Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a5921231-133d-4ec1-a185-89f22dc0d55e.roa
File:                     a5921231-133d-4ec1-a185-89f22dc0d55e.roa (raw, json)
Hash identifier:          x5vsesHx4P4P2R9O3hVrtPRcTbgb2X8dRnc+YHvg++4=
Subject key identifier:   FA:13:8E:74:4B:C7:CC:41:DA:2F:4A:BD:04:90:AA:94:D4:B3:40:0A
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5D63B089C2AB58BDF06AF5A90A116EA737925943
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a5921231-133d-4ec1-a185-89f22dc0d55e.roa
Signing time:             Thu 25 Sep 2025 17:32:15 +0000
ROA not before:           Thu 25 Sep 2025 17:32:15 +0000
ROA not after:            Thu 30 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.163.105.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:63:b0:89:c2:ab:58:bd:f0:6a:f5:a9:0a:11:6e:a7:37:92:59:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 25 17:32:15 2025 GMT
            Not After : Oct 30 23:59:59 2025 GMT
        Subject: serialNumber=1b5e949add4fb7af605a34f99c009468e9a990d446d350bcb625fb201a0a51e5, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:e0:59:48:86:0a:54:86:85:4d:97:27:18:0c:
                    30:72:03:06:af:45:76:0c:cf:cc:a7:a2:12:12:0c:
                    72:af:02:6d:10:23:14:bc:00:d9:00:94:9b:5f:9c:
                    ff:ac:01:b4:69:62:64:7a:75:e2:2f:c0:fb:18:3e:
                    e8:23:14:f2:1b:67:b4:58:78:3a:98:a0:f9:88:ca:
                    de:7a:68:5f:bf:6b:1e:93:c1:f6:a6:d9:b5:24:95:
                    b1:25:04:ee:da:86:df:75:89:6a:57:41:c2:d3:4f:
                    99:c1:03:75:f7:2a:b0:26:dd:dc:de:8c:99:b4:59:
                    04:25:b8:1d:49:5a:5e:33:0f:97:70:2b:54:6f:8a:
                    22:2b:ea:b7:d3:40:26:a6:67:57:3b:8d:83:30:be:
                    b1:a3:71:0a:0f:5a:9a:66:af:87:12:39:4f:e4:b9:
                    11:3f:5b:2c:f7:84:fc:c9:ee:65:07:4c:5d:ce:15:
                    25:8e:8e:c8:b8:eb:74:9f:87:02:b4:b7:8c:7f:71:
                    b9:62:2d:96:fd:0d:f1:62:73:40:21:5d:5a:39:97:
                    bf:a4:02:75:44:8e:7f:3d:c7:69:71:22:9f:64:f8:
                    c7:f3:99:2a:c0:e7:b8:ae:79:d9:7e:d6:90:ae:0c:
                    18:b1:0b:fb:1f:aa:01:a0:34:8c:78:3d:95:fc:67:
                    fd:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:13:8E:74:4B:C7:CC:41:DA:2F:4A:BD:04:90:AA:94:D4:B3:40:0A
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a5921231-133d-4ec1-a185-89f22dc0d55e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.163.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:2e:45:20:1c:6e:34:08:10:c9:88:e2:8a:7a:42:78:fc:35:
         c1:f8:fc:61:24:df:67:03:66:f9:85:bf:52:97:28:8d:be:a9:
         99:9c:12:ba:04:be:ea:05:9c:36:58:99:5a:99:98:39:7e:9f:
         20:f0:d9:b1:a6:08:95:f0:a3:7d:f0:f7:87:61:04:2d:2a:06:
         97:13:53:4f:01:89:b4:ae:fa:b0:7d:d1:de:57:79:09:35:40:
         a3:60:c2:86:28:d3:61:36:0f:f4:dc:ec:b6:56:f6:7a:be:49:
         03:3c:03:f8:a0:08:09:3a:51:07:20:de:4e:3c:30:09:ab:06:
         c7:b9:08:6f:c3:13:8c:20:52:2c:fc:e5:de:0b:63:76:d7:95:
         95:35:75:ed:78:18:b7:b6:a3:20:71:02:b2:21:e1:a0:57:66:
         be:44:cd:6c:e0:0c:a1:1c:d2:19:9e:1d:e0:f1:27:71:52:bb:
         d2:76:f7:74:9c:49:d8:3e:49:0d:86:c1:04:71:69:8e:7a:a2:
         f3:77:e8:5d:bd:92:00:44:8f:e7:1b:14:eb:93:89:0c:28:b9:
         99:70:c9:a6:b2:63:aa:fd:ef:64:47:a5:9f:03:79:c7:57:31:
         b3:de:1e:1e:24:c7:c8:9d:36:32:a5:de:92:ac:be:c1:ae:a2:
         ab:88:81:70
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXWOwicKrWL3wavWpChFupzeSWUMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI1MTczMjE1WhcNMjUxMDMwMjM1OTU5
WjB6MUkwRwYDVQQFE0AxYjVlOTQ5YWRkNGZiN2FmNjA1YTM0Zjk5YzAwOTQ2OGU5
YTk5MGQ0NDZkMzUwYmNiNjI1ZmIyMDFhMGE1MWU1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDF4FlIhgpUhoVNlycYDDByAwavRXYMz8ynohISDHKvAm0Q
IxS8ANkAlJtfnP+sAbRpYmR6deIvwPsYPugjFPIbZ7RYeDqYoPmIyt56aF+/ax6T
wfam2bUklbElBO7aht91iWpXQcLTT5nBA3X3KrAm3dzejJm0WQQluB1JWl4zD5dw
K1RviiIr6rfTQCamZ1c7jYMwvrGjcQoPWppmr4cSOU/kuRE/Wyz3hPzJ7mUHTF3O
FSWOjsi463SfhwK0t4x/cbliLZb9DfFic0AhXVo5l7+kAnVEjn89x2lxIp9k+Mfz
mSrA57iuedl+1pCuDBixC/sfqgGgNIx4PZX8Z/1NAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU+hOOdEvHzEHaL0q9BJCqlNSzQAowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2E1OTIxMjMxLTEzM2QtNGVjMS1hMTg1LTg5ZjIyZGMwZDU1ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAADo2kwDQYJKoZIhvcNAQELBQADggEBAEMuRSAcbjQIEMmI4op6Qnj8NcH4
/GEk32cDZvmFv1KXKI2+qZmcEroEvuoFnDZYmVqZmDl+nyDw2bGmCJXwo33w94dh
BC0qBpcTU08BibSu+rB90d5XeQk1QKNgwoYo02E2D/Tc7LZW9nq+SQM8A/igCAk6
UQcg3k48MAmrBse5CG/DE4wgUiz85d4LY3bXlZU1de14GLe2oyBxArIh4aBXZr5E
zWzgDKEc0hmeHeDxJ3FSu9J293ScSdg+SQ2GwQRxaY56ovN36F29kgBEj+cbFOuT
iQwouZlwyaayY6r972RHpZ8DecdXMbPeHh4kx8idNjKl3pKsvsGuoquIgXA=
-----END CERTIFICATE-----