Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/726ab840-91a1-4d06-8d70-66d240e7ea7d.roa
File:                     726ab840-91a1-4d06-8d70-66d240e7ea7d.roa (raw, json)
Hash identifier:          lfT4k3dTPYnMcg7MDR90rLWg7f7p5riY5McmrD/dZRE=
Subject key identifier:   F0:C8:91:23:CE:84:FD:CD:57:21:B2:5A:33:C0:03:8C:F8:38:47:80
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5F15669FABB6E67023F22782F1EBC2E9BE64243A
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/726ab840-91a1-4d06-8d70-66d240e7ea7d.roa
Signing time:             Sat 15 Nov 2025 03:42:12 +0000
ROA not before:           Sat 15 Nov 2025 03:42:12 +0000
ROA not after:            Sat 20 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.112.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 16 Nov 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:15:66:9f:ab:b6:e6:70:23:f2:27:82:f1:eb:c2:e9:be:64:24:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 15 03:42:12 2025 GMT
            Not After : Dec 20 23:59:59 2025 GMT
        Subject: serialNumber=93e8ea8b78d90809c3292f8793c007e4d18154c5d35f4c7e4ad48a87c23f5695, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:1f:fb:14:0e:52:55:d9:fa:bc:7e:86:8d:82:
                    1f:9f:f6:dd:8f:14:89:b1:9f:71:e6:14:63:c3:fc:
                    37:e2:a1:ff:aa:1d:6a:80:75:99:38:a5:cb:bb:c5:
                    a8:53:63:e6:2d:a4:eb:fb:76:d7:df:8d:e5:79:2d:
                    5f:37:32:ab:69:34:05:6f:91:f6:d1:a7:93:60:dc:
                    bd:20:64:99:b0:b9:61:86:ac:cf:9e:07:a6:ac:4d:
                    84:c5:94:2e:d4:8a:3d:07:58:ce:46:c5:25:4a:74:
                    6c:9d:23:96:eb:f4:62:21:ef:37:cb:06:2f:07:6b:
                    b5:9b:83:db:95:dc:b6:7e:fc:ec:18:fd:0c:7a:49:
                    0d:07:7b:a6:91:47:34:fd:1f:45:62:68:87:fd:00:
                    23:f7:e0:84:13:31:30:75:fe:b8:7e:8a:d3:73:84:
                    d9:bd:af:56:f2:9c:b0:52:bf:6f:39:dc:a4:40:f4:
                    4f:9a:76:8b:bb:ea:b4:fd:da:f5:af:0f:17:ab:19:
                    e0:e7:74:af:04:bc:6e:da:02:8e:d6:61:32:c0:f6:
                    a5:8a:e0:c7:a5:d8:76:ea:a4:a4:3d:cd:b4:6d:a1:
                    3e:e5:ec:e8:57:d7:62:89:1c:b1:38:81:0f:ac:b0:
                    90:6d:89:d9:6e:10:80:ea:61:10:29:d6:ac:51:f8:
                    aa:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:C8:91:23:CE:84:FD:CD:57:21:B2:5A:33:C0:03:8C:F8:38:47:80
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/726ab840-91a1-4d06-8d70-66d240e7ea7d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.112.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         2b:be:a0:37:2b:0a:87:d2:15:7e:13:70:11:49:c3:2c:a3:e3:
         ca:1d:56:e3:55:a2:09:3c:29:e3:51:28:ad:bc:95:c8:c9:90:
         b0:9f:c1:2a:21:7f:05:99:2a:15:c2:4a:92:f6:81:e6:14:e8:
         ca:4b:29:15:33:ec:08:34:a8:b5:3a:73:c5:75:8c:17:f2:99:
         c7:b9:8f:37:1b:84:2c:fa:01:a3:f3:56:d3:55:87:13:3b:20:
         c1:6d:72:5b:60:96:af:65:a1:30:c1:43:8e:e2:9c:ea:1d:c0:
         2f:59:8e:c7:0a:d9:40:bd:f8:9d:5c:a4:72:6d:4a:eb:be:c1:
         e3:f4:17:35:ab:90:70:75:34:f2:78:76:bc:de:31:bb:1f:a0:
         22:ef:c9:de:92:96:bd:2c:d4:1c:3e:dc:87:78:40:32:1d:0e:
         f7:a4:88:38:70:81:75:6c:45:3f:63:d4:1c:d8:0a:db:ac:75:
         8f:3f:f5:24:42:24:c5:c3:04:1d:9e:16:28:10:56:fb:2c:bc:
         64:30:21:b0:64:ef:67:88:2a:35:c8:e6:77:66:32:c0:78:fa:
         8e:34:25:60:6c:82:a4:11:8c:e3:b5:0a:ce:03:73:8c:b7:f9:
         d1:b5:27:78:39:ea:29:5e:11:f3:36:f2:30:5e:99:c5:ab:04:
         2d:de:04:21
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUXxVmn6u25nAj8ieC8evC6b5kJDowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTE1MDM0MjEyWhcNMjUxMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A5M2U4ZWE4Yjc4ZDkwODA5YzMyOTJmODc5M2MwMDdlNGQx
ODE1NGM1ZDM1ZjRjN2U0YWQ0OGE4N2MyM2Y1Njk1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDfH/sUDlJV2fq8foaNgh+f9t2PFImxn3HmFGPD/Dfiof+q
HWqAdZk4pcu7xahTY+YtpOv7dtffjeV5LV83MqtpNAVvkfbRp5Ng3L0gZJmwuWGG
rM+eB6asTYTFlC7Uij0HWM5GxSVKdGydI5br9GIh7zfLBi8Ha7Wbg9uV3LZ+/OwY
/Qx6SQ0He6aRRzT9H0ViaIf9ACP34IQTMTB1/rh+itNzhNm9r1bynLBSv2853KRA
9E+adou76rT92vWvDxerGeDndK8EvG7aAo7WYTLA9qWK4Mel2HbqpKQ9zbRtoT7l
7OhX12KJHLE4gQ+ssJBtidluEIDqYRAp1qxR+KqxAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU8MiRI86E/c1XIbJaM8ADjPg4R4AwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzcyNmFiODQwLTkxYTEtNGQwNi04ZDcwLTY2ZDI0MGU3ZWE3ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAScDANBgkqhkiG9w0BAQsFAAOCAQEAK76gNysKh9IVfhNwEUnDLKPjyh1W
41WiCTwp41EorbyVyMmQsJ/BKiF/BZkqFcJKkvaB5hToykspFTPsCDSotTpzxXWM
F/KZx7mPNxuELPoBo/NW01WHEzsgwW1yW2CWr2WhMMFDjuKc6h3AL1mOxwrZQL34
nVykcm1K677B4/QXNauQcHU08nh2vN4xux+gIu/J3pKWvSzUHD7ch3hAMh0O96SI
OHCBdWxFP2PUHNgK26x1jz/1JEIkxcMEHZ4WKBBW+yy8ZDAhsGTvZ4gqNcjmd2Yy
wHj6jjQlYGyCpBGM47UKzgNzjLf50bUneDnqKV4R8zbyMF6ZxasELd4EIQ==
-----END CERTIFICATE-----