Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f3e2c241-de77-42ad-aa16-6a9ce11e7a0d.roa
File:                     f3e2c241-de77-42ad-aa16-6a9ce11e7a0d.roa (raw, json)
Hash identifier:          y3cj77Mio5gcJ9lT7Yjbba7YcPMn5UWYkPDb9nR8/ts=
Subject key identifier:   AB:A1:1F:CF:64:AE:63:EF:66:7A:19:C0:1C:6B:D0:E1:28:15:F8:60
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5B9665874669B123979B769659B5642E9239D7E4
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f3e2c241-de77-42ad-aa16-6a9ce11e7a0d.roa
Signing time:             Thu 14 May 2026 01:30:18 +0000
ROA not before:           Thu 14 May 2026 01:30:18 +0000
ROA not after:            Wed 12 Aug 2026 23:59:59 +0000
asID:                     7224
IP address blocks:        3.2.31.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 06 Jun 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:96:65:87:46:69:b1:23:97:9b:76:96:59:b5:64:2e:92:39:d7:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 14 01:30:18 2026 GMT
            Not After : Aug 12 23:59:59 2026 GMT
        Subject: serialNumber=66ed718ca7cb2725413e504f73c03c5c1020c7d8d9a3135d35d5db0245ea4259, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:97:b8:54:bd:39:fe:65:2d:6f:92:08:19:97:
                    29:73:21:b7:39:b5:16:a7:06:d2:76:e4:98:7d:c0:
                    cc:98:2a:27:69:ae:f5:b5:5c:10:ce:0a:cc:ea:98:
                    80:bf:1d:64:8d:88:37:34:99:a5:23:1b:75:fa:59:
                    05:84:cf:20:21:0e:0c:09:3e:6d:15:1e:58:f3:05:
                    93:16:bb:dd:78:f9:a8:b0:2c:f1:72:64:83:64:7e:
                    dd:d5:0c:39:d3:c9:d2:35:03:10:44:7e:d3:14:89:
                    e3:dd:91:d0:5d:a4:27:10:9d:ee:b6:0d:31:05:6c:
                    01:0a:ef:e7:c0:50:ea:85:3b:c4:ea:37:2e:72:65:
                    a2:15:13:53:93:31:ac:cb:9d:e9:ff:e2:24:45:66:
                    b0:99:5f:fe:b7:b5:1e:60:8c:2f:2c:65:ae:4f:6a:
                    3a:a7:6d:ed:15:af:a4:59:ff:53:53:fb:1f:88:ed:
                    b6:e2:26:fe:fb:39:e2:24:ab:f0:12:8a:31:11:1e:
                    13:90:69:7b:93:10:3e:96:c4:95:8f:92:bc:f1:8f:
                    91:e8:0d:76:8e:56:33:f2:a5:96:92:48:25:2c:72:
                    e8:98:c8:28:46:48:89:ce:42:27:88:da:d0:ac:64:
                    2a:bc:aa:20:d3:40:14:48:4f:ba:a6:1d:a6:d7:b1:
                    fa:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:A1:1F:CF:64:AE:63:EF:66:7A:19:C0:1C:6B:D0:E1:28:15:F8:60
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f3e2c241-de77-42ad-aa16-6a9ce11e7a0d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.2.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:d2:39:62:b2:2b:67:ac:92:b0:39:11:cb:d0:46:d1:6d:9d:
         14:2a:c4:12:21:0f:f5:76:a2:0e:c9:54:6c:bf:88:ae:aa:a3:
         f6:98:e9:61:64:2f:d6:0a:97:23:d4:57:2f:46:a8:54:1c:e2:
         dd:37:ae:56:88:b3:f4:f6:8d:27:f7:b2:50:42:23:d1:f9:ab:
         f8:82:45:06:25:03:8d:b0:90:58:19:ce:91:cd:c2:d1:e8:30:
         cd:17:05:c7:7f:aa:ff:51:fe:15:00:9d:17:1d:37:de:61:d4:
         74:9e:66:6b:a2:d7:d1:6d:51:c0:c2:78:71:44:95:cf:59:d8:
         63:53:21:27:70:02:8c:ac:34:84:e6:f9:8f:5a:32:3e:53:4c:
         1d:7e:e2:7f:a7:9e:40:32:fc:3c:88:15:a3:bd:f4:8d:74:b2:
         a9:e8:9c:38:0c:d4:1b:98:74:c3:8a:63:25:e7:2b:35:cf:fd:
         f4:6d:70:ad:42:a1:8c:b4:4e:b0:f9:b4:a0:f0:fd:10:a1:ef:
         46:61:a2:04:71:0b:fa:61:bf:24:2d:32:c0:80:4d:33:2c:6a:
         d4:2e:fc:8d:65:05:57:79:05:9c:07:d4:7b:df:b1:d9:47:fc:
         eb:de:e2:fa:46:81:49:55:8f:61:68:d0:c5:f6:7b:d5:9a:08:
         90:79:71:03
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUW5Zlh0ZpsSOXm3aWWbVkLpI51+QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE0MDEzMDE4WhcNMjYwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A2NmVkNzE4Y2E3Y2IyNzI1NDEzZTUwNGY3M2MwM2M1YzEw
MjBjN2Q4ZDlhMzEzNWQzNWQ1ZGIwMjQ1ZWE0MjU5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDNl7hUvTn+ZS1vkggZlylzIbc5tRanBtJ25Jh9wMyYKidp
rvW1XBDOCszqmIC/HWSNiDc0maUjG3X6WQWEzyAhDgwJPm0VHljzBZMWu914+aiw
LPFyZINkft3VDDnTydI1AxBEftMUiePdkdBdpCcQne62DTEFbAEK7+fAUOqFO8Tq
Ny5yZaIVE1OTMazLnen/4iRFZrCZX/63tR5gjC8sZa5Pajqnbe0Vr6RZ/1NT+x+I
7bbiJv77OeIkq/ASijERHhOQaXuTED6WxJWPkrzxj5HoDXaOVjPypZaSSCUscuiY
yChGSInOQieI2tCsZCq8qiDTQBRIT7qmHabXsfo1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUq6Efz2SuY+9mehnAHGvQ4SgV+GAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2YzZTJjMjQxLWRlNzctNDJhZC1hYTE2LTZhOWNlMTFlN2EwZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAADAh8wDQYJKoZIhvcNAQELBQADggEBAFTSOWKyK2eskrA5EcvQRtFtnRQq
xBIhD/V2og7JVGy/iK6qo/aY6WFkL9YKlyPUVy9GqFQc4t03rlaIs/T2jSf3slBC
I9H5q/iCRQYlA42wkFgZzpHNwtHoMM0XBcd/qv9R/hUAnRcdN95h1HSeZmui19Ft
UcDCeHFElc9Z2GNTISdwAoysNITm+Y9aMj5TTB1+4n+nnkAy/DyIFaO99I10sqno
nDgM1BuYdMOKYyXnKzXP/fRtcK1CoYy0TrD5tKDw/RCh70ZhogRxC/phvyQtMsCA
TTMsatQu/I1lBVd5BZwH1HvfsdlH/Ove4vpGgUlVj2Fo0MX2e9WaCJB5cQM=
-----END CERTIFICATE-----