Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0bd37e9a-d46b-4388-ae57-38ab8bd4f3c4.roa
File:                     0bd37e9a-d46b-4388-ae57-38ab8bd4f3c4.roa (raw, json)
Hash identifier:          wEnFRavdXjnrEr4x43IQuhgudryrQT2o+Ss7FHlRZCU=
Subject key identifier:   E8:6D:00:FA:06:91:2D:15:D4:70:68:01:9D:2D:35:AE:9E:58:1D:2F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       689C0F2111A0D0308B683F24C4C0601E9475A1CF
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0bd37e9a-d46b-4388-ae57-38ab8bd4f3c4.roa
Signing time:             Tue 19 Aug 2025 15:32:00 +0000
ROA not before:           Tue 19 Aug 2025 15:32:00 +0000
ROA not after:            Tue 23 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        35.182.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 22 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:9c:0f:21:11:a0:d0:30:8b:68:3f:24:c4:c0:60:1e:94:75:a1:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Aug 19 15:32:00 2025 GMT
            Not After : Sep 23 23:59:59 2025 GMT
        Subject: serialNumber=38b0c6b4798d207efa9339458693783a29a00cb0546c52350443cda532602b02, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:c5:6d:61:df:de:14:99:5f:6f:d8:3c:0f:20:
                    04:96:a2:c0:26:c8:f1:69:81:eb:17:7d:65:f2:e6:
                    ae:78:3b:50:77:50:4a:7d:74:f6:22:59:43:35:f1:
                    7e:bb:19:16:55:38:a8:6e:00:b2:71:cf:58:99:33:
                    6b:a6:fa:54:34:0b:9f:d0:2b:73:1c:e3:28:aa:1f:
                    ae:b4:07:e5:21:c5:f1:64:53:61:32:42:c9:34:9e:
                    44:0d:24:84:c1:26:30:f1:fb:93:b0:ae:ca:25:87:
                    6b:50:d8:b2:96:1f:df:a9:fc:30:cf:b8:73:e2:72:
                    32:a7:f1:d9:83:3b:99:74:f4:e3:5d:cf:63:5b:33:
                    1c:bf:01:43:38:0b:73:c1:50:24:60:9d:a2:0e:9c:
                    2b:7e:bb:8f:83:13:e8:4e:64:42:71:1a:40:c5:b6:
                    c0:5d:a7:46:46:09:5f:1c:9a:59:2b:86:17:8e:b9:
                    45:d1:ce:9e:d5:48:31:8f:c6:a8:2e:1f:66:2d:a4:
                    ab:f6:a8:ad:cd:ef:4c:44:82:0a:ed:f4:cf:4c:1e:
                    b2:1e:78:9c:cf:66:dd:c9:09:3e:c4:42:62:f9:43:
                    59:79:45:69:15:27:cd:da:ba:00:7b:18:b6:f5:05:
                    aa:cd:df:5d:01:55:97:1e:89:0d:03:9a:3c:c7:0f:
                    e7:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:6D:00:FA:06:91:2D:15:D4:70:68:01:9D:2D:35:AE:9E:58:1D:2F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0bd37e9a-d46b-4388-ae57-38ab8bd4f3c4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.182.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         3a:e5:6b:2a:a3:25:31:c5:83:ea:af:48:12:16:02:bf:d5:89:
         73:6e:2f:a2:a3:5f:91:e4:8e:24:41:58:f5:26:2d:de:c6:d0:
         ee:4c:ba:d2:c0:51:e3:03:1d:f5:36:59:5c:27:de:81:78:ba:
         44:2d:78:56:8d:57:cc:f3:70:6c:f1:9b:9d:6c:37:be:4e:f3:
         0e:ea:38:b3:b2:74:91:e2:5b:cd:75:26:77:71:cc:ad:f9:63:
         1b:58:12:3f:08:9c:88:00:d0:73:9f:39:81:f5:b3:67:e3:5c:
         e7:54:dc:d0:6d:5e:5f:11:85:4d:1e:f6:92:80:21:d5:15:92:
         08:6c:a4:22:78:d5:3f:e3:ce:06:47:ae:e1:02:d5:7f:37:7b:
         86:a0:f2:f9:3a:84:36:ad:bd:a0:6a:c2:d3:92:12:3c:64:22:
         04:f6:b4:df:92:22:2d:bb:d2:67:19:fc:c5:0d:b2:f5:c3:ad:
         f6:20:29:cd:c6:44:31:a9:fd:17:3f:c6:8f:59:e0:0e:37:09:
         9b:7d:81:75:ca:44:2d:d7:0e:ec:b8:12:87:9f:61:21:d2:18:
         f6:1c:76:ea:d4:4d:ef:e5:3e:3a:74:90:43:66:d3:b5:40:59:
         be:21:8b:7c:0c:80:cd:d0:c1:48:51:a6:d5:55:47:f0:9f:75:
         29:0f:7a:d3
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUaJwPIRGg0DCLaD8kxMBgHpR1oc8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwODE5MTUzMjAwWhcNMjUwOTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AzOGIwYzZiNDc5OGQyMDdlZmE5MzM5NDU4NjkzNzgzYTI5
YTAwY2IwNTQ2YzUyMzUwNDQzY2RhNTMyNjAyYjAyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/xW1h394UmV9v2DwPIASWosAmyPFpgesXfWXy5q54O1B3
UEp9dPYiWUM18X67GRZVOKhuALJxz1iZM2um+lQ0C5/QK3Mc4yiqH660B+UhxfFk
U2EyQsk0nkQNJITBJjDx+5Owrsolh2tQ2LKWH9+p/DDPuHPicjKn8dmDO5l09ONd
z2NbMxy/AUM4C3PBUCRgnaIOnCt+u4+DE+hOZEJxGkDFtsBdp0ZGCV8cmlkrhheO
uUXRzp7VSDGPxqguH2YtpKv2qK3N70xEggrt9M9MHrIeeJzPZt3JCT7EQmL5Q1l5
RWkVJ83augB7GLb1BarN310BVZceiQ0DmjzHD+fZAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU6G0A+gaRLRXUcGgBnS01rp5YHS8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzBiZDM3ZTlhLWQ0NmItNDM4OC1hZTU3LTM4YWI4YmQ0ZjNjNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEjtjANBgkqhkiG9w0BAQsFAAOCAQEAOuVrKqMlMcWD6q9IEhYCv9WJc24v
oqNfkeSOJEFY9SYt3sbQ7ky60sBR4wMd9TZZXCfegXi6RC14Vo1XzPNwbPGbnWw3
vk7zDuo4s7J0keJbzXUmd3HMrfljG1gSPwiciADQc585gfWzZ+Nc51Tc0G1eXxGF
TR72koAh1RWSCGykInjVP+POBkeu4QLVfzd7hqDy+TqENq29oGrC05ISPGQiBPa0
35IiLbvSZxn8xQ2y9cOt9iApzcZEMan9Fz/Gj1ngDjcJm32BdcpELdcO7LgSh59h
IdIY9hx26tRN7+U+OnSQQ2bTtUBZviGLfAyAzdDBSFGm1VVH8J91KQ960w==
-----END CERTIFICATE-----