Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1d033e92-47c2-41f9-8d65-3387667b37fb.roa
File:                     1d033e92-47c2-41f9-8d65-3387667b37fb.roa (raw, json)
Hash identifier:          USpb9B5XgYLLb1I4YmHKsbV3p6bSZilfIEfG/5lsL8w=
Subject key identifier:   F1:77:BE:DB:F4:F5:0B:4C:E8:E7:EF:3D:0B:ED:DE:5C:B8:F5:21:BB
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       3ABD02FD3A763595BE9D7FC57AAF8041472566C9
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1d033e92-47c2-41f9-8d65-3387667b37fb.roa
Signing time:             Fri 03 Oct 2025 15:09:10 +0000
ROA not before:           Fri 03 Oct 2025 15:09:10 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.2.48.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:bd:02:fd:3a:76:35:95:be:9d:7f:c5:7a:af:80:41:47:25:66:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct  3 15:09:10 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=1cc0d3235d7580c533450c8de2c53409a44ca041469ccf99f783e1c99468b940, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:53:74:55:1e:7f:c9:f6:7a:f3:de:dd:b9:ac:
                    4f:13:61:65:24:c6:de:66:9c:09:63:61:ec:e0:d5:
                    04:4b:7d:7c:61:06:f6:93:3e:48:7b:3e:45:e3:1f:
                    36:60:0e:38:aa:4d:1e:2f:36:00:52:48:2b:db:a8:
                    f6:26:3f:95:89:b1:06:09:99:e6:5f:90:8f:15:e4:
                    57:63:45:46:53:aa:e1:77:50:7b:54:28:48:ab:10:
                    10:e8:a2:19:70:78:a4:3a:93:a9:7d:37:e6:51:e3:
                    9b:5c:64:66:cf:77:c1:4c:88:b6:cc:3f:2d:ec:30:
                    1b:51:cb:21:41:86:f3:ee:9f:70:50:58:14:3c:a2:
                    a1:48:5e:30:8a:f5:15:22:7a:c3:be:8f:c1:6a:3e:
                    81:4b:d5:d9:3a:f0:bc:41:94:af:1c:f8:4a:20:18:
                    f9:14:38:b6:8c:17:a6:d2:dc:d9:96:86:f3:b0:09:
                    1d:7f:c1:25:4a:c9:ad:53:2b:8d:23:13:3b:40:c8:
                    c0:ea:77:49:03:92:54:5d:53:c5:65:65:86:8f:60:
                    2a:aa:d4:ad:af:56:52:c5:41:7c:8c:9f:26:73:ae:
                    18:85:db:e6:20:af:94:e9:17:f4:8d:0b:2f:b9:cf:
                    4d:4c:55:f1:e9:c2:6a:8b:eb:a6:69:7c:95:4b:95:
                    74:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:77:BE:DB:F4:F5:0B:4C:E8:E7:EF:3D:0B:ED:DE:5C:B8:F5:21:BB
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1d033e92-47c2-41f9-8d65-3387667b37fb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.2.48.0/20

    Signature Algorithm: sha256WithRSAEncryption
         93:8d:0f:b3:b1:5b:40:9a:f9:e8:1f:9a:c7:73:03:06:87:cf:
         48:18:ed:be:dc:af:b0:85:b0:11:04:3a:7c:a7:9e:47:4a:f9:
         c5:6b:fd:0f:fc:32:8e:13:20:33:69:13:4d:39:d1:79:6f:14:
         56:bd:90:67:d3:d9:7b:35:85:55:ad:98:6e:b7:3d:f5:9d:a6:
         35:e0:58:57:32:1c:80:a5:1b:6c:ff:bc:72:d2:6f:be:3c:46:
         83:ab:eb:97:29:7a:d1:44:53:e8:e4:e1:24:48:08:20:13:1c:
         6d:d7:73:67:21:a3:b0:06:2d:1f:60:c6:61:44:3e:89:72:21:
         ea:9e:3b:32:ad:a1:ab:3f:a4:5a:8d:ad:c3:83:6b:c4:8b:9e:
         8e:48:71:46:33:92:be:0a:c1:6c:59:c4:11:b0:b5:3b:2f:87:
         21:c5:6e:b3:3b:ae:6d:6e:32:65:8d:75:4b:e9:d1:e6:7d:8d:
         94:38:ad:90:84:25:f6:7c:bc:7f:fe:91:7a:5b:04:7f:4e:11:
         a2:66:20:4f:af:53:d5:6f:4f:29:e1:74:36:68:89:34:c3:6d:
         f0:2d:5b:f4:aa:c6:8c:87:85:37:0a:bc:85:0a:1d:f4:2c:80:
         a2:f6:21:20:2c:1f:0a:67:3d:8d:69:39:46:68:30:0a:ff:5a:
         7a:64:b2:52
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOr0C/Tp2NZW+nX/Feq+AQUclZskwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDAzMTUwOTEwWhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxY2MwZDMyMzVkNzU4MGM1MzM0NTBjOGRlMmM1MzQwOWE0
NGNhMDQxNDY5Y2NmOTlmNzgzZTFjOTk0NjhiOTQwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8U3RVHn/J9nrz3t25rE8TYWUkxt5mnAljYezg1QRLfXxh
BvaTPkh7PkXjHzZgDjiqTR4vNgBSSCvbqPYmP5WJsQYJmeZfkI8V5FdjRUZTquF3
UHtUKEirEBDoohlweKQ6k6l9N+ZR45tcZGbPd8FMiLbMPy3sMBtRyyFBhvPun3BQ
WBQ8oqFIXjCK9RUiesO+j8FqPoFL1dk68LxBlK8c+EogGPkUOLaMF6bS3NmWhvOw
CR1/wSVKya1TK40jEztAyMDqd0kDklRdU8VlZYaPYCqq1K2vVlLFQXyMnyZzrhiF
2+Ygr5TpF/SNCy+5z01MVfHpwmqL66ZpfJVLlXRRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU8Xe+2/T1C0zo5+89C+3eXLj1IbswHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzFkMDMzZTkyLTQ3YzItNDFmOS04ZDY1LTMzODc2NjdiMzdmYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQDAjAwDQYJKoZIhvcNAQELBQADggEBAJOND7OxW0Ca+egfmsdzAwaHz0gY
7b7cr7CFsBEEOnynnkdK+cVr/Q/8Mo4TIDNpE0050XlvFFa9kGfT2Xs1hVWtmG63
PfWdpjXgWFcyHIClG2z/vHLSb748RoOr65cpetFEU+jk4SRICCATHG3Xc2cho7AG
LR9gxmFEPolyIeqeOzKtoas/pFqNrcODa8SLno5IcUYzkr4KwWxZxBGwtTsvhyHF
brM7rm1uMmWNdUvp0eZ9jZQ4rZCEJfZ8vH/+kXpbBH9OEaJmIE+vU9VvTynhdDZo
iTTDbfAtW/SqxoyHhTcKvIUKHfQsgKL2ISAsHwpnPY1pOUZoMAr/WnpkslI=
-----END CERTIFICATE-----