Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/19e30596-c121-4ef5-8ec2-cefe9d9d3ae9.roa
File:                     19e30596-c121-4ef5-8ec2-cefe9d9d3ae9.roa (raw, json)
Hash identifier:          b+RPYSdaDt/oQnDiunxH4VzuV+Vc3Caq0ptUOJWoSZ8=
Subject key identifier:   50:66:6F:33:5E:05:45:68:E8:68:4B:25:6F:6D:95:5B:14:5C:4A:54
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7F531B311E69727159694A5DD8E484B7745F6D6B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/19e30596-c121-4ef5-8ec2-cefe9d9d3ae9.roa
Signing time:             Fri 10 Oct 2025 00:29:30 +0000
ROA not before:           Fri 10 Oct 2025 00:29:30 +0000
ROA not after:            Fri 14 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        129.47.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:53:1b:31:1e:69:72:71:59:69:4a:5d:d8:e4:84:b7:74:5f:6d:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 10 00:29:30 2025 GMT
            Not After : Nov 14 23:59:59 2025 GMT
        Subject: serialNumber=96cf0ca21da1ff0e837ac45ea569a665ac964a8e4e865c3a99cfdceeb0d46d5f, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:af:5e:27:14:da:46:5c:59:33:6d:9d:83:a9:
                    5e:5f:2e:51:86:0a:3d:93:0e:7e:c9:94:d8:e5:96:
                    50:96:02:67:f9:0d:b0:5f:78:7d:19:a4:98:3d:bb:
                    7b:63:cd:ac:58:05:f9:cf:6d:76:0c:a4:d1:df:21:
                    77:76:09:fa:5b:39:c4:2c:45:3c:87:26:3a:42:18:
                    dc:6c:11:82:c0:03:a5:9f:17:d1:c1:cb:fe:04:dc:
                    79:b1:7c:11:c2:65:65:c2:96:7a:90:dc:11:08:7b:
                    e1:15:cd:4b:2d:35:20:f2:ec:b7:77:35:3b:5f:40:
                    52:b5:c4:29:01:89:19:75:c0:ea:e3:52:6e:19:1e:
                    21:1e:0f:67:85:f6:bf:65:2c:09:94:d2:28:ae:33:
                    0e:a3:4f:2a:fa:d6:4c:9b:ed:28:61:f4:93:11:16:
                    0e:9c:05:d0:ba:09:fb:fc:a3:9a:f9:76:2c:19:65:
                    9e:6c:4a:d9:82:f0:8c:a9:a3:15:de:38:a7:16:51:
                    37:cb:ab:29:ad:fd:d4:dd:a6:bc:49:2a:cc:66:38:
                    e5:61:10:92:be:4d:91:fc:c1:f4:cc:1f:32:48:a1:
                    e7:33:f2:df:af:4f:03:4e:3e:8b:c6:69:c3:20:d5:
                    d1:53:de:20:b2:f9:36:7f:57:56:77:e3:9d:42:77:
                    3a:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:66:6F:33:5E:05:45:68:E8:68:4B:25:6F:6D:95:5B:14:5C:4A:54
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/19e30596-c121-4ef5-8ec2-cefe9d9d3ae9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  129.47.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         0b:a2:f5:33:33:8a:1d:88:95:dd:76:33:3c:78:b3:c4:a5:ca:
         51:3e:0e:46:d5:99:09:a4:12:f7:15:60:80:d9:97:33:80:4b:
         a2:2e:c5:b4:65:34:a7:44:74:80:ad:d1:87:8c:37:0b:70:07:
         e6:5d:9b:69:85:ca:09:4a:60:9b:40:ab:9f:f1:72:bf:d1:43:
         7c:29:02:f2:96:ac:4b:7f:81:40:14:d5:90:44:a5:3f:fb:db:
         82:64:67:9b:40:18:f5:cd:74:c1:f7:4c:89:e5:60:94:7f:83:
         80:d8:a8:c2:65:e5:28:31:38:57:98:c2:9a:98:1a:f6:b8:d1:
         e4:1f:5e:28:dc:9f:e1:4e:75:4b:19:2e:b6:59:47:1a:a1:75:
         a5:0b:d1:72:f4:a1:a9:1e:3b:ba:99:d5:39:0e:11:1d:62:db:
         22:96:49:5b:f0:16:2b:f3:2c:a3:e5:18:7d:af:bc:44:4b:e0:
         e3:3f:bf:12:6a:b9:c7:15:a5:b1:e1:c2:7f:e1:9e:dc:94:f8:
         89:db:3f:71:06:c7:7b:9e:3b:e9:7b:9d:c5:2a:8b:0a:9b:7e:
         fc:79:ca:84:d9:04:a7:2b:40:97:31:bf:d6:db:f6:df:77:c4:
         e9:a0:b2:d9:cd:78:71:15:d2:02:57:0d:60:46:ef:09:fd:05:
         33:a4:a0:3e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUf1MbMR5pcnFZaUpd2OSEt3RfbWswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDEwMDAyOTMwWhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A5NmNmMGNhMjFkYTFmZjBlODM3YWM0NWVhNTY5YTY2NWFj
OTY0YThlNGU4NjVjM2E5OWNmZGNlZWIwZDQ2ZDVmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDfr14nFNpGXFkzbZ2DqV5fLlGGCj2TDn7JlNjlllCWAmf5
DbBfeH0ZpJg9u3tjzaxYBfnPbXYMpNHfIXd2CfpbOcQsRTyHJjpCGNxsEYLAA6Wf
F9HBy/4E3HmxfBHCZWXClnqQ3BEIe+EVzUstNSDy7Ld3NTtfQFK1xCkBiRl1wOrj
Um4ZHiEeD2eF9r9lLAmU0iiuMw6jTyr61kyb7Shh9JMRFg6cBdC6Cfv8o5r5diwZ
ZZ5sStmC8IypoxXeOKcWUTfLqymt/dTdprxJKsxmOOVhEJK+TZH8wfTMHzJIoecz
8t+vTwNOPovGacMg1dFT3iCy+TZ/V1Z3451CdzrfAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUUGZvM14FRWjoaEslb22VWxRcSlQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzE5ZTMwNTk2LWMxMjEtNGVmNS04ZWMyLWNlZmU5ZDlkM2FlOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCBLzANBgkqhkiG9w0BAQsFAAOCAQEAC6L1MzOKHYiV3XYzPHizxKXKUT4O
RtWZCaQS9xVggNmXM4BLoi7FtGU0p0R0gK3Rh4w3C3AH5l2baYXKCUpgm0Crn/Fy
v9FDfCkC8pasS3+BQBTVkESlP/vbgmRnm0AY9c10wfdMieVglH+DgNiowmXlKDE4
V5jCmpga9rjR5B9eKNyf4U51SxkutllHGqF1pQvRcvShqR47upnVOQ4RHWLbIpZJ
W/AWK/Mso+UYfa+8REvg4z+/Emq5xxWlseHCf+Ge3JT4ids/cQbHe5476XudxSqL
Cpt+/HnKhNkEpytAlzG/1tv233fE6aCy2c14cRXSAlcNYEbvCf0FM6SgPg==
-----END CERTIFICATE-----