Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/70e3f95f-4fd8-4acd-84e4-3ac6703b0781.roa
File:                     70e3f95f-4fd8-4acd-84e4-3ac6703b0781.roa (raw, json)
Hash identifier:          8y1FSGuK/uX9X0CIOlZS0KxzIe3uq70Zs88bBBXFYKo=
Subject key identifier:   A9:19:3C:14:7D:0E:7D:8B:92:B3:26:21:FE:5A:F1:BF:8E:B9:2F:F1
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       601382F54FFCE3CCD8A6092D93F54AB1CE4F3320
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/70e3f95f-4fd8-4acd-84e4-3ac6703b0781.roa
Signing time:             Tue 19 Aug 2025 15:51:45 +0000
ROA not before:           Tue 19 Aug 2025 15:51:45 +0000
ROA not after:            Tue 23 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.66.32.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 22 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:13:82:f5:4f:fc:e3:cc:d8:a6:09:2d:93:f5:4a:b1:ce:4f:33:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Aug 19 15:51:45 2025 GMT
            Not After : Sep 23 23:59:59 2025 GMT
        Subject: serialNumber=55ce786676e5424d9917a5f93962afd205c02807b1aafef67578a8af3a18ee00, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:d0:cb:a5:22:3b:df:bc:9f:90:a2:0b:b6:05:
                    47:1e:b9:44:52:75:f9:8c:23:aa:9f:2b:4f:92:96:
                    2e:9a:41:0e:d3:83:74:4e:fa:6e:8c:59:71:af:24:
                    5e:d6:20:f6:26:ba:ae:21:75:28:ce:0e:e4:4b:a1:
                    f6:c1:c0:de:54:9d:be:5b:a3:e3:f3:d5:c4:f0:f2:
                    eb:e2:66:cf:8f:7b:35:4b:90:79:47:a4:4b:9a:4a:
                    90:c9:af:06:53:bc:6a:59:07:e5:d8:1b:69:65:ab:
                    ff:6d:86:85:48:d8:2d:94:57:51:e2:3d:32:26:bc:
                    11:39:e7:14:25:32:01:ff:de:e5:95:c8:3e:0f:82:
                    6e:56:43:2f:f3:3a:1e:d2:aa:66:b0:73:47:ac:e9:
                    4a:cd:bc:dc:05:95:69:b2:ec:38:52:bd:17:ca:4d:
                    d5:de:78:3c:80:57:14:68:8b:71:f9:7a:79:99:8e:
                    95:27:2b:60:3f:e7:d0:9f:a6:2d:24:21:1d:51:c7:
                    1a:4a:1a:76:33:39:20:9e:9b:61:c7:c4:93:05:8d:
                    8f:8b:b6:26:5d:e8:05:4b:66:ec:e4:d8:3c:da:89:
                    39:de:73:77:e5:bb:f3:37:f6:1b:3c:a9:44:c6:ce:
                    3a:65:3c:61:01:03:cc:7a:2d:8e:f3:f4:48:e2:71:
                    62:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:19:3C:14:7D:0E:7D:8B:92:B3:26:21:FE:5A:F1:BF:8E:B9:2F:F1
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/70e3f95f-4fd8-4acd-84e4-3ac6703b0781.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.66.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         23:12:2b:32:5e:9d:32:97:21:22:c4:59:e5:79:ec:bd:4b:1d:
         5d:3f:ff:98:52:82:04:8e:13:01:77:71:7e:5e:a7:61:43:2d:
         6f:36:2e:4b:a4:27:04:7e:f7:8e:3e:03:4f:f1:8f:f0:d7:64:
         80:9d:73:c3:c3:03:7e:35:a5:a0:e1:c6:c1:16:ad:99:f5:d9:
         38:52:4f:64:7b:c4:39:16:15:a9:6a:c5:92:f8:a0:4c:8b:c7:
         6e:73:87:15:34:bc:a2:9d:2c:06:04:94:89:fa:b8:37:ec:2f:
         cc:1b:e7:8c:f6:78:0e:12:b2:b7:c1:57:0f:39:39:c9:57:f3:
         8a:0f:d6:b3:a6:6b:39:6a:28:42:74:42:9d:e0:7f:9a:71:06:
         89:bb:ea:cc:32:82:b3:1c:20:9c:25:da:6a:c3:49:6c:a1:a4:
         2c:cf:c1:39:09:b3:45:9b:d0:98:8f:4c:3b:63:c8:c8:25:82:
         b8:f9:01:ca:06:65:fa:82:b3:f2:43:83:14:80:ba:22:5e:2c:
         1f:c7:87:0d:3f:7f:b3:53:5e:d9:3f:5d:3a:14:41:3a:38:c8:
         d5:80:6c:92:5a:39:f2:a9:8c:1a:3f:30:1e:72:a3:33:c5:77:
         cb:5e:57:db:e4:53:ae:c9:7a:9d:1a:39:49:00:c7:75:27:5d:
         37:65:fe:8a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYBOC9U/848zYpgktk/VKsc5PMyAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwODE5MTU1MTQ1WhcNMjUwOTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A1NWNlNzg2Njc2ZTU0MjRkOTkxN2E1ZjkzOTYyYWZkMjA1
YzAyODA3YjFhYWZlZjY3NTc4YThhZjNhMThlZTAwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCJ0MulIjvfvJ+Qogu2BUceuURSdfmMI6qfK0+Sli6aQQ7T
g3RO+m6MWXGvJF7WIPYmuq4hdSjODuRLofbBwN5Unb5bo+Pz1cTw8uviZs+PezVL
kHlHpEuaSpDJrwZTvGpZB+XYG2llq/9thoVI2C2UV1HiPTImvBE55xQlMgH/3uWV
yD4Pgm5WQy/zOh7Sqmawc0es6UrNvNwFlWmy7DhSvRfKTdXeeDyAVxRoi3H5enmZ
jpUnK2A/59Cfpi0kIR1RxxpKGnYzOSCem2HHxJMFjY+LtiZd6AVLZuzk2DzaiTne
c3flu/M39hs8qUTGzjplPGEBA8x6LY7z9EjicWLxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUqRk8FH0OfYuSsyYh/lrxv465L/EwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzcwZTNmOTVmLTRmZDgtNGFjZC04NGU0LTNhYzY3MDNiMDc4MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU0QiAwDQYJKoZIhvcNAQELBQADggEBACMSKzJenTKXISLEWeV57L1LHV0/
/5hSggSOEwF3cX5ep2FDLW82LkukJwR+944+A0/xj/DXZICdc8PDA341paDhxsEW
rZn12ThST2R7xDkWFalqxZL4oEyLx25zhxU0vKKdLAYElIn6uDfsL8wb54z2eA4S
srfBVw85OclX84oP1rOmazlqKEJ0Qp3gf5pxBom76swygrMcIJwl2mrDSWyhpCzP
wTkJs0Wb0JiPTDtjyMglgrj5AcoGZfqCs/JDgxSAuiJeLB/Hhw0/f7NTXtk/XToU
QTo4yNWAbJJaOfKpjBo/MB5yozPFd8teV9vkU67Jep0aOUkAx3UnXTdl/oo=
-----END CERTIFICATE-----