Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6f26fd0d-9ca0-48ed-ab5a-de2814b1a9d8.roa
File:                     6f26fd0d-9ca0-48ed-ab5a-de2814b1a9d8.roa (raw, json)
Hash identifier:          WtKmYwVvH6q8bQR7jUQnsiMwIWK5JyrZHBQ2oyWlThE=
Subject key identifier:   61:8B:61:12:C9:FC:FE:86:64:59:6F:5A:27:B0:3A:22:D7:CE:CA:D1
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2522BDDFD089754CA71E027451FDFF3186F9B26B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6f26fd0d-9ca0-48ed-ab5a-de2814b1a9d8.roa
Signing time:             Mon 22 Sep 2025 19:31:47 +0000
ROA not before:           Mon 22 Sep 2025 19:31:47 +0000
ROA not after:            Mon 27 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.164.86.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:22:bd:df:d0:89:75:4c:a7:1e:02:74:51:fd:ff:31:86:f9:b2:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 22 19:31:47 2025 GMT
            Not After : Oct 27 23:59:59 2025 GMT
        Subject: serialNumber=7c76cf22f1705297d5cdc81a48972fc5e511311c0ffb1fd4598023e2a627dc40, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:8e:f5:a2:4f:04:ef:16:f3:84:c7:09:be:ac:
                    fb:2c:fb:8e:f4:b8:07:a0:fe:fb:da:f7:53:19:8c:
                    9c:03:4d:3c:3c:c7:2f:93:61:71:69:18:d8:31:71:
                    f3:8a:dd:0e:e4:31:ef:57:76:fe:45:ca:32:75:2d:
                    27:ad:cc:2f:74:d8:90:a1:5d:6e:1e:ac:30:3a:a2:
                    c5:aa:a0:3c:c7:b1:83:3d:2b:29:90:d3:79:ea:8e:
                    ce:25:6c:20:4c:30:47:b1:12:f3:dc:95:02:db:98:
                    8c:db:e2:0d:d8:6a:9b:6c:86:ac:69:fd:96:b0:47:
                    ef:22:39:5d:d5:32:34:60:b8:cc:cf:93:4c:fd:fc:
                    a1:84:1e:74:75:2a:34:8e:03:19:3c:25:9c:64:8f:
                    91:5e:a1:ab:a5:1b:7d:3a:6d:00:ab:ff:26:1b:c7:
                    8d:31:71:6f:86:a6:89:0d:2f:55:53:03:81:07:0b:
                    e4:9d:a0:2a:4e:24:46:79:a7:f1:70:ba:58:bc:81:
                    58:34:49:cc:3a:47:25:99:03:55:3e:51:54:f8:a6:
                    8b:56:5e:a0:8a:22:df:00:3e:46:0f:07:42:28:6e:
                    41:44:28:bb:54:bc:10:f5:c8:02:73:8b:91:40:f6:
                    d4:8d:25:7b:5e:f1:05:94:4c:c3:d3:7a:5d:36:f4:
                    2f:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:8B:61:12:C9:FC:FE:86:64:59:6F:5A:27:B0:3A:22:D7:CE:CA:D1
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6f26fd0d-9ca0-48ed-ab5a-de2814b1a9d8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.164.86.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:d3:05:2f:6b:d8:15:e0:84:fb:a7:e7:1c:0e:12:6b:3b:5d:
         10:bc:58:49:fd:57:30:52:b5:a4:a8:d6:4d:57:cd:f4:e2:f4:
         5b:b2:10:07:bc:65:fc:fb:63:74:06:5a:67:ae:30:08:8a:72:
         76:8f:3d:03:b5:c6:47:d8:0b:4b:ab:e0:79:99:64:c4:7e:50:
         39:4d:6c:fa:fa:df:5a:1f:5e:c6:e4:64:ea:24:8b:35:66:1c:
         bf:a6:63:e9:b0:f9:d3:de:be:bc:e9:4e:fb:01:c9:8c:0d:14:
         37:a8:c0:90:10:5d:5c:05:18:32:11:71:b5:3c:1f:b2:e5:40:
         ba:5b:1a:0c:59:14:e8:46:98:d9:91:3c:20:30:d7:39:5f:96:
         bd:a2:61:7c:46:1c:0e:4a:45:94:de:26:64:62:f8:a8:d3:6f:
         a2:4d:ff:30:78:e0:0b:a3:51:e1:fa:7c:cc:2f:e4:72:48:c0:
         3c:6d:e5:50:f4:07:3e:76:83:d3:52:67:e1:45:79:c3:bf:65:
         cc:e1:d5:b2:73:ae:21:7b:2c:2f:df:be:86:bd:49:a2:a7:a4:
         e2:fd:c1:25:b6:01:93:ef:74:94:37:14:f2:2a:b9:ee:3a:12:
         16:17:34:95:8f:e4:94:34:a9:1f:09:ca:cd:1a:a5:33:0e:0d:
         f8:8f:8b:98
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJSK939CJdUynHgJ0Uf3/MYb5smswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTIyMTkzMTQ3WhcNMjUxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A3Yzc2Y2YyMmYxNzA1Mjk3ZDVjZGM4MWE0ODk3MmZjNWU1
MTEzMTFjMGZmYjFmZDQ1OTgwMjNlMmE2MjdkYzQwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGjvWiTwTvFvOExwm+rPss+470uAeg/vva91MZjJwDTTw8
xy+TYXFpGNgxcfOK3Q7kMe9Xdv5FyjJ1LSetzC902JChXW4erDA6osWqoDzHsYM9
KymQ03nqjs4lbCBMMEexEvPclQLbmIzb4g3Yaptshqxp/ZawR+8iOV3VMjRguMzP
k0z9/KGEHnR1KjSOAxk8JZxkj5FeoaulG306bQCr/yYbx40xcW+GpokNL1VTA4EH
C+SdoCpOJEZ5p/Fwuli8gVg0Scw6RyWZA1U+UVT4potWXqCKIt8APkYPB0IobkFE
KLtUvBD1yAJzi5FA9tSNJXte8QWUTMPTel029C97AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYYthEsn8/oZkWW9aJ7A6ItfOytEwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzZmMjZmZDBkLTljYTAtNDhlZC1hYjVhLWRlMjgxNGIxYTlkOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAASpFYwDQYJKoZIhvcNAQELBQADggEBABnTBS9r2BXghPun5xwOEms7XRC8
WEn9VzBStaSo1k1XzfTi9FuyEAe8Zfz7Y3QGWmeuMAiKcnaPPQO1xkfYC0ur4HmZ
ZMR+UDlNbPr631ofXsbkZOokizVmHL+mY+mw+dPevrzpTvsByYwNFDeowJAQXVwF
GDIRcbU8H7LlQLpbGgxZFOhGmNmRPCAw1zlflr2iYXxGHA5KRZTeJmRi+KjTb6JN
/zB44AujUeH6fMwv5HJIwDxt5VD0Bz52g9NSZ+FFecO/Zczh1bJzriF7LC/fvoa9
SaKnpOL9wSW2AZPvdJQ3FPIque46EhYXNJWP5JQ0qR8Jys0apTMODfiPi5g=
-----END CERTIFICATE-----