Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2e9b5895-1a47-4574-9c7c-c3723bb48226.roa
File:                     2e9b5895-1a47-4574-9c7c-c3723bb48226.roa (raw, json)
Hash identifier:          YbMvTdzgxn+scnRX/JHa60m3NZPq6cS6YiA6+w6+xmA=
Subject key identifier:   BC:F7:99:EB:73:DC:30:C8:94:A2:F4:66:66:04:5C:2E:73:DF:52:B5
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       31219F68D527B00BA03EAB6CCCF59C70265B3B69
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2e9b5895-1a47-4574-9c7c-c3723bb48226.roa
Signing time:             Mon 22 Sep 2025 18:43:00 +0000
ROA not before:           Mon 22 Sep 2025 18:43:00 +0000
ROA not after:            Mon 27 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.161.75.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:21:9f:68:d5:27:b0:0b:a0:3e:ab:6c:cc:f5:9c:70:26:5b:3b:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 22 18:43:00 2025 GMT
            Not After : Oct 27 23:59:59 2025 GMT
        Subject: serialNumber=d103922a79111a2d4a4f29a7c6eb6e0c3dd590d6ef7f0d43d9773c45795885b6, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:26:64:74:04:30:51:14:91:dd:da:82:88:a9:
                    a6:76:6c:91:31:35:31:a2:2a:5f:8b:6a:2c:7a:c7:
                    05:00:32:f9:ca:ce:cc:78:3d:f4:7e:0b:97:53:c5:
                    71:00:ce:d7:bc:28:4b:8d:4c:51:91:b5:d2:61:21:
                    0c:1f:7f:1e:4b:0f:ea:b9:7f:b5:c2:a1:65:25:5d:
                    20:46:ca:74:7b:7e:47:24:15:04:5b:fc:2a:bc:6d:
                    c1:4d:7e:6a:63:d9:f4:3f:09:e3:65:fe:3c:d2:91:
                    4c:ed:88:0b:c5:1b:14:3c:79:06:ac:6b:48:57:e1:
                    93:24:45:88:50:aa:48:15:2c:20:be:5c:04:4b:4b:
                    1a:85:1b:84:7c:5d:bd:08:b0:cc:b6:35:04:9b:ab:
                    2f:fb:cf:b3:9d:65:91:17:d0:50:21:a6:88:c8:57:
                    48:34:1f:38:af:3d:b8:c5:27:ca:a6:82:a5:0a:61:
                    8b:50:36:80:6a:df:ca:3c:ea:28:bd:9d:63:4d:e6:
                    04:27:27:22:66:9b:73:64:39:98:ea:e3:41:b4:84:
                    88:0d:61:f3:7f:7d:ef:5a:6b:5e:d0:19:39:ec:67:
                    5e:16:15:0e:31:1a:33:39:b9:da:31:18:a7:ce:e0:
                    95:16:7c:65:d3:c4:af:e7:88:08:82:27:d5:1d:81:
                    8f:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:F7:99:EB:73:DC:30:C8:94:A2:F4:66:66:04:5C:2E:73:DF:52:B5
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2e9b5895-1a47-4574-9c7c-c3723bb48226.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.161.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:72:a4:7c:fa:c1:a9:72:21:44:a7:dd:cb:e6:81:0e:19:7f:
         31:a3:34:ce:3f:12:62:7b:35:62:9c:a6:b2:10:d0:87:7b:8e:
         f3:75:8a:fc:a6:63:c6:d1:13:36:fe:8f:77:42:69:40:14:00:
         76:0d:4f:ef:ff:f1:ab:3a:e7:37:21:dd:22:a7:a8:ce:e0:a4:
         12:f7:a9:ed:37:12:9a:22:02:24:da:bf:94:9f:2d:bb:93:18:
         b7:37:d7:f4:49:ac:42:6a:e7:0d:42:3a:59:02:25:95:8d:fa:
         7d:c3:af:a2:ab:c2:d2:aa:c6:38:d0:3c:a6:11:e4:6a:01:f2:
         f1:ad:3f:5d:78:bc:a7:fd:3b:54:6b:1d:32:2d:fb:1c:90:9d:
         a4:c1:07:5c:6b:d9:d9:e4:01:6a:4e:21:6e:81:ff:31:ca:c6:
         8a:35:e8:cb:82:98:48:d9:72:f5:18:b8:0f:78:1e:fb:42:93:
         00:f6:a6:4f:9b:39:4b:28:c9:0c:7c:70:fe:15:db:b1:ee:23:
         23:e3:56:c7:0e:52:fd:08:8f:af:41:bf:f4:15:91:41:81:60:
         0f:83:9e:d5:e9:c1:8c:bd:97:ab:a2:d0:87:30:c4:f6:8f:1a:
         45:0b:10:2b:60:df:56:74:19:3f:8a:59:8d:8f:01:f6:1e:c3:
         52:fb:66:92
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMSGfaNUnsAugPqtszPWccCZbO2kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTIyMTg0MzAwWhcNMjUxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkMTAzOTIyYTc5MTExYTJkNGE0ZjI5YTdjNmViNmUwYzNk
ZDU5MGQ2ZWY3ZjBkNDNkOTc3M2M0NTc5NTg4NWI2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+JmR0BDBRFJHd2oKIqaZ2bJExNTGiKl+Laix6xwUAMvnK
zsx4PfR+C5dTxXEAzte8KEuNTFGRtdJhIQwffx5LD+q5f7XCoWUlXSBGynR7fkck
FQRb/Cq8bcFNfmpj2fQ/CeNl/jzSkUztiAvFGxQ8eQasa0hX4ZMkRYhQqkgVLCC+
XARLSxqFG4R8Xb0IsMy2NQSbqy/7z7OdZZEX0FAhpojIV0g0HzivPbjFJ8qmgqUK
YYtQNoBq38o86ii9nWNN5gQnJyJmm3NkOZjq40G0hIgNYfN/fe9aa17QGTnsZ14W
FQ4xGjM5udoxGKfO4JUWfGXTxK/niAiCJ9UdgY+DAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUvPeZ63PcMMiUovRmZgRcLnPfUrUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzJlOWI1ODk1LTFhNDctNDU3NC05YzdjLWMzNzIzYmI0ODIyNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAASoUswDQYJKoZIhvcNAQELBQADggEBAEZypHz6walyIUSn3cvmgQ4ZfzGj
NM4/EmJ7NWKcprIQ0Id7jvN1ivymY8bREzb+j3dCaUAUAHYNT+//8as65zch3SKn
qM7gpBL3qe03EpoiAiTav5SfLbuTGLc31/RJrEJq5w1COlkCJZWN+n3Dr6KrwtKq
xjjQPKYR5GoB8vGtP114vKf9O1RrHTIt+xyQnaTBB1xr2dnkAWpOIW6B/zHKxoo1
6MuCmEjZcvUYuA94HvtCkwD2pk+bOUsoyQx8cP4V27HuIyPjVscOUv0Ij69Bv/QV
kUGBYA+DntXpwYy9l6ui0IcwxPaPGkULECtg31Z0GT+KWY2PAfYew1L7ZpI=
-----END CERTIFICATE-----