Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a7263a9f-7172-480b-9d6d-f158ac2601a0.roa
File:                     a7263a9f-7172-480b-9d6d-f158ac2601a0.roa (raw, json)
Hash identifier:          J6i6IZN12KZzgPmEj8jH+RBJApm6LJTeeXvLgTlxFu4=
Subject key identifier:   63:A6:7C:6D:D0:5E:5D:AB:B6:9B:AF:A4:C8:78:82:5C:11:26:30:3D
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       47B3E42B30A89A361D17A7839FC5DCFEAFB94524
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a7263a9f-7172-480b-9d6d-f158ac2601a0.roa
Signing time:             Fri 10 Oct 2025 00:54:22 +0000
ROA not before:           Fri 10 Oct 2025 00:54:22 +0000
ROA not after:            Fri 14 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.220.184.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:b3:e4:2b:30:a8:9a:36:1d:17:a7:83:9f:c5:dc:fe:af:b9:45:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 10 00:54:22 2025 GMT
            Not After : Nov 14 23:59:59 2025 GMT
        Subject: serialNumber=9a1af29ef27ff89237f52e285b0130d3c11fa3013973c6dc16332a75efafbbf2, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:03:63:52:f1:1d:fd:76:09:da:2f:8a:a5:3a:
                    dd:2f:1c:8a:5d:ca:6b:cb:bc:cf:86:5c:d2:b0:b6:
                    45:ff:12:29:d4:bb:82:89:80:2f:3a:a9:cd:0e:06:
                    21:a6:9a:cb:b7:05:00:29:68:5b:c1:4a:d3:6a:9e:
                    6a:b1:b2:d6:28:a9:b2:46:bf:84:08:e9:59:00:a5:
                    b3:32:cc:f6:34:f6:7a:a6:31:40:53:af:dd:c9:a2:
                    af:2e:90:2c:63:65:7d:d2:b2:63:bb:66:43:b5:ea:
                    1e:3a:44:9d:33:4a:68:bf:f7:12:3c:76:1d:ab:ee:
                    08:ed:ec:3d:6b:50:0f:34:df:ee:8c:f8:9b:d9:86:
                    a3:99:c7:ba:09:a2:62:f5:de:a5:f6:d9:a7:9a:63:
                    3d:30:22:c2:f4:c8:0b:2c:f6:ff:fe:b9:ad:61:0e:
                    a6:98:39:85:73:d6:dd:07:24:9e:7c:28:8e:f8:5b:
                    f6:db:cf:fd:82:23:e8:4c:e4:3d:68:9a:26:2f:39:
                    40:8a:82:3d:d2:28:73:9c:db:bd:2b:54:2f:22:b9:
                    46:55:70:b3:d2:cf:ae:c0:68:c2:9f:9e:59:d1:b0:
                    6d:cb:6f:6a:0d:ca:ef:d8:0f:a3:ab:cc:cc:55:12:
                    2a:84:f1:f3:00:1e:be:a8:f3:45:10:96:38:e5:44:
                    83:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:A6:7C:6D:D0:5E:5D:AB:B6:9B:AF:A4:C8:78:82:5C:11:26:30:3D
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a7263a9f-7172-480b-9d6d-f158ac2601a0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.220.184.0/21

    Signature Algorithm: sha256WithRSAEncryption
         0f:1d:e8:9d:f3:8c:55:13:31:ef:75:d5:78:c8:23:6c:c0:9a:
         f5:85:9b:e2:35:39:38:39:d3:56:79:51:32:0f:df:2b:f5:d2:
         34:97:f5:da:da:56:c6:50:28:38:7d:5b:04:35:b9:27:4b:e7:
         2b:fd:31:1a:de:87:48:2e:84:51:db:fc:6f:93:cf:a2:ff:f6:
         9e:76:bb:1e:67:98:92:a3:04:f6:bd:f9:28:7b:b4:a9:38:63:
         07:ce:4e:aa:97:a3:97:48:bc:01:4e:7b:e8:4a:9b:d2:99:e9:
         0d:f6:fc:09:18:d4:21:cf:11:99:55:a8:a8:75:40:25:46:66:
         e0:2a:57:3f:3e:bf:33:16:84:f1:c1:1e:32:7c:d8:8f:40:0b:
         2c:97:b5:81:57:df:3a:e9:8e:8c:08:88:26:05:5c:a2:10:f3:
         1b:e1:b7:4e:cf:89:9a:cd:0f:56:5d:5c:e1:e6:d8:4b:a9:3e:
         2d:ec:14:97:bb:3f:32:1a:ac:b7:8d:66:2f:16:19:24:c6:8c:
         76:94:5c:f9:43:ca:54:d6:42:3e:60:83:0e:39:3f:cc:a2:81:
         58:1b:d3:a9:cc:52:96:0b:80:5d:21:2a:59:75:d4:f8:a6:c7:
         f3:bc:55:4d:79:5a:43:fd:2f:45:b0:02:c8:d5:31:05:1f:ef:
         ad:2a:36:f1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUR7PkKzComjYdF6eDn8Xc/q+5RSQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDEwMDA1NDIyWhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A5YTFhZjI5ZWYyN2ZmODkyMzdmNTJlMjg1YjAxMzBkM2Mx
MWZhMzAxMzk3M2M2ZGMxNjMzMmE3NWVmYWZiYmYyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrA2NS8R39dgnaL4qlOt0vHIpdymvLvM+GXNKwtkX/EinU
u4KJgC86qc0OBiGmmsu3BQApaFvBStNqnmqxstYoqbJGv4QI6VkApbMyzPY09nqm
MUBTr93Joq8ukCxjZX3SsmO7ZkO16h46RJ0zSmi/9xI8dh2r7gjt7D1rUA803+6M
+JvZhqOZx7oJomL13qX22aeaYz0wIsL0yAss9v/+ua1hDqaYOYVz1t0HJJ58KI74
W/bbz/2CI+hM5D1omiYvOUCKgj3SKHOc270rVC8iuUZVcLPSz67AaMKfnlnRsG3L
b2oNyu/YD6OrzMxVEiqE8fMAHr6o80UQljjlRIMDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUY6Z8bdBeXau2m6+kyHiCXBEmMD0wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2E3MjYzYTlmLTcxNzItNDgwYi05ZDZkLWYxNThhYzI2MDFhMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMP3LgwDQYJKoZIhvcNAQELBQADggEBAA8d6J3zjFUTMe911XjII2zAmvWF
m+I1OTg501Z5UTIP3yv10jSX9draVsZQKDh9WwQ1uSdL5yv9MRreh0guhFHb/G+T
z6L/9p52ux5nmJKjBPa9+Sh7tKk4YwfOTqqXo5dIvAFOe+hKm9KZ6Q32/AkY1CHP
EZlVqKh1QCVGZuAqVz8+vzMWhPHBHjJ82I9ACyyXtYFX3zrpjowIiCYFXKIQ8xvh
t07PiZrND1ZdXOHm2EupPi3sFJe7PzIarLeNZi8WGSTGjHaUXPlDylTWQj5ggw45
P8yigVgb06nMUpYLgF0hKll11Pimx/O8VU15WkP9L0WwAsjVMQUf760qNvE=
-----END CERTIFICATE-----