Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1130e8a1-f066-4b28-9b51-06bf6c1a761f.roa
File:                     1130e8a1-f066-4b28-9b51-06bf6c1a761f.roa (raw, json)
Hash identifier:          ckVWeTtLuCZquSKF71SrrExidP1hTIbUDFANFD0dWrI=
Subject key identifier:   E4:E1:94:4B:94:D9:09:93:D6:A6:71:85:64:ED:77:BF:5B:7A:01:2F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       56E6C05189A397BEA080EB749595E135B6D5C5D9
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1130e8a1-f066-4b28-9b51-06bf6c1a761f.roa
Signing time:             Mon 22 Sep 2025 22:12:59 +0000
ROA not before:           Mon 22 Sep 2025 22:12:59 +0000
ROA not after:            Mon 27 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.239.66.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:e6:c0:51:89:a3:97:be:a0:80:eb:74:95:95:e1:35:b6:d5:c5:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 22 22:12:59 2025 GMT
            Not After : Oct 27 23:59:59 2025 GMT
        Subject: serialNumber=ac00da17d16a3e8fce9136a2412e57bd890ff1dee74d7becfcfae1cf601303d9, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:f7:1a:36:83:c9:3e:e3:78:42:ca:0b:b9:bf:
                    be:e0:2e:68:14:f5:0f:0d:5b:3e:e5:f0:cf:56:21:
                    3b:7f:74:02:81:76:85:62:44:34:13:cb:02:d8:da:
                    33:05:d8:a3:f0:bb:b7:d8:e3:12:56:df:a1:d8:67:
                    97:6c:a1:82:56:e5:fc:d3:53:bd:b6:f1:b3:84:78:
                    82:b4:39:6f:d8:a8:96:ec:7f:85:72:cf:8e:c0:96:
                    59:84:67:1b:9c:e6:2c:50:06:23:24:f5:e7:b1:1a:
                    50:5b:b1:a0:4c:97:60:54:85:28:b6:80:f2:97:88:
                    4c:e0:73:a1:b3:d5:70:5a:ec:f2:41:c2:19:af:eb:
                    48:3f:7c:1c:84:15:f9:73:cd:16:23:0a:f0:99:0e:
                    ad:46:09:92:b2:ed:9c:05:ff:33:64:cf:45:44:6e:
                    a0:93:d3:6c:e0:d1:0a:ec:9b:c3:d5:16:6e:32:c4:
                    85:49:ad:08:bc:2d:6e:09:c6:b6:bc:ad:75:12:58:
                    21:94:72:31:86:42:80:39:4e:4e:3e:e0:d5:21:52:
                    f3:65:96:93:b4:7d:fa:30:79:cb:b9:aa:ae:42:bc:
                    73:72:1c:d9:ea:73:11:73:e3:18:b6:65:67:81:38:
                    6e:e1:3f:b0:64:b4:78:a1:10:ad:2d:88:27:c6:a7:
                    a5:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:E1:94:4B:94:D9:09:93:D6:A6:71:85:64:ED:77:BF:5B:7A:01:2F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1130e8a1-f066-4b28-9b51-06bf6c1a761f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.239.66.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ac:89:e2:e1:28:d3:b4:66:56:5c:fb:58:79:af:c8:33:aa:c6:
         78:b9:3d:91:eb:ec:4e:17:ac:ee:17:c0:27:f9:67:9d:7d:27:
         9d:32:b1:04:55:e9:1f:b7:b0:e5:39:c9:3a:de:70:34:75:dc:
         f8:28:91:53:87:53:d5:a4:81:23:c4:2d:26:1f:bf:0d:c2:99:
         c9:5c:9b:e2:37:ea:34:18:7c:30:ae:83:7b:fc:8b:5d:9a:7b:
         c6:1f:41:34:29:7e:a5:78:06:f3:fe:7b:26:05:30:9e:20:43:
         ac:f5:86:5f:f3:f9:b4:bb:7a:09:43:25:09:aa:f0:e8:73:88:
         06:5f:66:cc:6f:3e:76:17:bc:3f:f3:50:c2:ce:62:e7:49:35:
         e5:5c:da:e7:e8:76:15:ef:3a:cf:dc:04:68:1f:e9:da:48:d3:
         1a:3d:69:0d:a4:04:97:1e:81:05:e5:5f:f0:b6:65:81:f7:f6:
         9b:25:7a:b9:d7:73:9b:15:24:71:b4:58:7d:8e:f1:b0:10:ac:
         f8:ff:a7:fb:2e:f4:8d:ac:f7:c1:84:86:18:4d:c6:43:17:c5:
         00:71:1c:e0:08:64:0b:f6:3f:1d:9e:f9:96:c0:8e:d5:d6:ec:
         c3:d9:d2:93:d1:f7:a3:2a:eb:37:79:e8:89:3f:86:74:c1:79:
         fa:b9:1d:64
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVubAUYmjl76ggOt0lZXhNbbVxdkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTIyMjIxMjU5WhcNMjUxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYzAwZGExN2QxNmEzZThmY2U5MTM2YTI0MTJlNTdiZDg5
MGZmMWRlZTc0ZDdiZWNmY2ZhZTFjZjYwMTMwM2Q5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDz9xo2g8k+43hCygu5v77gLmgU9Q8NWz7l8M9WITt/dAKB
doViRDQTywLY2jMF2KPwu7fY4xJW36HYZ5dsoYJW5fzTU7228bOEeIK0OW/YqJbs
f4Vyz47AllmEZxuc5ixQBiMk9eexGlBbsaBMl2BUhSi2gPKXiEzgc6Gz1XBa7PJB
whmv60g/fByEFflzzRYjCvCZDq1GCZKy7ZwF/zNkz0VEbqCT02zg0Qrsm8PVFm4y
xIVJrQi8LW4Jxra8rXUSWCGUcjGGQoA5Tk4+4NUhUvNllpO0ffowecu5qq5CvHNy
HNnqcxFz4xi2ZWeBOG7hP7BktHihEK0tiCfGp6VJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5OGUS5TZCZPWpnGFZO13v1t6AS8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzExMzBlOGExLWYwNjYtNGIyOC05YjUxLTA2YmY2YzFhNzYxZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAES70IwDQYJKoZIhvcNAQELBQADggEBAKyJ4uEo07RmVlz7WHmvyDOqxni5
PZHr7E4XrO4XwCf5Z519J50ysQRV6R+3sOU5yTrecDR13PgokVOHU9WkgSPELSYf
vw3Cmclcm+I36jQYfDCug3v8i12ae8YfQTQpfqV4BvP+eyYFMJ4gQ6z1hl/z+bS7
eglDJQmq8OhziAZfZsxvPnYXvD/zUMLOYudJNeVc2ufodhXvOs/cBGgf6dpI0xo9
aQ2kBJcegQXlX/C2ZYH39pslernXc5sVJHG0WH2O8bAQrPj/p/su9I2s98GEhhhN
xkMXxQBxHOAIZAv2Px2e+ZbAjtXW7MPZ0pPR96Mq6zd56Ik/hnTBefq5HWQ=
-----END CERTIFICATE-----