Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ac90cb56-bc99-4676-b64a-509a8ac49d6d.roa
File:                     ac90cb56-bc99-4676-b64a-509a8ac49d6d.roa (raw, json)
Hash identifier:          gV4Xk7wzrbMPBHYluZrG+ECl1YstAb6E8qu6lvbwLhU=
Subject key identifier:   9B:92:36:85:78:3D:77:E5:C2:0C:45:AE:09:4C:47:55:87:06:69:4C
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       747FEDFB1DD78D6B3970FD870A2CB9E05850E9A6
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ac90cb56-bc99-4676-b64a-509a8ac49d6d.roa
Signing time:             Fri 26 Sep 2025 15:32:14 +0000
ROA not before:           Fri 26 Sep 2025 15:32:14 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.193.9.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:7f:ed:fb:1d:d7:8d:6b:39:70:fd:87:0a:2c:b9:e0:58:50:e9:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 26 15:32:14 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=8dc1d6c486a308e4ab40ffdc01e23f103bc34c9c58a49428c193ecdb29f77fd1, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:5e:cc:57:72:45:40:e5:dc:f6:0c:9c:52:fe:
                    9b:07:8c:03:1b:a1:6a:0d:d5:4a:66:73:65:0b:b4:
                    2e:0f:21:b4:f1:2c:81:09:4e:4a:fe:31:dc:cf:70:
                    ae:b8:44:0d:4d:15:b1:43:d1:1b:30:7d:38:21:96:
                    35:1a:e3:3d:7d:83:54:79:ed:fa:92:ab:93:ae:dd:
                    b7:10:d8:8c:d9:8f:3a:87:44:4f:63:38:84:2e:5c:
                    aa:fa:2e:d8:5f:fb:75:de:c5:83:85:14:56:0e:2b:
                    23:7d:15:ac:60:f3:0b:e6:51:d5:11:e4:39:d5:7f:
                    5f:a3:d9:ff:80:8f:14:22:af:31:73:a2:11:17:00:
                    f9:68:0f:50:da:89:5d:ff:ca:ca:a9:44:1d:09:a9:
                    de:27:dc:c4:14:54:81:e7:b1:8e:42:f4:82:bc:73:
                    22:58:bb:b1:82:23:e4:e6:a5:00:ff:07:77:26:bf:
                    48:ca:d5:98:c7:2c:68:0a:e4:87:79:23:8e:c1:3f:
                    bd:20:81:87:cf:90:1e:c6:1f:4f:87:85:6a:1c:83:
                    01:63:44:5b:18:74:f0:65:ed:c0:d5:31:65:63:bd:
                    fc:4d:33:8a:69:95:65:fc:50:4e:8c:a2:a7:4e:98:
                    ae:6d:6c:dd:16:72:4f:43:b0:a1:7e:96:d6:ec:6d:
                    01:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:92:36:85:78:3D:77:E5:C2:0C:45:AE:09:4C:47:55:87:06:69:4C
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ac90cb56-bc99-4676-b64a-509a8ac49d6d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.193.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:03:e2:2e:28:57:51:45:43:d9:d2:cf:fa:e8:f4:9b:e7:79:
         97:77:1a:9f:49:1c:b8:29:b1:63:8b:d0:49:bf:de:b6:26:51:
         30:1c:2a:81:d4:22:bf:88:12:f3:ec:2a:49:12:99:78:3f:eb:
         fb:71:e5:a7:b5:bf:71:e8:33:f6:c2:79:ed:ee:df:7d:0f:4a:
         29:02:7f:39:1e:e8:57:22:ca:92:23:74:c4:82:81:db:c4:32:
         b2:53:d4:53:06:bd:b7:30:52:8b:45:3c:b8:24:cb:18:d1:98:
         22:e1:c5:ac:5c:9d:d3:74:4b:be:5f:60:f5:65:13:c2:72:ec:
         72:26:6d:ad:12:9c:7e:81:76:f3:91:69:9b:5c:4a:dc:7a:0e:
         a4:19:7a:44:b9:f9:92:f6:ea:e8:d2:74:8b:33:3c:e4:5a:76:
         e7:78:74:9e:ee:45:79:6c:a3:7b:2f:3e:f0:31:47:cb:9c:78:
         e3:5c:77:8b:e7:60:ec:01:e3:0b:d6:0f:26:f2:e4:28:fb:f3:
         7f:ee:17:15:1a:3f:4f:80:2a:90:db:0d:cd:f1:9a:90:89:2e:
         d1:05:6f:90:b9:ee:90:de:ee:83:62:cc:2f:8c:6f:6f:8f:1a:
         e2:a0:aa:eb:47:dd:c5:af:14:02:2d:70:c6:66:2f:a3:92:15:
         a6:8b:74:b7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdH/t+x3XjWs5cP2HCiy54FhQ6aYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI2MTUzMjE0WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZGMxZDZjNDg2YTMwOGU0YWI0MGZmZGMwMWUyM2YxMDNi
YzM0YzljNThhNDk0MjhjMTkzZWNkYjI5Zjc3ZmQxMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDpXsxXckVA5dz2DJxS/psHjAMboWoN1Upmc2ULtC4PIbTx
LIEJTkr+MdzPcK64RA1NFbFD0RswfTghljUa4z19g1R57fqSq5Ou3bcQ2IzZjzqH
RE9jOIQuXKr6Lthf+3XexYOFFFYOKyN9Faxg8wvmUdUR5DnVf1+j2f+AjxQirzFz
ohEXAPloD1DaiV3/ysqpRB0Jqd4n3MQUVIHnsY5C9IK8cyJYu7GCI+TmpQD/B3cm
v0jK1ZjHLGgK5Id5I47BP70ggYfPkB7GH0+HhWocgwFjRFsYdPBl7cDVMWVjvfxN
M4pplWX8UE6MoqdOmK5tbN0Wck9DsKF+ltbsbQG9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUm5I2hXg9d+XCDEWuCUxHVYcGaUwwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2FjOTBjYjU2LWJjOTktNDY3Ni1iNjRhLTUwOWE4YWM0OWQ2ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAPwQkwDQYJKoZIhvcNAQELBQADggEBACkD4i4oV1FFQ9nSz/ro9JvneZd3
Gp9JHLgpsWOL0Em/3rYmUTAcKoHUIr+IEvPsKkkSmXg/6/tx5ae1v3HoM/bCee3u
330PSikCfzke6FciypIjdMSCgdvEMrJT1FMGvbcwUotFPLgkyxjRmCLhxaxcndN0
S75fYPVlE8Jy7HImba0SnH6BdvORaZtcStx6DqQZekS5+ZL26ujSdIszPORadud4
dJ7uRXlso3svPvAxR8uceONcd4vnYOwB4wvWDyby5Cj783/uFxUaP0+AKpDbDc3x
mpCJLtEFb5C57pDe7oNizC+Mb2+PGuKgqutH3cWvFAItcMZmL6OSFaaLdLc=
-----END CERTIFICATE-----