Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/abcfb86c-5df8-4a5b-9d5b-27d9bed2fa2c.roa
File:                     abcfb86c-5df8-4a5b-9d5b-27d9bed2fa2c.roa (raw, json)
Hash identifier:          4UGcfXHcUsLLY1NNYvpt7t+/zGSvAD2z1QizlhuwNH4=
Subject key identifier:   26:16:27:CC:A7:5C:AD:B9:B4:A1:90:D1:EE:62:76:38:7B:39:97:92
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       A656D095A65E1E19232404BC923C3221555D31
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/abcfb86c-5df8-4a5b-9d5b-27d9bed2fa2c.roa
Signing time:             Mon 22 Sep 2025 20:37:02 +0000
ROA not before:           Mon 22 Sep 2025 20:37:02 +0000
ROA not after:            Mon 27 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.172.79.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            a6:56:d0:95:a6:5e:1e:19:23:24:04:bc:92:3c:32:21:55:5d:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 22 20:37:02 2025 GMT
            Not After : Oct 27 23:59:59 2025 GMT
        Subject: serialNumber=db8f126c841410086cc3df61e8dc58c644908ae0fee1852fe9234a3ee2dedabc, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:b7:40:2e:85:99:4a:db:6e:cb:bb:e6:b1:07:
                    b4:7c:19:87:1e:e6:a0:dc:3b:9d:bf:fa:5c:ef:70:
                    9d:84:db:cc:7b:7b:46:af:e1:9b:ee:55:67:53:f2:
                    47:56:ef:78:69:c3:94:ac:c9:12:b2:10:24:35:86:
                    b5:43:60:75:7e:8d:28:6e:cd:a2:15:dc:5a:49:fe:
                    09:0f:36:67:48:82:84:41:26:f6:2e:bb:c4:6b:b6:
                    20:76:ec:f3:5f:45:7b:82:5d:49:40:55:a0:ca:ae:
                    fc:1c:b3:ff:ac:a6:4f:75:7a:20:f9:06:23:02:3c:
                    d8:d6:e8:61:6c:76:52:51:d2:08:4e:e5:3a:88:51:
                    07:1a:4f:ab:90:ed:bb:a5:fc:99:fe:5f:6a:e8:3c:
                    3c:34:20:ef:7d:80:01:c6:57:e7:41:eb:fa:c8:76:
                    40:7c:3b:69:32:68:f3:4c:85:c6:14:ed:ec:2f:d4:
                    31:0b:0f:5a:88:41:2e:d6:2b:64:21:1f:a9:83:4e:
                    41:6e:2a:ff:f1:d5:34:b3:c0:12:d7:25:0d:59:4e:
                    09:2d:fc:cb:f8:50:42:30:0a:1a:17:a7:a8:4b:db:
                    9d:12:5d:61:04:cb:c9:57:67:2e:69:92:a9:5e:76:
                    09:e9:54:60:86:3a:16:49:51:d6:fe:c9:77:08:e5:
                    f0:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:16:27:CC:A7:5C:AD:B9:B4:A1:90:D1:EE:62:76:38:7B:39:97:92
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/abcfb86c-5df8-4a5b-9d5b-27d9bed2fa2c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.172.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:c0:68:f7:63:59:50:4d:12:f4:84:84:45:c7:b9:4e:45:92:
         79:25:33:eb:f6:8c:7c:36:3d:14:49:0a:a2:e0:9f:12:9c:e9:
         39:fe:51:14:c7:54:da:2f:83:03:f8:8e:77:3f:05:06:b9:1f:
         bb:8c:b2:31:ee:b3:54:50:65:8c:15:fb:cf:6b:e5:99:ae:6a:
         89:eb:1f:36:90:1f:1b:1f:b3:44:e5:72:02:60:08:56:b8:5d:
         07:a6:a9:21:64:4b:e1:b4:dd:da:5d:4f:5d:9c:8f:17:d3:ed:
         36:1d:b3:ac:cd:8d:df:42:b8:62:c3:36:82:41:49:0b:4f:35:
         b0:bd:1d:a3:11:02:13:b1:76:81:5d:28:09:c0:51:37:48:ef:
         42:d8:aa:35:9e:5a:81:80:0f:db:e5:1b:0e:30:0a:e1:ab:f5:
         ad:5c:3b:00:a0:40:f3:b9:cf:83:2d:5f:16:d8:fa:db:88:f6:
         35:77:08:37:dc:6d:55:77:ee:a1:ff:45:c5:6a:e7:ef:d2:a0:
         8e:bd:8b:6c:a1:52:39:50:12:7e:9b:d5:14:58:3e:16:59:e2:
         f0:93:02:e8:b9:2e:53:b9:8f:a0:89:68:ea:b6:47:30:ab:2d:
         fd:b4:d5:9a:e4:6b:f8:d2:5a:63:b9:90:d2:49:a0:19:43:84:
         be:73:f4:ad
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAKZW0JWmXh4ZIyQEvJI8MiFVXTEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTIyMjAzNzAyWhcNMjUxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkYjhmMTI2Yzg0MTQxMDA4NmNjM2RmNjFlOGRjNThjNjQ0
OTA4YWUwZmVlMTg1MmZlOTIzNGEzZWUyZGVkYWJjMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCSt0AuhZlK227Lu+axB7R8GYce5qDcO52/+lzvcJ2E28x7
e0av4ZvuVWdT8kdW73hpw5SsyRKyECQ1hrVDYHV+jShuzaIV3FpJ/gkPNmdIgoRB
JvYuu8RrtiB27PNfRXuCXUlAVaDKrvwcs/+spk91eiD5BiMCPNjW6GFsdlJR0ghO
5TqIUQcaT6uQ7bul/Jn+X2roPDw0IO99gAHGV+dB6/rIdkB8O2kyaPNMhcYU7ewv
1DELD1qIQS7WK2QhH6mDTkFuKv/x1TSzwBLXJQ1ZTgkt/Mv4UEIwChoXp6hL250S
XWEEy8lXZy5pkqledgnpVGCGOhZJUdb+yXcI5fDBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUJhYnzKdcrbm0oZDR7mJ2OHs5l5IwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2FiY2ZiODZjLTVkZjgtNGE1Yi05ZDViLTI3ZDliZWQyZmEyYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAASrE8wDQYJKoZIhvcNAQELBQADggEBAD7AaPdjWVBNEvSEhEXHuU5Fknkl
M+v2jHw2PRRJCqLgnxKc6Tn+URTHVNovgwP4jnc/BQa5H7uMsjHus1RQZYwV+89r
5ZmuaonrHzaQHxsfs0TlcgJgCFa4XQemqSFkS+G03dpdT12cjxfT7TYds6zNjd9C
uGLDNoJBSQtPNbC9HaMRAhOxdoFdKAnAUTdI70LYqjWeWoGAD9vlGw4wCuGr9a1c
OwCgQPO5z4MtXxbY+tuI9jV3CDfcbVV37qH/RcVq5+/SoI69i2yhUjlQEn6b1RRY
PhZZ4vCTAui5LlO5j6CJaOq2RzCrLf201Zrka/jSWmO5kNJJoBlDhL5z9K0=
-----END CERTIFICATE-----