Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/92610e0a-b12a-4188-ab1a-ab49004d1c47.roa
File:                     92610e0a-b12a-4188-ab1a-ab49004d1c47.roa (raw, json)
Hash identifier:          N+TDZ5EVhSJM2x1ZN/KXrxJ2R38WLOugKsZt+k+VlP0=
Subject key identifier:   5A:E3:7B:8C:E5:93:E2:0F:2A:02:52:65:EE:3E:79:46:A2:1C:5B:FF
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       3B12B6DA4A74921539DAC5FAF0EEF4D897CEE1E7
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/92610e0a-b12a-4188-ab1a-ab49004d1c47.roa
Signing time:             Tue 19 Aug 2025 15:40:22 +0000
ROA not before:           Tue 19 Aug 2025 15:40:22 +0000
ROA not after:            Tue 23 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.13.0.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 22 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:12:b6:da:4a:74:92:15:39:da:c5:fa:f0:ee:f4:d8:97:ce:e1:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Aug 19 15:40:22 2025 GMT
            Not After : Sep 23 23:59:59 2025 GMT
        Subject: serialNumber=70e51b15aa69003f65eafedc8bae209c82d71fe2f3ddbd203213212c48ba99ba, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:ff:3a:5f:d5:1c:cf:98:63:4c:db:db:27:18:
                    97:8b:5d:93:da:a1:4c:5f:20:28:83:32:81:85:e6:
                    7f:d3:76:ff:8f:75:b7:c8:50:07:97:56:8c:0e:73:
                    51:37:2a:bf:b5:d5:90:6e:8e:bf:b9:96:e8:d4:43:
                    f9:a7:dc:66:dd:af:aa:ca:6a:dc:71:94:7d:32:84:
                    e4:5a:6b:58:44:49:92:8b:0d:93:47:59:42:31:bd:
                    35:f1:84:cf:f4:9d:7d:54:0b:f0:00:44:58:fb:30:
                    db:05:20:2b:7a:09:e9:f4:0d:5b:c7:14:be:2a:c3:
                    6a:bc:8e:3b:52:1c:a6:cf:a1:6f:f3:30:43:a1:46:
                    cd:48:ff:39:ca:c7:db:b0:d9:47:79:0a:65:fc:43:
                    5a:24:8f:d5:0f:76:9b:a0:93:58:d9:a1:d3:e6:15:
                    59:4f:06:7e:0e:a2:40:3b:1c:19:b6:10:a0:b0:63:
                    1c:2c:81:3d:e9:f5:ee:76:5d:56:68:af:bf:40:8b:
                    de:76:08:7a:47:80:ed:68:72:a7:d5:f4:7f:62:0a:
                    19:45:8c:94:d7:33:b1:bf:8a:2b:bc:94:6a:1a:a1:
                    73:49:90:d8:9e:c7:6c:3a:15:c9:a0:41:f5:5d:68:
                    8d:b7:38:fd:cf:bb:b5:3b:49:68:77:90:fe:e3:04:
                    39:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:E3:7B:8C:E5:93:E2:0F:2A:02:52:65:EE:3E:79:46:A2:1C:5B:FF
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/92610e0a-b12a-4188-ab1a-ab49004d1c47.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.13.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         5e:06:22:00:ff:f9:9e:e9:eb:bf:ef:2f:e6:f1:ea:59:69:be:
         98:98:fe:da:fe:b5:8b:28:0a:e3:be:e5:ff:f3:b9:5b:5c:ca:
         74:f7:44:cc:71:dd:79:26:7b:f4:19:4a:f1:a4:ff:c4:3a:0f:
         23:0c:05:13:78:ac:f7:9a:7b:86:43:64:db:a9:27:73:6e:b5:
         e8:02:5d:2f:53:6d:06:a2:0f:76:21:fc:48:57:87:e0:b5:29:
         f1:8b:b5:20:52:24:b2:70:67:1a:f8:31:96:06:15:0d:7c:f6:
         7b:eb:e6:db:33:44:bc:c9:56:20:65:3c:61:53:26:5a:fe:95:
         bb:bc:9b:28:90:3a:71:f7:75:e2:df:a4:43:27:1f:b6:14:1e:
         61:4f:99:ee:d2:33:23:d6:83:58:6e:a3:4e:38:14:af:ca:81:
         02:8c:73:e5:35:07:97:67:f0:6d:87:dc:2d:f0:e3:d2:ad:04:
         ea:ab:27:19:6f:87:6f:4c:08:b4:a7:88:1f:5b:b8:69:20:ab:
         a3:f8:d3:07:5e:49:60:3f:f7:50:91:57:fe:8b:de:b5:6a:53:
         a4:24:b0:91:fb:bb:b8:06:1d:ba:3f:22:cd:bc:b2:d2:52:a5:
         39:2f:ae:29:8d:a0:69:73:4e:f4:5e:b1:f8:7d:82:bd:39:2f:
         ad:f7:6c:d1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOxK22kp0khU52sX68O702JfO4ecwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwODE5MTU0MDIyWhcNMjUwOTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3MGU1MWIxNWFhNjkwMDNmNjVlYWZlZGM4YmFlMjA5Yzgy
ZDcxZmUyZjNkZGJkMjAzMjEzMjEyYzQ4YmE5OWJhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4/zpf1RzPmGNM29snGJeLXZPaoUxfICiDMoGF5n/Tdv+P
dbfIUAeXVowOc1E3Kr+11ZBujr+5lujUQ/mn3Gbdr6rKatxxlH0yhORaa1hESZKL
DZNHWUIxvTXxhM/0nX1UC/AARFj7MNsFICt6Cen0DVvHFL4qw2q8jjtSHKbPoW/z
MEOhRs1I/znKx9uw2Ud5CmX8Q1okj9UPdpugk1jZodPmFVlPBn4OokA7HBm2EKCw
YxwsgT3p9e52XVZor79Ai952CHpHgO1ocqfV9H9iChlFjJTXM7G/iiu8lGoaoXNJ
kNiex2w6FcmgQfVdaI23OP3Pu7U7SWh3kP7jBDk3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUWuN7jOWT4g8qAlJl7j55RqIcW/8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzkyNjEwZTBhLWIxMmEtNDE4OC1hYjFhLWFiNDkwMDRkMWM0Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU0DQAwDQYJKoZIhvcNAQELBQADggEBAF4GIgD/+Z7p67/vL+bx6llpvpiY
/tr+tYsoCuO+5f/zuVtcynT3RMxx3Xkme/QZSvGk/8Q6DyMMBRN4rPeae4ZDZNup
J3NutegCXS9TbQaiD3Yh/EhXh+C1KfGLtSBSJLJwZxr4MZYGFQ189nvr5tszRLzJ
ViBlPGFTJlr+lbu8myiQOnH3deLfpEMnH7YUHmFPme7SMyPWg1huo044FK/KgQKM
c+U1B5dn8G2H3C3w49KtBOqrJxlvh29MCLSniB9buGkgq6P40wdeSWA/91CRV/6L
3rVqU6QksJH7u7gGHbo/Is28stJSpTkvrimNoGlzTvResfh9gr05L633bNE=
-----END CERTIFICATE-----