Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/44893a20-cc5e-4d43-a59f-e7dd9c9fee02.roa
File:                     44893a20-cc5e-4d43-a59f-e7dd9c9fee02.roa (raw, json)
Hash identifier:          Cne25VZusZXpVUC3bJZjgLLTK8yw6FrzSvx79Uhoq0g=
Subject key identifier:   15:87:F7:53:B5:2B:BC:D7:A4:B2:66:84:83:13:8D:48:00:71:F2:04
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2806921D999514F348D8454315C9D99B6DD8DFC0
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/44893a20-cc5e-4d43-a59f-e7dd9c9fee02.roa
Signing time:             Fri 26 Sep 2025 15:23:23 +0000
ROA not before:           Fri 26 Sep 2025 15:23:23 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        141.186.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:06:92:1d:99:95:14:f3:48:d8:45:43:15:c9:d9:9b:6d:d8:df:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 26 15:23:23 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=dc20229b69c3f0c7dfa13d942c2c129661a7b30c2bd68a439a79cad26b4c307e, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:9c:73:e2:87:a4:50:b0:b2:5f:a4:16:e9:8c:
                    4f:a6:99:18:8e:e3:42:75:0c:9e:9d:38:02:f3:4a:
                    99:85:b0:02:b8:63:9f:77:3d:24:27:18:81:c1:68:
                    4d:08:de:bb:bb:b5:11:53:11:16:0a:33:ca:67:59:
                    6e:c1:a6:43:b4:26:ab:32:ff:ad:20:08:ca:53:3f:
                    ba:82:e0:0d:cf:4f:7e:a5:60:35:3b:dd:64:02:9c:
                    31:0d:05:9b:35:37:df:9a:74:96:1b:9b:8f:e0:9a:
                    f6:a0:3b:36:7a:d8:97:68:ce:72:a3:4d:b1:5f:e5:
                    db:a5:a3:c6:cc:38:dd:93:2d:a4:7e:c8:a7:0f:fc:
                    7a:73:15:09:4a:47:e6:51:06:b9:93:ae:3e:ba:66:
                    b5:4b:42:70:1d:51:b2:d6:97:42:86:6b:a6:d4:f4:
                    31:fb:bd:f4:0b:1e:d1:d3:03:e4:ca:d0:a5:59:0e:
                    c4:83:7a:91:e6:20:d3:e3:3f:7e:75:aa:18:a2:9d:
                    5f:70:ea:29:2f:7b:b2:0c:68:db:64:a5:7e:03:10:
                    af:a8:6e:cc:2f:0c:0f:dd:5a:b7:ef:75:d8:3e:45:
                    e1:d0:6b:3d:94:14:65:38:8b:11:b9:96:04:bb:2f:
                    04:3c:6b:da:0d:15:68:0d:fb:09:b4:2c:00:2d:3b:
                    e8:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:87:F7:53:B5:2B:BC:D7:A4:B2:66:84:83:13:8D:48:00:71:F2:04
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/44893a20-cc5e-4d43-a59f-e7dd9c9fee02.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.186.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         61:41:5c:07:86:85:11:51:78:c4:4f:ff:1e:ab:44:db:06:93:
         f3:94:41:5b:a6:05:0a:33:81:17:20:4c:98:cc:12:78:09:8d:
         96:3b:68:9e:83:f5:29:b1:05:5e:0c:07:bb:72:cf:3b:29:20:
         84:73:9e:d9:b6:89:67:1c:ab:e3:ae:84:57:09:9f:2e:46:07:
         57:8a:91:5d:75:6b:f8:9c:c2:10:2a:e1:10:4a:9a:0d:32:37:
         55:63:5f:01:6f:db:a8:86:52:4b:c3:5f:31:72:c5:eb:1e:a0:
         8d:73:9e:64:38:f1:74:1b:63:89:bb:4a:83:97:3f:77:b8:b6:
         4b:cb:e5:be:05:94:36:a6:26:65:86:51:a5:53:a6:9c:11:33:
         bd:9d:7b:2f:28:24:12:be:c9:11:ba:07:30:de:c9:91:7f:a0:
         db:d8:03:3d:5d:f6:43:7e:82:9e:96:5c:8f:ea:db:1b:52:08:
         f9:3a:cd:ef:22:ba:86:d8:59:38:bf:c2:ec:08:a4:6f:49:8f:
         5c:c6:6a:f0:88:3d:5a:c0:8d:db:c1:e3:4a:03:43:dc:12:e1:
         aa:60:04:2c:8c:e4:ad:f4:e3:b8:d1:c8:ef:e7:48:b7:48:3a:
         e0:09:78:29:7d:1e:c1:ef:3e:6f:31:c8:ba:53:77:df:7f:84:
         4e:c1:35:1c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUKAaSHZmVFPNI2EVDFcnZm23Y38AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI2MTUyMzIzWhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BkYzIwMjI5YjY5YzNmMGM3ZGZhMTNkOTQyYzJjMTI5NjYx
YTdiMzBjMmJkNjhhNDM5YTc5Y2FkMjZiNGMzMDdlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0nHPih6RQsLJfpBbpjE+mmRiO40J1DJ6dOALzSpmFsAK4
Y593PSQnGIHBaE0I3ru7tRFTERYKM8pnWW7BpkO0Jqsy/60gCMpTP7qC4A3PT36l
YDU73WQCnDENBZs1N9+adJYbm4/gmvagOzZ62JdoznKjTbFf5dulo8bMON2TLaR+
yKcP/HpzFQlKR+ZRBrmTrj66ZrVLQnAdUbLWl0KGa6bU9DH7vfQLHtHTA+TK0KVZ
DsSDepHmINPjP351qhiinV9w6ikve7IMaNtkpX4DEK+obswvDA/dWrfvddg+ReHQ
az2UFGU4ixG5lgS7LwQ8a9oNFWgN+wm0LAAtO+jFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUFYf3U7UrvNeksmaEgxONSABx8gQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzQ0ODkzYTIwLWNjNWUtNGQ0My1hNTlmLWU3ZGQ5YzlmZWUwMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCNujANBgkqhkiG9w0BAQsFAAOCAQEAYUFcB4aFEVF4xE//HqtE2waT85RB
W6YFCjOBFyBMmMwSeAmNljtonoP1KbEFXgwHu3LPOykghHOe2baJZxyr466EVwmf
LkYHV4qRXXVr+JzCECrhEEqaDTI3VWNfAW/bqIZSS8NfMXLF6x6gjXOeZDjxdBtj
ibtKg5c/d7i2S8vlvgWUNqYmZYZRpVOmnBEzvZ17LygkEr7JEboHMN7JkX+g29gD
PV32Q36CnpZcj+rbG1II+TrN7yK6hthZOL/C7Aikb0mPXMZq8Ig9WsCN28HjSgND
3BLhqmAELIzkrfTjuNHI7+dIt0g64Al4KX0ewe8+bzHIulN333+ETsE1HA==
-----END CERTIFICATE-----