Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/02dc2f5f-44f1-4648-a904-b68814e0e633.roa
File:                     02dc2f5f-44f1-4648-a904-b68814e0e633.roa (raw, json)
Hash identifier:          DFcWmbRKUYxSBv9fstzvq+QxgYOsyRCBj//Y8Qy9sVU=
Subject key identifier:   CD:10:95:EC:89:A7:6F:3C:70:1F:BA:51:AD:65:BA:65:DC:B4:D1:71
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       1DDD12ADBB2AEB8697EDBC93B784A78F7510761D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/02dc2f5f-44f1-4648-a904-b68814e0e633.roa
Signing time:             Tue 04 Nov 2025 01:51:49 +0000
ROA not before:           Tue 04 Nov 2025 01:51:49 +0000
ROA not after:            Tue 09 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.211.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 06 Nov 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:dd:12:ad:bb:2a:eb:86:97:ed:bc:93:b7:84:a7:8f:75:10:76:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov  4 01:51:49 2025 GMT
            Not After : Dec  9 23:59:59 2025 GMT
        Subject: serialNumber=a0b7a5d28b7daab4f9559eb37991c99a9a33f78b7f15d72179d9a38157ece3ea, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:fc:3c:92:b4:e8:b4:c4:1a:a3:f2:3a:ac:d8:
                    d8:91:9f:8e:de:0d:e4:6c:69:19:df:ac:29:61:75:
                    7b:ac:d2:34:2c:85:49:12:77:f7:97:28:c3:61:89:
                    a8:38:cb:7b:a3:f2:ae:1c:c3:93:05:bb:91:6a:41:
                    b7:a3:9a:58:42:c9:56:fe:74:83:b5:00:f8:60:72:
                    28:39:42:14:f1:2f:17:e1:67:ec:ad:47:0e:f9:76:
                    07:a0:24:04:f1:30:67:9b:bd:b5:39:2e:5e:69:54:
                    f4:6b:e5:59:19:c3:0f:20:26:61:06:a5:73:42:bf:
                    4e:de:60:07:3a:d3:39:98:0d:da:8e:02:70:8d:f3:
                    32:89:10:42:91:52:94:98:91:de:89:ae:a1:84:b4:
                    1a:96:17:13:df:13:49:6d:5f:21:01:d5:d2:f3:e0:
                    37:62:f3:68:c4:19:d4:c0:5f:e5:bc:96:05:96:19:
                    c7:d6:d8:be:52:90:0f:5c:31:2a:1c:f1:2c:2e:ed:
                    3c:2a:4a:e4:32:71:26:24:6a:39:d3:bc:74:0e:50:
                    7e:9a:a3:73:03:06:52:0d:06:c0:25:2c:99:2e:11:
                    69:d6:2d:d2:7d:ab:b3:91:78:e4:ec:72:1f:95:6c:
                    ff:21:09:46:5d:6c:3a:0e:6f:a9:c0:20:2f:b0:07:
                    01:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:10:95:EC:89:A7:6F:3C:70:1F:BA:51:AD:65:BA:65:DC:B4:D1:71
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/02dc2f5f-44f1-4648-a904-b68814e0e633.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.211.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         2d:2d:77:45:7a:8c:3a:7d:24:1d:d9:5b:08:9e:42:93:18:f3:
         50:5b:a3:7a:91:eb:83:2f:e1:c1:0c:10:57:2e:0e:97:ad:a3:
         50:1d:d8:08:cf:2b:e8:40:71:47:85:83:2f:db:65:f0:82:9f:
         98:01:6c:ea:58:ed:2c:66:96:43:88:50:b5:c6:a2:a6:24:45:
         f4:71:2e:60:35:af:9c:08:ab:63:11:f3:6e:15:84:23:b5:c4:
         22:29:55:c8:50:b2:e8:82:24:d7:1c:de:a0:29:9f:93:b5:c9:
         ce:bd:15:b6:e2:cb:e7:38:af:b5:4c:0d:4c:ec:51:cc:f6:66:
         3a:95:95:f8:43:ea:1e:97:69:8b:63:af:b4:aa:11:c7:9c:60:
         7c:73:60:e1:4b:6c:cc:db:8c:a8:70:84:7a:d5:7a:3c:9f:c0:
         eb:81:8c:4e:1a:7e:27:26:63:9b:dd:b8:00:d3:14:f1:25:0c:
         bb:0a:e0:a9:dc:53:da:c3:b8:25:84:58:87:9c:ac:40:e5:29:
         10:30:c0:90:4f:ea:b9:7d:b2:57:f1:82:89:d1:1c:fb:af:ca:
         d8:d3:6b:48:50:98:7e:f9:34:89:08:d6:7d:2b:55:9c:bb:43:
         91:4e:35:8c:2d:a7:25:fc:db:0e:01:98:a9:96:df:fe:42:ab:
         79:15:29:55
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUHd0Srbsq64aX7byTt4Snj3UQdh0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTA0MDE1MTQ5WhcNMjUxMjA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BhMGI3YTVkMjhiN2RhYWI0Zjk1NTllYjM3OTkxYzk5YTlh
MzNmNzhiN2YxNWQ3MjE3OWQ5YTM4MTU3ZWNlM2VhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCs/DyStOi0xBqj8jqs2NiRn47eDeRsaRnfrClhdXus0jQs
hUkSd/eXKMNhiag4y3uj8q4cw5MFu5FqQbejmlhCyVb+dIO1APhgcig5QhTxLxfh
Z+ytRw75dgegJATxMGebvbU5Ll5pVPRr5VkZww8gJmEGpXNCv07eYAc60zmYDdqO
AnCN8zKJEEKRUpSYkd6JrqGEtBqWFxPfE0ltXyEB1dLz4Ddi82jEGdTAX+W8lgWW
GcfW2L5SkA9cMSoc8Swu7TwqSuQycSYkajnTvHQOUH6ao3MDBlINBsAlLJkuEWnW
LdJ9q7OReOTsch+VbP8hCUZdbDoOb6nAIC+wBwHpAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUzRCV7ImnbzxwH7pRrWW6Zdy00XEwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzAyZGMyZjVmLTQ0ZjEtNDY0OC1hOTA0LWI2ODgxNGUwZTYzMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA20zANBgkqhkiG9w0BAQsFAAOCAQEALS13RXqMOn0kHdlbCJ5CkxjzUFuj
epHrgy/hwQwQVy4Ol62jUB3YCM8r6EBxR4WDL9tl8IKfmAFs6ljtLGaWQ4hQtcai
piRF9HEuYDWvnAirYxHzbhWEI7XEIilVyFCy6IIk1xzeoCmfk7XJzr0VtuLL5ziv
tUwNTOxRzPZmOpWV+EPqHpdpi2OvtKoRx5xgfHNg4UtszNuMqHCEetV6PJ/A64GM
Thp+JyZjm924ANMU8SUMuwrgqdxT2sO4JYRYh5ysQOUpEDDAkE/quX2yV/GCidEc
+6/K2NNrSFCYfvk0iQjWfStVnLtDkU41jC2nJfzbDgGYqZbf/kKreRUpVQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 01:49:26 2025 by rpki-client