Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6cc80c0a-c7cf-4eda-8529-53154b873db1.roa
File:                     6cc80c0a-c7cf-4eda-8529-53154b873db1.roa (raw, json)
Hash identifier:          ZE4XPQIBumOo1FMcIpdt1OcbhrVs34FuxKfwHth/3xQ=
Subject key identifier:   27:70:C8:F6:6F:92:2F:88:85:1C:18:56:64:04:7F:0B:F3:57:77:27
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       574659F7EA2AEBB50BBE2E30091B13F585C6C56E
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6cc80c0a-c7cf-4eda-8529-53154b873db1.roa
Signing time:             Thu 16 Oct 2025 00:57:40 +0000
ROA not before:           Thu 16 Oct 2025 00:57:40 +0000
ROA not after:            Thu 20 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.190.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:46:59:f7:ea:2a:eb:b5:0b:be:2e:30:09:1b:13:f5:85:c6:c5:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 16 00:57:40 2025 GMT
            Not After : Nov 20 23:59:59 2025 GMT
        Subject: serialNumber=9c5708fedb582d44ee5970b6109fbdbab44d3b25306810fc1fa1dedcc0f04324, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:02:d4:8d:8c:08:1d:e6:80:0f:96:eb:1d:98:
                    24:5a:a2:9b:e4:2a:cf:c5:2f:c4:21:5d:53:1b:de:
                    f8:42:3a:d1:4a:c9:62:a8:c4:96:92:f9:e3:8d:93:
                    4e:01:c3:6b:6b:43:51:4d:9f:8e:55:f5:a9:6f:58:
                    c5:64:b1:b7:59:15:f8:37:0c:c2:c3:65:74:18:43:
                    4e:72:b8:ac:3c:21:88:e3:01:0f:7b:b7:b6:cd:6b:
                    66:eb:6e:d1:fd:78:b3:52:78:ad:d0:ac:0d:02:28:
                    e4:a3:50:bb:d5:87:5d:35:aa:5a:90:c4:76:54:89:
                    0a:fe:b8:b1:dc:eb:cc:64:a0:2b:45:f2:3b:05:5c:
                    46:40:2a:a0:c4:3f:1d:82:6d:63:50:64:cb:2e:3e:
                    66:c0:bb:41:db:9a:a7:4a:33:e3:a1:8f:5a:fe:29:
                    a8:3f:a1:81:bf:44:4e:dc:0c:8c:8c:4c:93:dd:03:
                    83:71:10:11:d3:94:df:f7:fe:ee:2f:27:85:ef:ee:
                    eb:d9:cd:13:32:f4:17:91:8c:a3:61:d4:95:01:57:
                    1a:57:c0:7b:47:c8:52:1b:ed:4f:84:f9:2b:f7:ec:
                    23:46:cc:7a:ab:ef:ba:ab:35:a0:69:5b:ed:e0:d1:
                    94:e5:8e:21:fe:7a:61:ae:dd:a6:4c:84:6b:df:1f:
                    eb:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:70:C8:F6:6F:92:2F:88:85:1C:18:56:64:04:7F:0B:F3:57:77:27
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6cc80c0a-c7cf-4eda-8529-53154b873db1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.190.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         29:07:10:3e:36:15:b2:6e:6d:e0:ea:b3:8a:03:5f:12:02:45:
         7f:a3:e1:5d:b1:b1:ea:df:f3:c5:56:c6:5f:d3:8a:d8:e3:89:
         34:51:9a:05:24:eb:dc:8b:d3:75:3e:63:bd:c5:d7:11:3e:b0:
         bd:87:b7:44:20:ec:29:e4:e6:92:1f:9e:8b:47:c3:ab:c6:1a:
         c0:a7:b6:fe:fa:de:4c:f4:aa:06:64:01:d9:f0:eb:5b:e6:3d:
         85:74:fa:c5:f7:b5:23:a4:1d:67:14:27:8b:77:96:72:28:9f:
         90:20:36:18:7f:8e:63:59:9c:3c:e6:e3:bf:57:f7:2e:05:c5:
         41:20:1d:1b:c8:ee:74:ab:68:61:ce:13:49:6d:dd:d9:81:7b:
         76:c9:00:22:19:58:56:bb:c2:29:56:d0:fe:70:8e:48:7b:a9:
         9e:50:12:f6:db:07:51:b4:02:df:c5:62:66:66:bc:50:8b:a8:
         ba:84:9a:13:b7:d8:b4:60:85:cd:0e:28:1e:af:2e:6d:9d:18:
         a4:9d:b7:21:39:df:86:82:4a:07:2b:ad:20:2e:80:65:bd:d7:
         20:e1:cc:42:80:58:dc:d3:fa:5e:d4:62:aa:cf:53:c7:ce:4e:
         aa:e9:bc:85:29:1c:61:d2:a9:85:d0:6a:da:73:2b:d5:38:a7:
         15:ea:53:ab
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUV0ZZ9+oq67ULvi4wCRsT9YXGxW4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE2MDA1NzQwWhcNMjUxMTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A5YzU3MDhmZWRiNTgyZDQ0ZWU1OTcwYjYxMDlmYmRiYWI0
NGQzYjI1MzA2ODEwZmMxZmExZGVkY2MwZjA0MzI0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLAtSNjAgd5oAPlusdmCRaopvkKs/FL8QhXVMb3vhCOtFK
yWKoxJaS+eONk04Bw2trQ1FNn45V9alvWMVksbdZFfg3DMLDZXQYQ05yuKw8IYjj
AQ97t7bNa2brbtH9eLNSeK3QrA0CKOSjULvVh101qlqQxHZUiQr+uLHc68xkoCtF
8jsFXEZAKqDEPx2CbWNQZMsuPmbAu0HbmqdKM+Ohj1r+Kag/oYG/RE7cDIyMTJPd
A4NxEBHTlN/3/u4vJ4Xv7uvZzRMy9BeRjKNh1JUBVxpXwHtHyFIb7U+E+Sv37CNG
zHqr77qrNaBpW+3g0ZTljiH+emGu3aZMhGvfH+unAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUJ3DI9m+SL4iFHBhWZAR/C/NXdycwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzZjYzgwYzBhLWM3Y2YtNGVkYS04NTI5LTUzMTU0Yjg3M2RiMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAPvjANBgkqhkiG9w0BAQsFAAOCAQEAKQcQPjYVsm5t4OqzigNfEgJFf6Ph
XbGx6t/zxVbGX9OK2OOJNFGaBSTr3IvTdT5jvcXXET6wvYe3RCDsKeTmkh+ei0fD
q8YawKe2/vreTPSqBmQB2fDrW+Y9hXT6xfe1I6QdZxQni3eWciifkCA2GH+OY1mc
PObjv1f3LgXFQSAdG8judKtoYc4TSW3d2YF7dskAIhlYVrvCKVbQ/nCOSHupnlAS
9tsHUbQC38ViZma8UIuouoSaE7fYtGCFzQ4oHq8ubZ0YpJ23ITnfhoJKByutIC6A
Zb3XIOHMQoBY3NP6XtRiqs9Tx85Oqum8hSkcYdKphdBq2nMr1TinFepTqw==
-----END CERTIFICATE-----