Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/92c4c5e2-98b6-4b70-b79e-a06c47adb4fe.roa
File:                     92c4c5e2-98b6-4b70-b79e-a06c47adb4fe.roa (raw, json)
Hash identifier:          9TDjlOulDNW5aPvFEGrwpybdJBcTETmSdW16Kx9R12U=
Subject key identifier:   8F:59:68:FF:E9:67:A6:87:62:57:86:A1:05:0A:A9:DA:81:78:B0:EF
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7BFF55F79E10E0F9AE081882E4890230D6947E52
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/92c4c5e2-98b6-4b70-b79e-a06c47adb4fe.roa
Signing time:             Thu 25 Sep 2025 23:24:49 +0000
ROA not before:           Thu 25 Sep 2025 23:24:49 +0000
ROA not after:            Thu 30 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.173.160.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:ff:55:f7:9e:10:e0:f9:ae:08:18:82:e4:89:02:30:d6:94:7e:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 25 23:24:49 2025 GMT
            Not After : Oct 30 23:59:59 2025 GMT
        Subject: serialNumber=e588c05413180d108da22d00a1cf9d16707011e66800e8afc344453b9017919f, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:02:fc:cf:81:cb:bc:e0:6f:53:bb:18:7c:ff:
                    e2:bd:e3:9c:7d:18:43:7c:37:e4:df:b7:98:28:22:
                    61:a6:8f:e1:7b:6f:2b:3b:be:8d:f9:df:54:04:57:
                    df:65:0f:38:ab:16:c5:70:fd:d2:fc:82:64:aa:54:
                    b2:23:25:90:63:5c:2e:db:eb:23:a0:68:66:fe:46:
                    1a:61:09:88:a1:3b:c9:83:c7:37:3c:e8:e0:b5:ec:
                    bb:e2:aa:1e:41:88:2f:2d:0e:0b:3a:be:3c:0a:57:
                    f3:91:fd:a9:20:19:ba:76:33:16:b6:78:86:fa:d3:
                    23:35:97:a8:ba:2d:9c:db:65:95:47:51:19:8f:f5:
                    1e:a1:a0:d2:97:0d:d0:fa:25:84:86:ad:17:c6:27:
                    9c:df:03:62:d7:91:42:ef:a4:f1:49:d5:ff:36:6c:
                    95:70:38:4a:5e:5a:cb:ee:fc:68:19:a8:eb:5b:44:
                    ce:08:57:07:48:34:7f:41:9c:89:c7:4b:d9:15:31:
                    95:99:a2:59:89:cc:b8:51:a4:30:2f:c9:e3:b6:69:
                    56:96:4f:fc:0e:9e:16:7b:ba:ac:90:88:58:0b:f9:
                    4e:23:51:53:a0:9e:10:79:03:7a:9f:ea:5e:04:13:
                    de:71:c9:8c:39:fa:64:bc:72:94:65:f6:b3:69:93:
                    d5:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:59:68:FF:E9:67:A6:87:62:57:86:A1:05:0A:A9:DA:81:78:B0:EF
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/92c4c5e2-98b6-4b70-b79e-a06c47adb4fe.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.173.160.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1f:18:30:72:28:59:7e:1d:e6:6f:6a:8a:89:b8:f1:7a:fb:d9:
         db:5d:e9:18:a6:8b:c7:72:93:4c:e8:50:f3:11:18:a9:5e:4b:
         a3:75:8a:aa:a5:fc:7b:b2:9b:c6:fd:5e:d7:6c:5e:f4:5e:fc:
         64:46:7d:6e:ac:4d:23:6b:26:c4:15:39:22:15:1a:6a:ec:59:
         20:a4:f9:89:20:b4:9c:73:4c:c9:ee:60:28:c4:24:73:4e:a8:
         67:bc:3b:b6:bb:27:71:54:e4:4c:57:d2:a6:fe:74:24:5c:a2:
         e5:66:f5:e4:6b:c3:a4:3b:1e:36:e9:50:40:17:58:b5:0e:ad:
         4f:3b:7b:7e:2f:73:a0:7b:c7:f7:01:7e:d5:0a:e2:f6:f5:9c:
         6c:fd:a6:bd:bd:2f:f9:ce:34:1c:e7:cf:af:f8:0b:36:87:4d:
         b3:07:ee:bd:26:56:2e:aa:15:b8:12:07:bc:77:0e:8e:42:38:
         8e:62:91:4d:0f:8d:86:93:6b:99:08:b4:e7:78:31:3e:62:08:
         24:13:4f:0e:a4:ad:01:72:c5:05:38:02:f2:0b:b1:48:09:8b:
         4e:fe:09:41:23:dc:30:53:5a:a1:6b:16:aa:2d:93:b0:14:70:
         cf:0f:33:b6:54:35:43:bf:d3:ef:32:27:75:ac:a0:4e:8e:52:
         0c:89:67:40
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUe/9V954Q4PmuCBiC5IkCMNaUflIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI1MjMyNDQ5WhcNMjUxMDMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNTg4YzA1NDEzMTgwZDEwOGRhMjJkMDBhMWNmOWQxNjcw
NzAxMWU2NjgwMGU4YWZjMzQ0NDUzYjkwMTc5MTlmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCnAvzPgcu84G9Tuxh8/+K945x9GEN8N+Tft5goImGmj+F7
bys7vo3531QEV99lDzirFsVw/dL8gmSqVLIjJZBjXC7b6yOgaGb+RhphCYihO8mD
xzc86OC17Lviqh5BiC8tDgs6vjwKV/OR/akgGbp2Mxa2eIb60yM1l6i6LZzbZZVH
URmP9R6hoNKXDdD6JYSGrRfGJ5zfA2LXkULvpPFJ1f82bJVwOEpeWsvu/GgZqOtb
RM4IVwdINH9BnInHS9kVMZWZolmJzLhRpDAvyeO2aVaWT/wOnhZ7uqyQiFgL+U4j
UVOgnhB5A3qf6l4EE95xyYw5+mS8cpRl9rNpk9VhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUj1lo/+lnpodiV4ahBQqp2oF4sO8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzkyYzRjNWUyLTk4YjYtNGI3MC1iNzllLWEwNmM0N2FkYjRmZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEDraAwDQYJKoZIhvcNAQELBQADggEBAB8YMHIoWX4d5m9qiom48Xr72dtd
6Rimi8dyk0zoUPMRGKleS6N1iqql/Huym8b9XtdsXvRe/GRGfW6sTSNrJsQVOSIV
GmrsWSCk+YkgtJxzTMnuYCjEJHNOqGe8O7a7J3FU5ExX0qb+dCRcouVm9eRrw6Q7
HjbpUEAXWLUOrU87e34vc6B7x/cBftUK4vb1nGz9pr29L/nONBznz6/4CzaHTbMH
7r0mVi6qFbgSB7x3Do5COI5ikU0PjYaTa5kItOd4MT5iCCQTTw6krQFyxQU4AvIL
sUgJi07+CUEj3DBTWqFrFqotk7AUcM8PM7ZUNUO/0+8yJ3WsoE6OUgyJZ0A=
-----END CERTIFICATE-----