Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/92610e0a-b12a-4188-ab1a-ab49004d1c47.roa
File:                     92610e0a-b12a-4188-ab1a-ab49004d1c47.roa (raw, json)
Hash identifier:          s/ujSOeVbTSKeqpXBg9guORk9GLDVh+MDK56zRF+yhk=
Subject key identifier:   DF:6A:B2:C6:07:1A:0B:32:0A:1D:D8:EA:BF:3A:74:E1:BC:52:63:33
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       28E0E3F20D07FAEDA714761282ACF4020FDCD918
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/92610e0a-b12a-4188-ab1a-ab49004d1c47.roa
Signing time:             Fri 10 Oct 2025 15:49:36 +0000
ROA not before:           Fri 10 Oct 2025 15:49:36 +0000
ROA not after:            Fri 14 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.13.0.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:e0:e3:f2:0d:07:fa:ed:a7:14:76:12:82:ac:f4:02:0f:dc:d9:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 10 15:49:36 2025 GMT
            Not After : Nov 14 23:59:59 2025 GMT
        Subject: serialNumber=14b9ee71a2b55a9ff4a7bf2ffbfbf5136031d95087249737896ab18097fdab8f, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:f0:68:36:e3:b2:ae:0b:b2:5e:16:2f:86:26:
                    e3:14:7f:51:11:b8:92:46:a6:ce:33:e2:c7:bd:08:
                    0a:28:8b:04:a6:da:41:a4:dc:94:b1:99:9f:0b:3f:
                    5c:1d:10:ba:ad:3c:7f:5a:2b:19:ea:62:9d:30:dc:
                    f5:33:d8:fe:ea:bc:b8:4d:ab:c8:7e:31:39:bd:a4:
                    f3:98:48:52:2f:85:22:10:fb:36:98:f9:46:e1:e4:
                    2a:23:30:97:82:81:3e:c4:49:2b:21:e1:e1:a3:28:
                    6d:a7:7a:09:dc:c9:a6:09:a4:f0:35:8e:a9:8e:71:
                    8a:54:bc:2f:79:77:43:ec:ae:73:44:20:cd:d3:2c:
                    41:f4:35:d5:6c:d2:53:bd:90:cc:24:c2:9d:ee:92:
                    fa:d0:52:31:a6:00:e6:c5:da:ee:d2:56:21:c9:88:
                    7c:b2:ec:ab:00:06:74:4d:36:ab:07:32:bb:1c:0d:
                    fe:68:f2:2b:9b:39:6e:71:14:d9:58:3c:6a:9f:67:
                    e9:d4:5e:6e:c0:ef:2c:5d:26:f9:4d:18:a7:e5:92:
                    73:1c:e1:c4:ec:4f:ea:92:20:9d:e7:6c:83:e9:2f:
                    5c:31:ed:91:4c:d7:92:e7:dd:59:15:be:f0:66:07:
                    19:9d:cf:6d:c3:b3:4a:08:0d:07:c5:be:75:11:ff:
                    4c:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:6A:B2:C6:07:1A:0B:32:0A:1D:D8:EA:BF:3A:74:E1:BC:52:63:33
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/92610e0a-b12a-4188-ab1a-ab49004d1c47.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.13.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         90:53:7f:d9:fc:2f:f1:0d:63:45:db:3c:8e:cb:7c:86:a9:1d:
         21:3f:c0:d9:90:53:0d:39:7a:2f:27:bf:74:b8:4c:a4:f5:38:
         c4:1b:12:cd:0c:3c:fe:7f:44:76:2c:f8:62:33:31:11:e9:29:
         7e:c3:5b:8e:67:58:f8:2d:a7:29:b4:c8:7b:dd:95:cb:9d:91:
         0f:9a:dd:d4:b1:37:8a:b7:f6:68:1a:e0:fa:45:53:cb:10:93:
         7d:ff:c4:7f:29:21:9d:c3:fd:87:da:39:7b:29:a0:16:61:2c:
         34:3e:5b:e8:31:8f:64:d6:ae:e8:c0:62:6e:40:64:f3:5b:94:
         84:15:66:8e:6d:47:82:71:f6:2b:5d:4c:9e:f6:3e:37:b6:d3:
         8e:1f:bb:74:7a:0c:74:b6:a7:86:00:ed:b4:60:69:a7:a5:33:
         1d:44:ca:e0:76:ef:be:38:ad:83:ea:f9:2d:bd:58:90:59:7f:
         1e:a8:58:8f:25:80:7d:25:59:31:2e:dd:8f:f6:58:03:66:ff:
         01:f8:e9:87:fe:30:ba:b2:39:ce:c9:f3:1a:c6:76:4e:2d:f5:
         a8:6f:96:43:dc:7f:55:7d:aa:7d:6f:35:82:44:52:32:a1:12:
         dd:f0:51:79:69:99:3b:11:cf:fc:5c:03:22:9c:79:c3:b4:31:
         6d:18:50:3f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKODj8g0H+u2nFHYSgqz0Ag/c2RgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDEwMTU0OTM2WhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AxNGI5ZWU3MWEyYjU1YTlmZjRhN2JmMmZmYmZiZjUxMzYw
MzFkOTUwODcyNDk3Mzc4OTZhYjE4MDk3ZmRhYjhmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCl8Gg247KuC7JeFi+GJuMUf1ERuJJGps4z4se9CAooiwSm
2kGk3JSxmZ8LP1wdELqtPH9aKxnqYp0w3PUz2P7qvLhNq8h+MTm9pPOYSFIvhSIQ
+zaY+Ubh5CojMJeCgT7ESSsh4eGjKG2negncyaYJpPA1jqmOcYpUvC95d0PsrnNE
IM3TLEH0NdVs0lO9kMwkwp3ukvrQUjGmAObF2u7SViHJiHyy7KsABnRNNqsHMrsc
Df5o8iubOW5xFNlYPGqfZ+nUXm7A7yxdJvlNGKflknMc4cTsT+qSIJ3nbIPpL1wx
7ZFM15Ln3VkVvvBmBxmdz23Ds0oIDQfFvnUR/0xFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU32qyxgcaCzIKHdjqvzp04bxSYzMwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzkyNjEwZTBhLWIxMmEtNDE4OC1hYjFhLWFiNDkwMDRkMWM0Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU0DQAwDQYJKoZIhvcNAQELBQADggEBAJBTf9n8L/ENY0XbPI7LfIapHSE/
wNmQUw05ei8nv3S4TKT1OMQbEs0MPP5/RHYs+GIzMRHpKX7DW45nWPgtpym0yHvd
lcudkQ+a3dSxN4q39mga4PpFU8sQk33/xH8pIZ3D/YfaOXspoBZhLDQ+W+gxj2TW
rujAYm5AZPNblIQVZo5tR4Jx9itdTJ72Pje2044fu3R6DHS2p4YA7bRgaaelMx1E
yuB27744rYPq+S29WJBZfx6oWI8lgH0lWTEu3Y/2WANm/wH46Yf+MLqyOc7J8xrG
dk4t9ahvlkPcf1V9qn1vNYJEUjKhEt3wUXlpmTsRz/xcAyKcecO0MW0YUD8=
-----END CERTIFICATE-----