Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0d2c3634-e11e-4da7-bc65-026b9cc14192.roa
File:                     0d2c3634-e11e-4da7-bc65-026b9cc14192.roa (raw, json)
Hash identifier:          bfetaUxPe33UIDJ3bi1MkBa8s+7Q7asoNXdMiAUmx8o=
Subject key identifier:   D6:2A:52:94:3C:55:A6:2E:93:8F:15:9E:C4:CC:9F:3B:01:2E:C8:5F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       57D16DA70093688BF1A13C02BEB93A25AA99DA70
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0d2c3634-e11e-4da7-bc65-026b9cc14192.roa
Signing time:             Fri 26 Sep 2025 17:25:32 +0000
ROA not before:           Fri 26 Sep 2025 17:25:32 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.92.224.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:d1:6d:a7:00:93:68:8b:f1:a1:3c:02:be:b9:3a:25:aa:99:da:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 26 17:25:32 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=c29ad4a093554212b3c22499b04d806c3a783fa87c407fd38913b8c3806326f4, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:79:ae:83:ef:c6:55:89:b3:19:6c:91:80:e1:
                    a3:38:ce:d3:bf:ff:e2:4d:e4:30:08:14:fb:d9:19:
                    87:49:bc:22:85:a0:4a:cd:fd:d6:6c:1e:32:62:89:
                    fa:a9:25:71:73:e1:b4:b5:d6:1c:7d:d9:95:be:a7:
                    29:46:46:0f:bc:a0:d9:dd:52:c1:df:a3:13:99:e1:
                    dc:2b:f4:1c:99:10:a6:cf:b0:74:ee:c0:fe:26:f1:
                    ee:6e:18:dd:2b:d9:5b:b7:94:c7:74:a5:b0:55:17:
                    0c:42:61:06:06:58:cc:db:80:d9:88:3a:75:e8:64:
                    ba:c8:9d:f9:14:5c:30:7b:ed:bc:df:fc:07:36:4a:
                    31:ed:e6:29:7f:4b:66:2a:e5:69:09:78:63:94:a2:
                    a5:d5:00:7b:01:2a:f6:17:af:8d:fe:75:5c:34:83:
                    8a:fd:7c:88:b6:07:1b:e0:a3:e0:82:1c:1b:26:dc:
                    7b:0b:4c:f8:0a:f1:27:32:da:9e:74:c8:bd:e2:8f:
                    77:61:fe:12:8e:21:07:6d:5f:72:31:8f:e3:14:69:
                    e6:3b:3e:78:e2:0a:c3:0e:1f:fd:4d:7f:4d:0d:e8:
                    a3:16:42:7e:70:a9:84:e3:d0:57:21:23:7e:c3:17:
                    be:e2:60:a7:84:2c:c4:3c:3d:cf:95:7f:ce:06:73:
                    19:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:2A:52:94:3C:55:A6:2E:93:8F:15:9E:C4:CC:9F:3B:01:2E:C8:5F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0d2c3634-e11e-4da7-bc65-026b9cc14192.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.92.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         a9:a1:e9:b3:2d:bc:5a:ff:e0:5e:cd:65:0d:68:48:8e:43:36:
         36:54:84:c6:fd:c9:0f:b9:51:0b:c5:0c:0d:ec:c9:7e:2a:92:
         a0:b0:86:1b:a6:4c:79:8f:67:b7:bc:ce:94:af:e2:8f:f4:3e:
         a1:9a:89:04:ae:52:cc:f8:91:58:9d:8f:88:f6:ea:3b:b0:66:
         ff:a3:81:f7:a3:a7:c6:c2:f8:8b:db:60:be:4a:5f:de:4b:e5:
         56:46:90:55:8d:f5:ea:6f:83:0f:3c:9d:99:62:67:ff:30:36:
         d5:80:6d:84:56:63:21:11:89:17:ab:86:53:33:ce:20:10:86:
         27:4a:eb:7c:48:bb:1c:bf:d1:11:8d:fa:47:55:52:2c:01:c6:
         75:05:92:a6:9a:c4:73:f6:ff:e8:10:71:4a:75:0c:6c:63:92:
         50:4a:6b:2d:b4:54:4f:4f:43:f0:85:4f:f9:79:47:a3:77:89:
         d8:2f:7f:92:04:b5:6a:82:f6:8a:e6:3f:6d:c1:b7:68:a9:d3:
         f7:7f:06:3a:75:b4:34:fb:04:1d:7d:0a:90:da:c2:5e:77:0f:
         5b:31:73:5d:25:ec:df:77:dc:57:6c:c3:66:a0:a5:3a:2d:23:
         38:84:55:9a:e7:41:b3:9a:d8:44:3a:89:c8:b5:bc:0f:71:72:
         82:ef:06:ee
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUV9FtpwCTaIvxoTwCvrk6JaqZ2nAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI2MTcyNTMyWhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BjMjlhZDRhMDkzNTU0MjEyYjNjMjI0OTliMDRkODA2YzNh
NzgzZmE4N2M0MDdmZDM4OTEzYjhjMzgwNjMyNmY0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKea6D78ZVibMZbJGA4aM4ztO//+JN5DAIFPvZGYdJvCKF
oErN/dZsHjJiifqpJXFz4bS11hx92ZW+pylGRg+8oNndUsHfoxOZ4dwr9ByZEKbP
sHTuwP4m8e5uGN0r2Vu3lMd0pbBVFwxCYQYGWMzbgNmIOnXoZLrInfkUXDB77bzf
/Ac2SjHt5il/S2Yq5WkJeGOUoqXVAHsBKvYXr43+dVw0g4r9fIi2Bxvgo+CCHBsm
3HsLTPgK8Scy2p50yL3ij3dh/hKOIQdtX3Ixj+MUaeY7PnjiCsMOH/1Nf00N6KMW
Qn5wqYTj0FchI37DF77iYKeELMQ8Pc+Vf84GcxnFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU1ipSlDxVpi6TjxWexMyfOwEuyF8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzBkMmMzNjM0LWUxMWUtNGRhNy1iYzY1LTAyNmI5Y2MxNDE5Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU2XOAwDQYJKoZIhvcNAQELBQADggEBAKmh6bMtvFr/4F7NZQ1oSI5DNjZU
hMb9yQ+5UQvFDA3syX4qkqCwhhumTHmPZ7e8zpSv4o/0PqGaiQSuUsz4kVidj4j2
6juwZv+jgfejp8bC+IvbYL5KX95L5VZGkFWN9epvgw88nZliZ/8wNtWAbYRWYyER
iRerhlMzziAQhidK63xIuxy/0RGN+kdVUiwBxnUFkqaaxHP2/+gQcUp1DGxjklBK
ay20VE9PQ/CFT/l5R6N3idgvf5IEtWqC9ormP23Bt2ip0/d/Bjp1tDT7BB19CpDa
wl53D1sxc10l7N933Fdsw2agpTotIziEVZrnQbOa2EQ6ici1vA9xcoLvBu4=
-----END CERTIFICATE-----