Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2c7618fa-8c2c-44d2-a193-ec13ad938a49.roa
File:                     2c7618fa-8c2c-44d2-a193-ec13ad938a49.roa (raw, json)
Hash identifier:          fewDJOHdhwDh3pb1Cy0E2I4xIfz906kG4iX/969iKus=
Subject key identifier:   AD:BF:98:36:4C:7D:D3:A9:01:1F:50:ED:B5:D4:92:1C:AC:38:17:2F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       54DCA0A356CA8D0F4AB72F30854FBD695997ABE4
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2c7618fa-8c2c-44d2-a193-ec13ad938a49.roa
Signing time:             Fri 26 Sep 2025 15:26:38 +0000
ROA not before:           Fri 26 Sep 2025 15:26:38 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.162.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:dc:a0:a3:56:ca:8d:0f:4a:b7:2f:30:85:4f:bd:69:59:97:ab:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 26 15:26:38 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=fe9ae2c42a6d26ec9804e25588c958b892dcde79d5338df34e73ec249306bb79, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:f1:0f:db:2c:88:17:9d:96:fd:2a:97:bc:9f:
                    b1:c0:a9:7a:e0:3a:90:2d:d0:96:54:1b:d0:dc:de:
                    7a:4e:54:b2:e9:a8:1b:18:01:2c:5a:51:f1:14:47:
                    77:9d:0c:53:54:07:e4:81:97:03:79:56:6d:1f:63:
                    9e:cf:af:e1:b9:14:c8:3e:a4:89:fe:e6:ae:71:4c:
                    44:a7:51:46:1b:25:e4:f9:47:64:24:60:13:45:88:
                    d9:99:96:7e:a0:45:bf:24:66:b3:6d:ed:6b:68:c5:
                    6d:a1:e8:ac:a4:e7:64:99:12:eb:00:70:76:b0:2e:
                    db:a1:39:08:d7:ff:af:1a:0e:d3:9a:83:c3:e8:3b:
                    ad:46:bb:6e:64:37:56:ba:07:11:ee:62:51:34:7d:
                    38:60:84:90:17:37:71:18:d9:ba:56:e5:72:47:5d:
                    d2:19:e6:32:19:56:44:6e:0c:fb:85:61:4f:be:ed:
                    b2:fb:52:3e:1f:b8:85:90:7b:e7:e7:5f:2e:2c:c1:
                    09:79:c3:a9:b7:43:83:9c:d1:c6:e1:cd:c5:34:5b:
                    d8:1e:dc:95:b5:65:5f:c3:e6:ff:21:19:6b:cd:53:
                    a1:10:08:17:49:25:ea:27:7d:95:d7:d7:0f:e1:2a:
                    7e:4c:39:7e:95:32:12:12:41:2e:b3:ae:af:c2:a5:
                    3c:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:BF:98:36:4C:7D:D3:A9:01:1F:50:ED:B5:D4:92:1C:AC:38:17:2F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2c7618fa-8c2c-44d2-a193-ec13ad938a49.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.162.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         66:0e:56:35:c4:7e:12:52:d8:74:56:b8:0f:c6:67:ce:4d:bb:
         e1:22:f8:1d:c2:d6:00:27:9f:b1:e2:72:66:08:de:87:87:42:
         74:f5:18:5c:1b:b5:a0:9a:80:e2:9d:39:c1:47:f5:b6:2d:ba:
         b0:a3:b1:63:be:59:42:db:fa:de:6f:c2:35:b1:51:62:9a:d3:
         02:92:fb:ea:34:db:b9:9b:08:1b:ab:80:dd:b1:b6:aa:8a:bb:
         76:1c:b4:3c:30:02:52:28:31:5e:4e:c8:86:04:23:2e:17:6e:
         a8:bd:fb:5b:c5:f1:0d:77:a5:ae:6f:c8:04:45:4e:ab:97:68:
         9c:c9:4e:47:b7:f4:27:4f:f6:1c:d7:3b:5a:70:10:cf:77:c9:
         ae:ea:bb:47:25:41:a5:91:04:aa:be:45:5f:88:c3:bc:fc:f6:
         a2:85:98:db:24:97:0f:13:87:71:59:47:ee:05:4f:69:6a:58:
         cc:12:7e:52:63:36:70:d2:b6:b3:98:35:23:cb:b5:8e:38:c2:
         28:c9:92:3b:73:36:86:48:8e:88:b0:c9:7a:72:6a:5b:39:91:
         ef:52:53:8a:00:de:42:ff:78:87:e4:c5:3a:9b:62:ab:48:14:
         20:bc:77:e8:f8:4c:fb:4e:58:6f:27:88:03:d3:73:99:f8:e5:
         1e:a9:d3:1e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUVNygo1bKjQ9Kty8whU+9aVmXq+QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI2MTUyNjM4WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BmZTlhZTJjNDJhNmQyNmVjOTgwNGUyNTU4OGM5NThiODky
ZGNkZTc5ZDUzMzhkZjM0ZTczZWMyNDkzMDZiYjc5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDa8Q/bLIgXnZb9Kpe8n7HAqXrgOpAt0JZUG9Dc3npOVLLp
qBsYASxaUfEUR3edDFNUB+SBlwN5Vm0fY57Pr+G5FMg+pIn+5q5xTESnUUYbJeT5
R2QkYBNFiNmZln6gRb8kZrNt7WtoxW2h6Kyk52SZEusAcHawLtuhOQjX/68aDtOa
g8PoO61Gu25kN1a6BxHuYlE0fThghJAXN3EY2bpW5XJHXdIZ5jIZVkRuDPuFYU++
7bL7Uj4fuIWQe+fnXy4swQl5w6m3Q4Oc0cbhzcU0W9ge3JW1ZV/D5v8hGWvNU6EQ
CBdJJeonfZXX1w/hKn5MOX6VMhISQS6zrq/CpTytAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUrb+YNkx906kBH1DttdSSHKw4Fy8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzJjNzYxOGZhLThjMmMtNDRkMi1hMTkzLWVjMTNhZDkzOGE0OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAPojANBgkqhkiG9w0BAQsFAAOCAQEAZg5WNcR+ElLYdFa4D8Znzk274SL4
HcLWACefseJyZgjeh4dCdPUYXBu1oJqA4p05wUf1ti26sKOxY75ZQtv63m/CNbFR
YprTApL76jTbuZsIG6uA3bG2qoq7dhy0PDACUigxXk7IhgQjLhduqL37W8XxDXel
rm/IBEVOq5donMlOR7f0J0/2HNc7WnAQz3fJruq7RyVBpZEEqr5FX4jDvPz2ooWY
2ySXDxOHcVlH7gVPaWpYzBJ+UmM2cNK2s5g1I8u1jjjCKMmSO3M2hkiOiLDJenJq
WzmR71JTigDeQv94h+TFOptiq0gUILx36PhM+05YbyeIA9NzmfjlHqnTHg==
-----END CERTIFICATE-----