Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/199ef53a-ebfd-4c97-a92d-9f68a4b49471.roa
File:                     199ef53a-ebfd-4c97-a92d-9f68a4b49471.roa (raw, json)
Hash identifier:          9FL6cVjsrIvJzon8c6jgUXr2TQm6TOeth8mFIwgwZ8c=
Subject key identifier:   28:E4:93:51:EB:EE:1B:F6:CD:0A:1C:CA:EF:49:78:95:EF:B0:B3:5C
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7308617E8C9D16ADB343C115C021CE20E57F3E57
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/199ef53a-ebfd-4c97-a92d-9f68a4b49471.roa
Signing time:             Thu 25 Sep 2025 16:51:34 +0000
ROA not before:           Thu 25 Sep 2025 16:51:34 +0000
ROA not after:            Thu 30 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.160.50.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:08:61:7e:8c:9d:16:ad:b3:43:c1:15:c0:21:ce:20:e5:7f:3e:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 25 16:51:34 2025 GMT
            Not After : Oct 30 23:59:59 2025 GMT
        Subject: serialNumber=55f8b5a16c5360615fe798afccb946161df0b6c18c5f43a6771636c5ba17445e, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:f6:38:2e:5f:d1:7d:1d:bf:8b:40:c9:cc:e8:
                    a9:12:24:0a:c8:f5:8f:c3:92:8e:ce:40:6d:bb:3d:
                    94:de:9e:f2:ec:e2:c9:ff:42:0f:56:ae:38:4e:fa:
                    15:ff:5f:4f:26:08:d1:d6:d4:23:1b:f9:0a:e9:8f:
                    85:25:96:e0:e5:05:38:3f:dc:b7:c4:a4:2b:6d:9f:
                    5a:09:a4:87:27:15:e7:63:2f:e6:70:9c:d2:ba:e3:
                    a8:f0:88:cc:c6:0f:1b:d8:97:55:bd:13:92:2c:22:
                    76:1b:58:45:1f:7b:d5:26:e9:24:36:56:75:ef:f2:
                    c1:8a:f3:c8:59:f5:a4:cd:2e:bc:45:94:17:4f:e2:
                    0a:bd:8d:fd:ad:48:4b:f3:b2:e6:8f:7a:14:c6:0a:
                    ce:a3:81:17:fe:dc:de:4b:7e:28:a6:8f:5c:12:dd:
                    24:b3:32:ac:6f:7f:c9:b1:f1:95:18:85:ea:d4:cb:
                    d1:96:84:af:35:e9:04:80:7b:bb:0d:dc:25:8d:d7:
                    42:bd:d5:ed:dd:15:d2:32:f1:e4:fe:e7:71:38:d8:
                    4d:96:44:4f:5b:3e:df:a4:8d:03:64:2f:a4:1e:49:
                    d9:8b:e8:c9:ae:88:b3:5d:ac:b8:8f:ce:29:76:d3:
                    a6:2e:3d:1a:8e:e8:32:3e:2b:7e:e1:ca:ef:fc:3d:
                    65:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:E4:93:51:EB:EE:1B:F6:CD:0A:1C:CA:EF:49:78:95:EF:B0:B3:5C
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/199ef53a-ebfd-4c97-a92d-9f68a4b49471.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.160.50.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:92:86:32:a5:a6:6f:1e:ff:8c:6c:ad:26:85:b7:b7:c5:d9:
         04:fc:9a:b0:a4:56:92:01:3a:f6:47:45:e2:ff:05:45:ca:41:
         cd:cf:2f:61:f6:cf:59:ca:0d:d9:e6:c9:15:50:37:16:b2:8a:
         9e:4d:e5:34:37:e1:2a:39:78:d6:95:2d:98:43:4e:5b:d2:e2:
         01:79:20:2c:ae:0d:ee:51:d1:1e:fa:94:44:3a:27:29:37:59:
         80:e5:1f:2e:24:2a:a5:23:7e:95:26:3f:39:ea:cd:2c:94:7c:
         6f:03:ef:87:bd:f0:c1:f1:97:41:6c:59:43:16:a7:19:b4:5e:
         3c:c9:19:da:d0:10:09:92:d8:70:3f:03:b4:84:71:6b:51:33:
         2a:18:e5:29:08:d5:69:12:be:7c:ef:5c:9d:78:0d:6f:de:8e:
         dc:5d:84:1b:2e:d3:2f:16:17:22:20:95:86:c7:d8:2d:50:48:
         c0:11:57:63:c8:3c:32:b9:19:c5:23:af:5c:99:7e:5b:48:42:
         c6:88:cb:f1:e4:7e:c0:ff:d3:ad:40:0b:88:8f:c7:60:2d:1f:
         f0:58:b7:88:1a:98:ac:19:f5:27:60:e6:3f:89:db:08:d8:df:
         1f:f5:56:32:42:19:42:c3:a1:e5:b5:90:89:73:a8:78:76:c2:
         a5:fd:bc:69
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcwhhfoydFq2zQ8EVwCHOIOV/PlcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI1MTY1MTM0WhcNMjUxMDMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A1NWY4YjVhMTZjNTM2MDYxNWZlNzk4YWZjY2I5NDYxNjFk
ZjBiNmMxOGM1ZjQzYTY3NzE2MzZjNWJhMTc0NDVlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQ9jguX9F9Hb+LQMnM6KkSJArI9Y/Dko7OQG27PZTenvLs
4sn/Qg9WrjhO+hX/X08mCNHW1CMb+Qrpj4UlluDlBTg/3LfEpCttn1oJpIcnFedj
L+ZwnNK646jwiMzGDxvYl1W9E5IsInYbWEUfe9Um6SQ2VnXv8sGK88hZ9aTNLrxF
lBdP4gq9jf2tSEvzsuaPehTGCs6jgRf+3N5Lfiimj1wS3SSzMqxvf8mx8ZUYherU
y9GWhK816QSAe7sN3CWN10K91e3dFdIy8eT+53E42E2WRE9bPt+kjQNkL6QeSdmL
6MmuiLNdrLiPzil206YuPRqO6DI+K37hyu/8PWWVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUKOSTUevuG/bNChzK70l4le+ws1wwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzE5OWVmNTNhLWViZmQtNGM5Ny1hOTJkLTlmNjhhNGI0OTQ3MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAADoDIwDQYJKoZIhvcNAQELBQADggEBAJiShjKlpm8e/4xsrSaFt7fF2QT8
mrCkVpIBOvZHReL/BUXKQc3PL2H2z1nKDdnmyRVQNxayip5N5TQ34So5eNaVLZhD
TlvS4gF5ICyuDe5R0R76lEQ6Jyk3WYDlHy4kKqUjfpUmPznqzSyUfG8D74e98MHx
l0FsWUMWpxm0XjzJGdrQEAmS2HA/A7SEcWtRMyoY5SkI1WkSvnzvXJ14DW/ejtxd
hBsu0y8WFyIglYbH2C1QSMARV2PIPDK5GcUjr1yZfltIQsaIy/HkfsD/061AC4iP
x2AtH/BYt4gamKwZ9Sdg5j+J2wjY3x/1VjJCGULDoeW1kIlzqHh2wqX9vGk=
-----END CERTIFICATE-----