Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0b7166c4-f1f9-47a1-99bf-03cba0c39215.roa
File:                     0b7166c4-f1f9-47a1-99bf-03cba0c39215.roa (raw, json)
Hash identifier:          95jgvxUwtF+L/s9jer9csCZVbVOqzXq6yoLsqWjzqQ4=
Subject key identifier:   C5:CD:7C:B4:83:86:14:4B:BE:F9:91:30:F1:B3:67:53:68:07:C2:45
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       471E709B13084FA84F7A80144A80C9BFB05C73DD
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0b7166c4-f1f9-47a1-99bf-03cba0c39215.roa
Signing time:             Fri 03 Oct 2025 15:09:09 +0000
ROA not before:           Fri 03 Oct 2025 15:09:09 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.2.51.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:1e:70:9b:13:08:4f:a8:4f:7a:80:14:4a:80:c9:bf:b0:5c:73:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct  3 15:09:09 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=8257fd7d6d9f594f8cd505108c99f1787eaf23bd37ff2d36e450e9af78644b4a, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:be:49:74:66:f1:a8:d2:81:de:73:8c:93:f3:
                    08:ca:c1:f5:3d:1a:8e:81:57:48:30:af:d5:0f:15:
                    e4:8c:71:94:84:d7:b9:cb:ee:c0:ab:09:73:f5:04:
                    48:83:81:09:74:37:ff:b0:39:23:10:14:75:17:74:
                    37:d6:f7:cf:04:b2:67:3c:f4:a9:fd:1a:be:92:9b:
                    59:e3:e4:05:f9:57:a3:13:87:a5:87:6a:a7:05:6b:
                    bc:f7:b5:71:d2:71:f6:c9:3b:27:f2:de:21:9f:4d:
                    c9:e1:af:57:25:25:f8:4a:6c:d1:25:be:03:d7:21:
                    25:cd:44:58:91:c3:84:ce:db:fd:0f:c3:89:a7:25:
                    39:6a:54:9e:7b:11:30:ce:d6:92:2b:7d:9e:32:69:
                    05:97:f3:e2:39:42:a5:25:98:0f:7c:3f:45:3c:b7:
                    cd:3c:1d:de:f3:47:b1:55:02:4d:eb:42:af:fa:0a:
                    35:98:5b:42:35:d3:16:68:50:50:e3:ed:50:5e:32:
                    07:4b:c3:2d:b8:7c:53:60:0b:24:f4:cb:4d:28:64:
                    6a:f5:12:35:d0:48:e0:10:b2:16:16:66:74:02:ff:
                    fa:ac:6c:a6:93:5f:ef:4f:3f:dc:7f:14:62:65:1c:
                    90:0d:0b:25:b2:1f:da:04:49:a9:68:17:cb:2e:27:
                    2c:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:CD:7C:B4:83:86:14:4B:BE:F9:91:30:F1:B3:67:53:68:07:C2:45
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0b7166c4-f1f9-47a1-99bf-03cba0c39215.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.2.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:a4:8d:a5:76:f9:c4:57:55:9c:bf:4d:e1:e7:50:31:5e:38:
         a7:09:a4:21:a9:c1:3a:7a:d6:88:7e:53:c2:24:a4:6b:80:94:
         27:b0:f8:fd:f2:f2:c8:44:a9:65:64:f0:d7:59:b8:90:b2:3e:
         85:93:f3:f4:4e:b3:7a:eb:bf:87:4f:38:b3:71:9d:c9:42:22:
         e2:b7:23:44:6e:5d:3a:08:c5:23:e4:61:99:8e:8b:0c:dc:53:
         57:b0:58:61:e5:79:ee:1c:28:43:9f:e8:2d:3b:aa:8a:33:6c:
         f1:06:17:e7:92:5f:02:4c:13:76:b8:7d:4e:3e:b9:d9:95:1d:
         b8:f6:ef:77:cf:12:c1:42:ff:f8:c3:ae:2d:4f:40:09:3f:00:
         bb:79:b9:20:24:98:72:72:47:20:a1:9a:82:27:5e:8c:6f:b0:
         a3:05:f5:53:36:f6:8a:43:18:cd:0a:3c:d3:7f:e0:8b:85:7f:
         d1:19:cb:de:e0:83:7e:1c:2f:b8:b7:af:30:54:fd:33:3e:06:
         fb:f9:85:63:31:ae:3f:71:a0:99:2b:8d:87:fd:92:3e:c7:d4:
         e1:90:07:0d:5b:f6:01:ba:7c:84:42:c5:10:fe:b9:06:fa:f3:
         e5:b5:6a:57:67:60:17:52:18:1d:8d:78:7e:a3:23:b9:d1:2d:
         c6:d3:6d:7e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURx5wmxMIT6hPeoAUSoDJv7Bcc90wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDAzMTUwOTA5WhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A4MjU3ZmQ3ZDZkOWY1OTRmOGNkNTA1MTA4Yzk5ZjE3ODdl
YWYyM2JkMzdmZjJkMzZlNDUwZTlhZjc4NjQ0YjRhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDVvkl0ZvGo0oHec4yT8wjKwfU9Go6BV0gwr9UPFeSMcZSE
17nL7sCrCXP1BEiDgQl0N/+wOSMQFHUXdDfW988Esmc89Kn9Gr6Sm1nj5AX5V6MT
h6WHaqcFa7z3tXHScfbJOyfy3iGfTcnhr1clJfhKbNElvgPXISXNRFiRw4TO2/0P
w4mnJTlqVJ57ETDO1pIrfZ4yaQWX8+I5QqUlmA98P0U8t808Hd7zR7FVAk3rQq/6
CjWYW0I10xZoUFDj7VBeMgdLwy24fFNgCyT0y00oZGr1EjXQSOAQshYWZnQC//qs
bKaTX+9PP9x/FGJlHJANCyWyH9oESaloF8suJyxNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUxc18tIOGFEu++ZEw8bNnU2gHwkUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzBiNzE2NmM0LWYxZjktNDdhMS05OWJmLTAzY2JhMGMzOTIxNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAADAjMwDQYJKoZIhvcNAQELBQADggEBAFykjaV2+cRXVZy/TeHnUDFeOKcJ
pCGpwTp61oh+U8IkpGuAlCew+P3y8shEqWVk8NdZuJCyPoWT8/ROs3rrv4dPOLNx
nclCIuK3I0RuXToIxSPkYZmOiwzcU1ewWGHlee4cKEOf6C07qoozbPEGF+eSXwJM
E3a4fU4+udmVHbj273fPEsFC//jDri1PQAk/ALt5uSAkmHJyRyChmoInXoxvsKMF
9VM29opDGM0KPNN/4IuFf9EZy97gg34cL7i3rzBU/TM+Bvv5hWMxrj9xoJkrjYf9
kj7H1OGQBw1b9gG6fIRCxRD+uQb68+W1aldnYBdSGB2NeH6jI7nRLcbTbX4=
-----END CERTIFICATE-----