Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f17d5b87-7c85-49ca-a165-3a9f24efd642.roa
File:                     f17d5b87-7c85-49ca-a165-3a9f24efd642.roa (raw, json)
Hash identifier:          yScZbfmAYCSwZg1KrnZDxLvGh1TNX4okAwmtQt2C5oQ=
Subject key identifier:   60:D7:6D:C2:E3:57:53:DD:21:21:5A:0A:75:EE:CC:1E:8A:F7:3F:8F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       55DF8318FA8C16711E9F8C400EF70D03F0B8BD85
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f17d5b87-7c85-49ca-a165-3a9f24efd642.roa
Signing time:             Tue 19 Aug 2025 15:41:04 +0000
ROA not before:           Tue 19 Aug 2025 15:41:04 +0000
ROA not after:            Tue 23 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.13.128.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 22 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:df:83:18:fa:8c:16:71:1e:9f:8c:40:0e:f7:0d:03:f0:b8:bd:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Aug 19 15:41:04 2025 GMT
            Not After : Sep 23 23:59:59 2025 GMT
        Subject: serialNumber=c298f74a74f9e7ee12ef6bc9b62fe59f550e25f87611027c0cbd01b68a886064, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:48:f6:e3:17:b0:ad:11:a0:17:51:f0:7a:d3:
                    28:ee:d3:1f:2b:9a:a3:6f:e1:35:77:25:e9:8c:eb:
                    da:d2:59:95:6e:ae:e4:bd:2c:74:48:15:93:61:24:
                    8c:aa:89:f9:5c:84:c9:ca:de:55:5c:9f:94:15:ed:
                    e1:3b:91:25:15:c6:13:90:72:29:63:83:34:73:3f:
                    92:2a:34:50:ff:5c:69:51:df:77:ef:ed:32:ac:d1:
                    c9:ac:fc:77:7d:10:0d:e8:7e:e9:e5:45:da:ea:3c:
                    20:67:ef:f6:4b:19:28:f3:c6:de:ba:d3:4d:9a:ca:
                    46:f3:6f:52:c5:82:30:44:02:d1:f0:06:e8:e3:e4:
                    74:81:79:b8:26:51:5a:01:12:c1:b0:db:95:bc:f0:
                    26:43:b3:45:f1:84:42:a3:b9:6e:f3:a7:12:bd:1f:
                    f4:3c:f5:bb:42:55:90:e7:e4:d3:b9:84:ee:a2:b8:
                    99:2a:2f:71:6d:c1:14:66:fd:21:91:64:b4:1c:e2:
                    48:81:78:fc:8c:f0:98:f9:2f:a0:6a:74:4f:92:6c:
                    ac:e6:71:75:1c:5c:d5:7e:66:7b:07:1e:47:80:e9:
                    c4:45:f7:29:ac:5e:76:c3:d6:60:92:1c:78:2c:b8:
                    70:19:7f:4b:a4:76:d4:c6:39:83:43:c1:ff:44:be:
                    ca:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:D7:6D:C2:E3:57:53:DD:21:21:5A:0A:75:EE:CC:1E:8A:F7:3F:8F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f17d5b87-7c85-49ca-a165-3a9f24efd642.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.13.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         92:3c:e9:a0:53:b6:80:0e:70:c8:9c:b1:d7:65:bc:38:bd:c7:
         bd:c6:98:ea:7b:68:2b:e7:24:72:fc:d7:d8:f9:81:fa:79:6e:
         63:10:77:32:5b:3c:f2:94:b3:01:87:fd:17:81:a4:f0:25:0f:
         f0:9b:96:c9:11:2a:ca:b8:9b:84:14:9e:91:c9:2f:e7:60:22:
         fd:0a:8f:1e:85:f5:c2:69:f4:34:6c:d0:f7:6c:72:1b:a2:75:
         57:08:36:7b:68:91:80:57:f7:6f:ee:96:8d:0d:21:d5:a2:e0:
         7d:15:b6:4f:f1:60:2e:2e:3f:cd:06:7c:00:61:99:9d:da:8a:
         d5:08:ad:2d:af:e8:e9:7f:45:80:f4:94:a6:38:81:1f:47:98:
         d2:85:6c:b6:09:9f:e1:2b:d2:00:d5:81:ca:9d:60:f0:e0:b9:
         8d:0d:30:bc:cc:28:ef:c3:ee:cd:ef:00:be:98:cc:5b:4a:94:
         ce:d9:10:06:b3:d5:ed:44:ea:ac:89:88:77:e3:6f:27:a8:0c:
         c4:9d:29:73:33:64:b5:f9:ba:7f:c3:88:d1:9f:d4:2d:db:b1:
         fa:97:0c:26:3e:fa:5a:e6:1c:0e:85:af:1c:41:a3:d6:1b:bb:
         61:78:be:3f:39:1b:bc:b9:4f:db:80:fe:b1:34:39:b4:e6:d0:
         57:97:e6:61
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVd+DGPqMFnEen4xADvcNA/C4vYUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwODE5MTU0MTA0WhcNMjUwOTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjMjk4Zjc0YTc0ZjllN2VlMTJlZjZiYzliNjJmZTU5ZjU1
MGUyNWY4NzYxMTAyN2MwY2JkMDFiNjhhODg2MDY0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmSPbjF7CtEaAXUfB60yju0x8rmqNv4TV3JemM69rSWZVu
ruS9LHRIFZNhJIyqiflchMnK3lVcn5QV7eE7kSUVxhOQciljgzRzP5IqNFD/XGlR
33fv7TKs0cms/Hd9EA3ofunlRdrqPCBn7/ZLGSjzxt66002aykbzb1LFgjBEAtHw
Bujj5HSBebgmUVoBEsGw25W88CZDs0XxhEKjuW7zpxK9H/Q89btCVZDn5NO5hO6i
uJkqL3FtwRRm/SGRZLQc4kiBePyM8Jj5L6BqdE+SbKzmcXUcXNV+ZnsHHkeA6cRF
9ymsXnbD1mCSHHgsuHAZf0ukdtTGOYNDwf9EvsqZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYNdtwuNXU90hIVoKde7MHor3P48wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2YxN2Q1Yjg3LTdjODUtNDljYS1hMTY1LTNhOWYyNGVmZDY0Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAY0DYAwDQYJKoZIhvcNAQELBQADggEBAJI86aBTtoAOcMicsddlvDi9x73G
mOp7aCvnJHL819j5gfp5bmMQdzJbPPKUswGH/ReBpPAlD/CblskRKsq4m4QUnpHJ
L+dgIv0Kjx6F9cJp9DRs0PdschuidVcINntokYBX92/ulo0NIdWi4H0Vtk/xYC4u
P80GfABhmZ3aitUIrS2v6Ol/RYD0lKY4gR9HmNKFbLYJn+Er0gDVgcqdYPDguY0N
MLzMKO/D7s3vAL6YzFtKlM7ZEAaz1e1E6qyJiHfjbyeoDMSdKXMzZLX5un/DiNGf
1C3bsfqXDCY++lrmHA6FrxxBo9Ybu2F4vj85G7y5T9uA/rE0ObTm0FeX5mE=
-----END CERTIFICATE-----