Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/02983dab-f4b3-415e-82e5-fbff6d93b88f.roa
File:                     02983dab-f4b3-415e-82e5-fbff6d93b88f.roa (raw, json)
Hash identifier:          oiCadisqCnGkjXi+Y7bF/320Xi1yBigU/LaRckekarw=
Subject key identifier:   7C:D2:99:08:D4:18:FF:FA:E2:19:3C:02:60:2F:E9:27:A4:90:40:C5
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0455FC3A3F4E03A8A0DC09BB0064AFB40B186BCD
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/02983dab-f4b3-415e-82e5-fbff6d93b88f.roa
Signing time:             Tue 05 Aug 2025 17:21:10 +0000
ROA not before:           Tue 05 Aug 2025 17:21:10 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.94.96.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 22 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:55:fc:3a:3f:4e:03:a8:a0:dc:09:bb:00:64:af:b4:0b:18:6b:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Aug  5 17:21:10 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=eedc3f3009c51fb2fa63a9f05c7124e739956ecfbf42d660e0eca3dc2d4fd67e, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:9e:b2:bb:b3:4a:5e:9d:d7:81:7a:c6:99:83:
                    72:15:44:06:72:62:cc:66:09:45:2f:58:c8:93:b8:
                    9f:e9:32:d3:8b:80:36:98:03:d0:9b:2a:33:2a:82:
                    72:58:61:2e:7a:8f:dc:89:59:18:72:26:52:ee:20:
                    e0:9a:ab:ab:ad:c7:46:9b:33:e6:c1:d8:6f:30:eb:
                    1c:aa:77:83:bf:87:3e:10:76:86:5f:31:5f:a7:09:
                    89:c8:84:bd:f5:42:16:c1:89:66:36:4b:e8:27:3e:
                    ad:c3:72:36:61:e9:1f:0d:b1:46:d8:ae:19:de:7b:
                    fe:09:fe:2c:a8:13:d0:f7:5c:90:96:33:b6:57:ae:
                    16:58:5f:63:fb:25:08:82:13:90:f5:09:be:cb:3b:
                    ca:b7:f2:c7:1c:d0:10:67:df:92:8b:7c:99:b4:e7:
                    94:7f:17:47:3f:46:22:e6:da:0c:15:db:a8:0a:af:
                    e1:98:b7:b5:a6:41:f6:1d:34:3f:f7:86:15:56:60:
                    dc:c0:d3:c3:9f:87:0c:2d:2a:24:a7:1e:e8:6b:35:
                    11:9e:32:85:8d:f6:f2:11:53:11:2b:14:b3:af:5b:
                    b1:30:fc:7e:ba:61:4a:f3:f8:c9:10:92:fe:ab:27:
                    59:c2:fd:b6:3a:9d:d1:92:d0:70:93:ff:61:f1:dc:
                    fe:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:D2:99:08:D4:18:FF:FA:E2:19:3C:02:60:2F:E9:27:A4:90:40:C5
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/02983dab-f4b3-415e-82e5-fbff6d93b88f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.94.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         04:b6:9b:d1:53:a8:18:e3:58:09:69:72:fa:6f:83:f6:96:ba:
         35:be:f3:51:81:63:2f:4e:75:41:d4:72:b8:46:0c:a9:19:46:
         d3:e7:5d:3a:22:42:a7:ff:71:2e:49:68:97:e8:46:0f:12:9c:
         52:4b:af:b3:f0:67:85:09:64:16:07:12:a5:dc:91:58:79:64:
         c8:7c:a3:c0:1d:2a:54:29:33:67:83:ac:7b:09:44:4e:b3:a0:
         b5:00:30:e3:57:16:bb:02:4c:44:dc:ee:9c:7d:ad:7d:24:87:
         18:ff:48:65:43:58:0f:3d:eb:23:03:93:a1:7b:32:6c:c8:ac:
         3b:3b:e5:67:12:fc:1a:40:f3:22:82:74:cd:1f:11:81:20:32:
         d4:94:9e:c3:d8:ea:69:1f:81:78:e4:52:b3:1a:fd:91:43:a4:
         96:7c:5c:75:54:b0:0d:ac:c0:3d:39:62:46:68:de:0a:45:5c:
         e0:8c:bb:f9:bd:a2:83:fd:85:79:2b:5f:27:40:23:78:1d:f0:
         90:c8:2f:f9:fa:4b:ad:b1:69:11:56:8f:5e:2e:db:4d:e6:a1:
         47:f7:ee:13:c8:92:80:c3:58:56:1c:34:88:13:e3:e0:19:c6:
         8f:1e:e7:72:47:f3:d6:c6:69:cb:fa:70:ff:bf:20:1e:ad:f0:
         46:01:16:3e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBFX8Oj9OA6ig3Am7AGSvtAsYa80wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwODA1MTcyMTEwWhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZWRjM2YzMDA5YzUxZmIyZmE2M2E5ZjA1YzcxMjRlNzM5
OTU2ZWNmYmY0MmQ2NjBlMGVjYTNkYzJkNGZkNjdlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQChnrK7s0pendeBesaZg3IVRAZyYsxmCUUvWMiTuJ/pMtOL
gDaYA9CbKjMqgnJYYS56j9yJWRhyJlLuIOCaq6utx0abM+bB2G8w6xyqd4O/hz4Q
doZfMV+nCYnIhL31QhbBiWY2S+gnPq3DcjZh6R8NsUbYrhnee/4J/iyoE9D3XJCW
M7ZXrhZYX2P7JQiCE5D1Cb7LO8q38scc0BBn35KLfJm055R/F0c/RiLm2gwV26gK
r+GYt7WmQfYdND/3hhVWYNzA08OfhwwtKiSnHuhrNRGeMoWN9vIRUxErFLOvW7Ew
/H66YUrz+MkQkv6rJ1nC/bY6ndGS0HCT/2Hx3P6vAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfNKZCNQY//riGTwCYC/pJ6SQQMUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzAyOTgzZGFiLWY0YjMtNDE1ZS04MmU1LWZiZmY2ZDkzYjg4Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQ0XmAwDQYJKoZIhvcNAQELBQADggEBAAS2m9FTqBjjWAlpcvpvg/aWujW+
81GBYy9OdUHUcrhGDKkZRtPnXToiQqf/cS5JaJfoRg8SnFJLr7PwZ4UJZBYHEqXc
kVh5ZMh8o8AdKlQpM2eDrHsJRE6zoLUAMONXFrsCTETc7px9rX0khxj/SGVDWA89
6yMDk6F7MmzIrDs75WcS/BpA8yKCdM0fEYEgMtSUnsPY6mkfgXjkUrMa/ZFDpJZ8
XHVUsA2swD05YkZo3gpFXOCMu/m9ooP9hXkrXydAI3gd8JDIL/n6S62xaRFWj14u
203moUf37hPIkoDDWFYcNIgT4+AZxo8e53JH89bGacv6cP+/IB6t8EYBFj4=
-----END CERTIFICATE-----