Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d4974764-59a0-40e4-a61b-644f2c0fc70c.roa
File:                     d4974764-59a0-40e4-a61b-644f2c0fc70c.roa (raw, json)
Hash identifier:          7e6HJiK5UBT5Y8/ISbE814ijPBpZL2EWlz38ZZ1zIcc=
Subject key identifier:   EC:61:36:A4:95:37:F3:22:96:E0:FD:10:26:3C:B0:7A:D7:AE:39:AF
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       273916EFF7142E35A12728AD2681FAD48BF95A96
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d4974764-59a0-40e4-a61b-644f2c0fc70c.roa
Signing time:             Tue 05 Aug 2025 17:01:49 +0000
ROA not before:           Tue 05 Aug 2025 17:01:49 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.46.0.0/18 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 22 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:39:16:ef:f7:14:2e:35:a1:27:28:ad:26:81:fa:d4:8b:f9:5a:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Aug  5 17:01:49 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=7262b6a9ee8fa480f6191a17f6a9d56cb1809f50880e007ed94f49747f21f94f, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:e2:66:eb:95:95:96:6d:99:ad:25:3e:1a:c3:
                    f0:50:5d:e7:51:4b:6c:4d:e0:4c:d4:23:fc:9f:c1:
                    e2:2a:52:bb:77:5e:eb:f3:ff:a1:31:cd:89:bf:a6:
                    ee:10:fe:d3:30:86:77:b2:d9:72:a6:7e:8b:82:37:
                    95:a6:a2:5a:35:9c:83:8b:d8:19:ea:ca:2d:8f:95:
                    b2:06:3f:1c:79:73:3a:10:b9:82:11:12:3b:bc:66:
                    e3:d5:94:b1:b4:b2:6d:c6:84:cb:f5:4d:d4:cf:a8:
                    78:ec:cd:41:3d:86:51:e9:cb:3b:3d:84:b2:9a:5a:
                    5b:90:c8:b9:00:df:e0:76:cc:a9:c2:bf:5b:43:b5:
                    a2:9b:1a:a5:e0:b7:45:ea:e0:5f:b6:f5:4d:96:92:
                    12:a4:49:7d:a4:54:82:12:e4:77:cc:6a:f5:16:0b:
                    5e:de:81:ff:e0:17:89:41:80:a6:fa:78:3a:00:63:
                    f2:c9:8f:95:d5:45:86:3e:8e:b1:ee:9f:7b:a4:19:
                    e8:db:bb:a6:9f:d8:35:40:ed:99:e8:79:b6:5b:ce:
                    27:28:cb:f9:4d:17:99:9d:14:be:a6:b7:f0:a6:1d:
                    fb:3e:49:c6:d2:d4:ca:e6:45:b8:86:d2:c7:7f:96:
                    b5:46:ba:d3:09:51:41:00:8f:44:e6:b1:0a:fd:bf:
                    23:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:61:36:A4:95:37:F3:22:96:E0:FD:10:26:3C:B0:7A:D7:AE:39:AF
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d4974764-59a0-40e4-a61b-644f2c0fc70c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.46.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         55:ee:c4:90:6b:38:38:ac:29:f8:5a:dd:ab:3b:be:47:25:29:
         20:dc:7b:76:57:1f:ce:04:55:fa:fe:28:7f:99:5d:ba:be:f1:
         63:9d:c2:39:49:98:c9:93:b9:8a:dd:de:9f:af:71:83:47:c3:
         87:d9:ce:91:32:84:38:07:f0:3d:ff:88:a7:97:e9:53:63:d9:
         dc:db:77:26:ce:c1:26:08:1d:b3:a3:70:fc:8e:90:d2:d7:6e:
         27:ba:81:18:a6:87:69:71:5b:29:29:95:e1:73:54:66:69:1d:
         20:2e:89:4c:30:13:19:ba:0c:bf:97:ee:f8:24:20:95:30:e5:
         36:91:48:26:16:ee:0a:c3:73:39:87:0b:d2:40:b7:a3:b6:79:
         26:54:68:6f:0f:dc:8e:a8:b6:e1:b3:97:59:a1:21:27:6f:f6:
         0f:e4:e8:c2:b9:5b:30:ef:17:d5:ad:ed:c4:62:73:fb:07:af:
         1b:e7:76:ee:d8:49:2a:ec:af:5f:29:ab:16:9f:a0:5f:e6:0a:
         95:c8:19:a6:1f:0c:bf:dc:c6:4a:f4:01:83:83:a1:55:be:6c:
         7c:97:25:e1:bd:5b:18:23:a6:8e:4c:d3:5b:ac:41:94:66:58:
         ee:62:5b:5b:c6:0b:67:12:0d:3d:1e:11:a3:f4:e3:8f:8f:bd:
         70:f8:8c:75
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJzkW7/cULjWhJyitJoH61Iv5WpYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwODA1MTcwMTQ5WhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MjYyYjZhOWVlOGZhNDgwZjYxOTFhMTdmNmE5ZDU2Y2Ix
ODA5ZjUwODgwZTAwN2VkOTRmNDk3NDdmMjFmOTRmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCL4mbrlZWWbZmtJT4aw/BQXedRS2xN4EzUI/yfweIqUrt3
Xuvz/6ExzYm/pu4Q/tMwhney2XKmfouCN5Wmolo1nIOL2Bnqyi2PlbIGPxx5czoQ
uYIREju8ZuPVlLG0sm3GhMv1TdTPqHjszUE9hlHpyzs9hLKaWluQyLkA3+B2zKnC
v1tDtaKbGqXgt0Xq4F+29U2WkhKkSX2kVIIS5HfMavUWC17egf/gF4lBgKb6eDoA
Y/LJj5XVRYY+jrHun3ukGejbu6af2DVA7ZnoebZbzicoy/lNF5mdFL6mt/CmHfs+
ScbS1MrmRbiG0sd/lrVGutMJUUEAj0TmsQr9vyPnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU7GE2pJU38yKW4P0QJjyweteuOa8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2Q0OTc0NzY0LTU5YTAtNDBlNC1hNjFiLTY0NGYyYzBmYzcwYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAY0LgAwDQYJKoZIhvcNAQELBQADggEBAFXuxJBrODisKfha3as7vkclKSDc
e3ZXH84EVfr+KH+ZXbq+8WOdwjlJmMmTuYrd3p+vcYNHw4fZzpEyhDgH8D3/iKeX
6VNj2dzbdybOwSYIHbOjcPyOkNLXbie6gRimh2lxWykpleFzVGZpHSAuiUwwExm6
DL+X7vgkIJUw5TaRSCYW7grDczmHC9JAt6O2eSZUaG8P3I6otuGzl1mhISdv9g/k
6MK5WzDvF9Wt7cRic/sHrxvndu7YSSrsr18pqxafoF/mCpXIGaYfDL/cxkr0AYOD
oVW+bHyXJeG9Wxgjpo5M01usQZRmWO5iW1vGC2cSDT0eEaP044+PvXD4jHU=
-----END CERTIFICATE-----