Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/62159664-79b2-45c3-9f7c-fb5e17ef5850.roa
File:                     62159664-79b2-45c3-9f7c-fb5e17ef5850.roa (raw, json)
Hash identifier:          sMS01m7ruSYL1TLq+xmrXHG29z7aiTGu0z+Yf0oTie0=
Subject key identifier:   06:5B:11:1C:94:C4:FE:37:D7:61:A0:35:D4:62:7C:8A:96:0C:24:41
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2F530B25E1486F6CE10FEB7E07E8E37DB519EC14
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/62159664-79b2-45c3-9f7c-fb5e17ef5850.roa
Signing time:             Mon 22 Sep 2025 22:23:35 +0000
ROA not before:           Mon 22 Sep 2025 22:23:35 +0000
ROA not after:            Mon 27 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.239.76.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:53:0b:25:e1:48:6f:6c:e1:0f:eb:7e:07:e8:e3:7d:b5:19:ec:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 22 22:23:35 2025 GMT
            Not After : Oct 27 23:59:59 2025 GMT
        Subject: serialNumber=9f2881eac7e37b10671d9c1a4a5479f032d999109f4a41a5d48766be947ccbc1, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:89:a0:9e:05:95:60:66:62:5e:1c:7b:3c:57:
                    b6:70:a7:b5:eb:9d:85:e8:3a:a0:c8:9e:7d:74:3a:
                    9f:c0:89:e0:fc:2b:39:f0:91:06:ba:d2:88:50:a0:
                    60:1c:58:b1:05:f6:b3:cf:a4:09:28:4d:63:87:91:
                    ed:ee:55:47:8c:c1:1e:05:f5:80:c1:1c:0a:b7:df:
                    28:ca:2a:18:a0:16:46:0e:74:13:02:37:20:a2:f1:
                    c2:ad:18:18:c1:c2:a1:f6:a3:93:5e:23:2b:12:1a:
                    1e:d4:06:08:44:85:02:bc:5c:45:4b:93:50:14:d8:
                    a5:74:35:9f:f4:0e:ef:a3:d0:b4:26:01:62:6d:89:
                    46:89:ff:de:77:20:85:57:90:70:0c:c5:90:b1:4b:
                    b2:72:c8:6f:3b:69:fa:8e:4f:b6:26:dc:c6:2f:7e:
                    fb:ec:43:f4:69:cc:e5:57:a4:fe:d0:ef:d0:93:b0:
                    d0:b3:6c:0d:df:f7:75:a9:e0:0d:fd:b8:d3:cf:be:
                    e9:c0:3d:dd:58:0e:c9:76:3c:c8:96:2f:db:73:9a:
                    fc:dc:27:52:1f:6b:50:24:8a:56:2d:8a:48:ff:a0:
                    0a:a3:08:56:0f:68:8b:a7:36:44:c8:8d:a1:ff:d2:
                    a7:81:55:72:fe:1f:a4:13:ba:f2:ff:15:45:c0:3e:
                    8a:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:5B:11:1C:94:C4:FE:37:D7:61:A0:35:D4:62:7C:8A:96:0C:24:41
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/62159664-79b2-45c3-9f7c-fb5e17ef5850.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.239.76.0/22

    Signature Algorithm: sha256WithRSAEncryption
         20:53:0c:3e:6e:b0:5b:70:08:25:08:bd:f3:4f:91:be:1e:6c:
         b5:bb:99:51:4c:32:e6:c8:46:94:d0:66:b6:83:ed:9d:65:98:
         ff:c5:24:b2:10:c5:b5:7e:ae:36:4f:fd:08:7a:68:18:ae:94:
         d8:96:ee:6a:da:0c:c9:4a:1f:01:7f:d2:84:8f:b8:ed:23:0c:
         0e:9d:c6:0e:93:a5:4c:d7:ee:3e:d8:0a:b6:84:31:3a:e9:1f:
         a3:ca:b0:62:32:ff:eb:ef:0b:22:ef:d3:8c:e0:0a:b4:b9:85:
         c7:dc:d3:a9:97:e5:2a:1f:33:66:12:77:72:c8:0a:0f:f8:6b:
         b7:56:22:99:76:c7:6e:6e:27:9d:41:30:f6:3f:fe:1e:09:06:
         9d:92:3b:39:bc:36:cb:87:20:78:06:07:2b:dc:8b:68:35:5d:
         22:17:1b:ea:e3:af:6c:0a:d2:35:e0:b3:ca:49:82:87:dd:ef:
         3a:79:f0:73:0d:a3:08:ae:2a:ee:30:40:bf:69:b5:64:d2:b8:
         f3:9c:9c:d9:ba:a1:43:5c:24:7b:84:fd:f2:67:b8:ba:d5:8d:
         95:5f:f7:65:f2:77:1d:4a:0c:ca:18:d6:c6:82:a8:bc:4e:f0:
         8b:0e:5b:04:06:39:5b:12:c5:bc:4b:24:4f:e7:1e:6b:a0:40:
         bd:63:8f:38
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUL1MLJeFIb2zhD+t+B+jjfbUZ7BQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTIyMjIyMzM1WhcNMjUxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZjI4ODFlYWM3ZTM3YjEwNjcxZDljMWE0YTU0NzlmMDMy
ZDk5OTEwOWY0YTQxYTVkNDg3NjZiZTk0N2NjYmMxMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCGiaCeBZVgZmJeHHs8V7Zwp7XrnYXoOqDInn10Op/AieD8
KznwkQa60ohQoGAcWLEF9rPPpAkoTWOHke3uVUeMwR4F9YDBHAq33yjKKhigFkYO
dBMCNyCi8cKtGBjBwqH2o5NeIysSGh7UBghEhQK8XEVLk1AU2KV0NZ/0Du+j0LQm
AWJtiUaJ/953IIVXkHAMxZCxS7JyyG87afqOT7Ym3MYvfvvsQ/RpzOVXpP7Q79CT
sNCzbA3f93Wp4A39uNPPvunAPd1YDsl2PMiWL9tzmvzcJ1Ifa1AkilYtikj/oAqj
CFYPaIunNkTIjaH/0qeBVXL+H6QTuvL/FUXAPop5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBlsRHJTE/jfXYaA11GJ8ipYMJEEwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzYyMTU5NjY0LTc5YjItNDVjMy05ZjdjLWZiNWUxN2VmNTg1MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIS70wwDQYJKoZIhvcNAQELBQADggEBACBTDD5usFtwCCUIvfNPkb4ebLW7
mVFMMubIRpTQZraD7Z1lmP/FJLIQxbV+rjZP/Qh6aBiulNiW7mraDMlKHwF/0oSP
uO0jDA6dxg6TpUzX7j7YCraEMTrpH6PKsGIy/+vvCyLv04zgCrS5hcfc06mX5Sof
M2YSd3LICg/4a7dWIpl2x25uJ51BMPY//h4JBp2SOzm8NsuHIHgGByvci2g1XSIX
G+rjr2wK0jXgs8pJgofd7zp58HMNowiuKu4wQL9ptWTSuPOcnNm6oUNcJHuE/fJn
uLrVjZVf92Xydx1KDMoY1saCqLxO8IsOWwQGOVsSxbxLJE/nHmugQL1jjzg=
-----END CERTIFICATE-----