:84:05:
                    90:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:87:07:BF:89:92:B9:6D:E9:91:E6:37:1B:81:65:87:94:2E:B4:A9
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/7ab4749a-d738-4b7a-bb25-de70caff0d86.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.137.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:1d:35:66:56:ad:92:ec:fd:3b:50:7e:87:34:1a:5e:34:27:
         a2:3c:ec:0e:10:b1:19:bb:40:7d:bb:1c:8f:ff:36:27:1b:13:
         5d:6c:99:c4:42:da:7b:f5:c8:c1:62:4a:24:ba:ce:8d:ec:f7:
         3d:4f:92:60:5e:4b:b7:a1:08:7f:1d:cd:ae:56:6b:ca:bb:63:
         a2:74:70:ba:61:4c:cd:01:0b:4b:55:87:e8:cb:a6:ab:75:01:
         aa:3d:81:08:6e:fa:de:70:ce:8e:cd:02:cf:1a:bd:2e:84:84:
         e1:a0:c2:f3:89:59:13:1a:98:64:bd:1e:82:41:26:7b:c3:ce:
         c3:6d:6d:52:a1:b7:68:36:72:4b:2f:a9:49:5f:84:c3:3a:3e:
         4e:19:dd:8e:66:46:e2:ea:d6:93:f0:e9:59:e8:4a:3f:ef:07:
         a8:6c:0b:fe:f0:a2:0c:52:95:12:17:3e:e7:54:09:3f:3b:d9:
         3f:c0:ed:3d:28:76:4d:02:d3:93:52:67:f8:2f:7a:f3:a6:da:
         3f:23:bc:48:10:f7:40:95:05:5d:32:86:d5:ba:a0:ce:8c:a0:
         d4:ba:e2:12:87:d4:2a:1f:87:53:53:5b:19:8e:a0:c6:51:70:
         07:cf:e4:1b:53:31:06:c2:17:22:38:ca:ad:f7:6e:b8:08:d1:
         fb:37:3f:07
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUG+cdz7r4PnnfP6VI478a2N0x3fcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjUwOTE4MTk1NTUxWhcNMjUxMDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A2ZjBmOWM4OWYyZDZmNjI5ZjQ3NTdkNDMzYzc3NmY5MjE3
NTU5MDhiZTU3MWViMmE4ZWEyYzcxYmE1MmM2NGJkMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQ30ToSqZ5aOKOitHHTjG/oNFhW2i3t9C65Z5vsNhfMD4Y
7pydKi7wtzPT7saRfNmfJbSPlajgEZE6FdYVCdatT7lUIF5DyfyEILvRw/AQJiPP
cqV1nmYsO+76p0Q5LiPVuX4uNB2wUfbIimYZB+mAGY75NhU1N+jAX15gVUEa3r26
OEDSrOOBFODuOrWrg5Hg41CMEZiFdmN9z9u0wZ5a7Eu3oXCLL7I27MmJ85Ueoepu
QDhEf9HRSHlbgHYoQj8+46e1gw0akBsFDPsSO00BQnj6KJSLNMaAo1AeYDvTMrxw
rIU1/arwb/RWNyovJAzC2t1PAQkBO1rIjyOEBZAPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUX4cHv4mSuW3pkeY3G4Flh5QutKkwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzdhYjQ3NDlhLWQ3MzgtNGI3YS1iYjI1LWRlNzBjYWZmMGQ4Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADYiSIwDQYJKoZIhvcNAQELBQADggEBAGgdNWZWrZLs/TtQfoc0Gl40J6I8
7A4QsRm7QH27HI//NicbE11smcRC2nv1yMFiSiS6zo3s9z1PkmBeS7ehCH8dza5W
a8q7Y6J0cLphTM0BC0tVh+jLpqt1Aao9gQhu+t5wzo7NAs8avS6EhOGgwvOJWRMa
mGS9HoJBJnvDzsNtbVKht2g2cksvqUlfhMM6Pk4Z3Y5mRuLq1pPw6VnoSj/vB6hs
C/7wogxSlRIXPudUCT872T/A7T0odk0C05NSZ/gvevOm2j8jvEgQ90CVBV0yhtW6
oM6MoNS64hKH1Cofh1NTWxmOoMZRcAfP5BtTMQbCFyI4yq33brgI0fs3Pwc=
-----END CERTIFICATE-----