Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0c5b17cb-cbdc-4e6b-9ac5-88abf1faf254.roa
File:                     0c5b17cb-cbdc-4e6b-9ac5-88abf1faf254.roa (raw, json)
Hash identifier:          IjOQ27zMHW5FX+QS8E1q2hSUiV4/KgQrgSIYED9WRZ8=
Subject key identifier:   85:99:08:B2:44:C4:AE:C7:98:A7:80:B5:7E:AF:9D:92:3F:3E:7F:6C
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0275A480B0EB7674F9B99E1B50E209896A03C191
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0c5b17cb-cbdc-4e6b-9ac5-88abf1faf254.roa
Signing time:             Fri 18 Apr 2025 16:20:21 +0000
ROA not before:           Fri 18 Apr 2025 16:20:21 +0000
ROA not after:            Fri 23 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.202.128.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:75:a4:80:b0:eb:76:74:f9:b9:9e:1b:50:e2:09:89:6a:03:c1:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr 18 16:20:21 2025 GMT
            Not After : May 23 23:59:59 2025 GMT
        Subject: serialNumber=61e3f4dab4a97ae47d28d261b212dba1a673f1a5e956cc2afb951a968a737a80, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:7c:3c:c5:a3:82:2b:4f:55:5f:52:54:fa:21:
                    69:5f:ba:08:e8:39:e0:4f:76:ce:25:30:7f:fc:f2:
                    5c:4f:c2:9b:d7:aa:88:21:59:e7:e1:68:67:18:37:
                    ba:08:df:bc:18:f7:33:0b:50:1c:de:0b:60:db:f4:
                    12:70:b5:9c:c5:8b:c1:17:06:2e:12:22:74:07:64:
                    96:01:d0:4e:5d:24:ec:a8:6f:91:75:7a:35:8d:3e:
                    47:31:32:fd:96:c1:8c:fe:27:3f:23:c9:bc:4d:42:
                    9e:28:27:cd:31:a4:a6:da:51:a9:1f:c2:18:53:83:
                    9a:50:2e:dd:8b:65:c0:6f:10:9d:bc:94:f3:ed:c8:
                    cb:9f:22:a1:a1:86:07:32:11:85:bf:62:e4:3a:56:
                    8a:f9:dc:81:fb:5a:97:1b:73:05:77:0f:fd:46:3b:
                    8a:6b:d7:fd:ec:20:e3:d9:2d:77:b8:52:f6:c8:95:
                    a3:78:84:a1:fb:6b:3e:d3:9b:6e:d3:67:c3:9d:cd:
                    25:8f:25:a6:fd:4f:cb:d3:56:16:30:8f:bb:2f:90:
                    13:92:b9:fc:94:03:b3:ed:13:c7:8a:b1:b2:bb:0b:
                    4c:db:76:f4:94:e3:60:88:cb:cc:38:ef:e1:ff:65:
                    11:4f:08:1b:7c:24:b3:58:0b:6c:84:d8:ec:30:25:
                    17:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:99:08:B2:44:C4:AE:C7:98:A7:80:B5:7E:AF:9D:92:3F:3E:7F:6C
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0c5b17cb-cbdc-4e6b-9ac5-88abf1faf254.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.202.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         86:be:e0:f2:45:28:ee:a7:82:c9:8e:92:11:18:16:d6:20:bc:
         f8:3f:34:79:63:27:6d:33:3c:1a:c4:99:af:29:6b:32:e4:1b:
         89:49:b0:29:2e:8b:5c:6c:11:26:b1:74:55:5c:dd:64:23:21:
         28:dd:3b:0e:05:b5:2d:97:61:0d:a1:ef:3e:df:32:32:0c:00:
         19:5b:8f:07:c6:fd:f0:b5:82:d3:e7:6a:9d:47:ac:4b:d5:8c:
         69:97:67:4e:d4:21:3c:9e:08:bf:1e:a9:f6:ac:bc:fe:75:42:
         71:83:05:a1:1f:76:6a:47:1c:b0:ce:dc:f1:93:1e:c7:a9:18:
         86:b5:37:50:c9:db:b5:ed:80:7d:f2:ab:6a:c5:79:94:15:4c:
         40:03:b2:6c:6e:3d:f8:22:c1:91:b9:d8:b0:f6:93:00:75:e8:
         72:8a:50:64:f7:47:c8:df:47:1b:bf:4f:f5:a6:7e:8d:08:44:
         95:3b:59:ca:b5:d9:83:5b:28:a3:6f:4b:ad:ac:6c:9d:14:40:
         79:8e:5e:3e:a2:c0:d1:75:da:9d:4f:7c:bd:d5:21:92:a6:ac:
         75:d2:94:b8:c6:62:e9:f9:ab:ba:8d:06:d6:71:43:50:f0:8e:
         12:81:e5:5d:9b:a7:d0:a9:68:cb:4a:46:c0:90:ce:70:ee:74:
         e4:84:71:98
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAnWkgLDrdnT5uZ4bUOIJiWoDwZEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDE4MTYyMDIxWhcNMjUwNTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A2MWUzZjRkYWI0YTk3YWU0N2QyOGQyNjFiMjEyZGJhMWE2
NzNmMWE1ZTk1NmNjMmFmYjk1MWE5NjhhNzM3YTgwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdfDzFo4IrT1VfUlT6IWlfugjoOeBPds4lMH/88lxPwpvX
qoghWefhaGcYN7oI37wY9zMLUBzeC2Db9BJwtZzFi8EXBi4SInQHZJYB0E5dJOyo
b5F1ejWNPkcxMv2WwYz+Jz8jybxNQp4oJ80xpKbaUakfwhhTg5pQLt2LZcBvEJ28
lPPtyMufIqGhhgcyEYW/YuQ6Vor53IH7WpcbcwV3D/1GO4pr1/3sIOPZLXe4UvbI
laN4hKH7az7Tm27TZ8OdzSWPJab9T8vTVhYwj7svkBOSufyUA7PtE8eKsbK7C0zb
dvSU42CIy8w47+H/ZRFPCBt8JLNYC2yE2OwwJRdRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUhZkIskTErseYp4C1fq+dkj8+f2wwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzBjNWIxN2NiLWNiZGMtNGU2Yi05YWM1LTg4YWJmMWZhZjI1NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAc2yoAwDQYJKoZIhvcNAQELBQADggEBAIa+4PJFKO6ngsmOkhEYFtYgvPg/
NHljJ20zPBrEma8pazLkG4lJsCkui1xsESaxdFVc3WQjISjdOw4FtS2XYQ2h7z7f
MjIMABlbjwfG/fC1gtPnap1HrEvVjGmXZ07UITyeCL8eqfasvP51QnGDBaEfdmpH
HLDO3PGTHsepGIa1N1DJ27XtgH3yq2rFeZQVTEADsmxuPfgiwZG52LD2kwB16HKK
UGT3R8jfRxu/T/Wmfo0IRJU7Wcq12YNbKKNvS62sbJ0UQHmOXj6iwNF12p1PfL3V
IZKmrHXSlLjGYun5q7qNBtZxQ1DwjhKB5V2bp9CpaMtKRsCQznDudOSEcZg=
-----END CERTIFICATE-----