Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/02e1c12d-4148-4d82-a499-de2a31ace895.roa
File:                     02e1c12d-4148-4d82-a499-de2a31ace895.roa (raw, json)
Hash identifier:          wnWZXagnk4XMyltrOG9Weje9eM45xzMmQwUVbCEBu28=
Subject key identifier:   40:FA:1A:3E:E5:A0:D1:18:13:BC:CE:D0:0D:AA:7B:F9:66:18:76:E5
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7D0147655D3BA0104432C7B3D6111BEAAFF9E5C5
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/02e1c12d-4148-4d82-a499-de2a31ace895.roa
Signing time:             Fri 25 Jul 2025 16:00:46 +0000
ROA not before:           Fri 25 Jul 2025 16:00:46 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.160.0.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:01:47:65:5d:3b:a0:10:44:32:c7:b3:d6:11:1b:ea:af:f9:e5:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 25 16:00:46 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=27332faf283f5837968ee24a33a737b31a0c7bc9ce656a912ffab101dbddfeb9, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:83:77:85:2e:0d:b6:f8:1b:e1:cc:3d:46:8b:
                    2c:0c:04:f2:55:e2:76:13:3a:17:af:9e:e0:32:86:
                    ed:38:70:10:16:e2:5f:de:6e:3b:eb:3e:9b:6d:5d:
                    02:15:5c:40:51:f8:a8:5e:37:df:85:6d:ef:bf:99:
                    a5:99:2e:18:65:e5:9b:5a:5e:12:c5:76:79:07:c6:
                    34:3b:d6:54:6e:3d:40:91:b5:a3:6b:9a:c8:60:ca:
                    0a:3c:c0:05:9f:b7:32:f5:09:91:e6:8e:be:b1:f0:
                    f0:30:7d:07:22:00:c1:60:1b:21:32:27:8d:46:d5:
                    4a:54:5b:a6:20:2f:cc:57:75:02:1c:a4:11:b1:7a:
                    4e:49:a4:13:18:64:fa:5f:d6:c1:e3:54:10:dd:7a:
                    9d:46:b8:66:00:76:15:90:fd:fb:65:06:b2:f4:29:
                    2f:40:9d:ef:b2:88:d3:af:39:d8:68:4e:31:f7:ba:
                    18:e5:35:44:de:22:b1:17:72:1c:f0:f9:52:71:7b:
                    f4:e7:a1:7c:cc:e8:be:35:32:7d:48:c0:20:36:86:
                    8d:a1:71:84:fb:84:52:b4:c7:b3:19:e8:56:ec:2d:
                    23:34:53:3b:46:00:b3:f5:bd:20:98:98:c9:d2:84:
                    c8:4d:90:ac:4d:91:8d:36:59:6f:84:c5:33:28:40:
                    81:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:FA:1A:3E:E5:A0:D1:18:13:BC:CE:D0:0D:AA:7B:F9:66:18:76:E5
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/02e1c12d-4148-4d82-a499-de2a31ace895.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.160.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         44:f1:e1:a4:4c:c0:70:fc:6b:37:ae:d4:cc:62:57:5b:25:a6:
         7c:31:63:f5:ba:2a:9c:3e:fc:3c:8b:e7:61:24:87:1b:f2:e9:
         dc:b2:23:d4:0a:1c:72:01:bd:46:2b:61:a0:cc:47:d2:d5:88:
         01:93:ce:1f:48:6b:5f:19:da:7c:c8:7e:77:77:46:4a:a5:81:
         77:17:8b:b2:1e:25:be:48:a0:74:e8:b0:8f:05:5b:fc:66:03:
         83:8d:e5:fc:ad:0a:a4:7d:d0:d9:a4:d7:58:0a:9b:05:c3:7c:
         e6:9a:38:26:3c:cb:d5:fe:41:d7:75:35:d6:fa:0b:24:c6:f6:
         22:d4:e9:bb:23:f5:2e:6b:db:51:f7:e3:5a:89:f4:7b:87:e6:
         29:28:f4:6c:85:c7:03:ab:64:a9:f2:0f:fb:94:9c:90:cc:86:
         81:29:12:27:1e:42:95:96:f6:fc:01:61:f5:a2:c5:63:df:31:
         ff:b6:80:e1:11:4a:98:36:19:40:54:e3:f1:c4:06:8d:0b:22:
         54:ce:98:ca:b6:b5:3e:bb:34:54:48:8f:f6:8b:80:b7:86:84:
         09:f0:44:8e:69:e8:86:95:c6:ad:cc:47:e5:2c:d7:94:e1:b0:
         d8:9a:5a:a4:27:f9:74:32:af:ce:85:03:aa:d5:3a:95:eb:dd:
         cc:e1:9f:93
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfQFHZV07oBBEMsez1hEb6q/55cUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI1MTYwMDQ2WhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNzMzMmZhZjI4M2Y1ODM3OTY4ZWUyNGEzM2E3MzdiMzFh
MGM3YmM5Y2U2NTZhOTEyZmZhYjEwMWRiZGRmZWI5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDig3eFLg22+BvhzD1GiywMBPJV4nYTOhevnuAyhu04cBAW
4l/ebjvrPpttXQIVXEBR+KheN9+Fbe+/maWZLhhl5ZtaXhLFdnkHxjQ71lRuPUCR
taNrmshgygo8wAWftzL1CZHmjr6x8PAwfQciAMFgGyEyJ41G1UpUW6YgL8xXdQIc
pBGxek5JpBMYZPpf1sHjVBDdep1GuGYAdhWQ/ftlBrL0KS9Ane+yiNOvOdhoTjH3
uhjlNUTeIrEXchzw+VJxe/TnoXzM6L41Mn1IwCA2ho2hcYT7hFK0x7MZ6FbsLSM0
UztGALP1vSCYmMnShMhNkKxNkY02WW+ExTMoQIGfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUQPoaPuWg0RgTvM7QDap7+WYYduUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzAyZTFjMTJkLTQxNDgtNGQ4Mi1hNDk5LWRlMmEzMWFjZTg5NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAY2oAAwDQYJKoZIhvcNAQELBQADggEBAETx4aRMwHD8azeu1MxiV1slpnwx
Y/W6Kpw+/DyL52Ekhxvy6dyyI9QKHHIBvUYrYaDMR9LViAGTzh9Ia18Z2nzIfnd3
RkqlgXcXi7IeJb5IoHTosI8FW/xmA4ON5fytCqR90Nmk11gKmwXDfOaaOCY8y9X+
Qdd1Ndb6CyTG9iLU6bsj9S5r21H341qJ9HuH5iko9GyFxwOrZKnyD/uUnJDMhoEp
EiceQpWW9vwBYfWixWPfMf+2gOERSpg2GUBU4/HEBo0LIlTOmMq2tT67NFRIj/aL
gLeGhAnwRI5p6IaVxq3MR+Us15ThsNiaWqQn+XQyr86FA6rVOpXr3czhn5M=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:42:24 2025 by rpki-client