Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1312fb2e-2f33-4495-a9b8-446939a375df.roa
File:                     1312fb2e-2f33-4495-a9b8-446939a375df.roa (raw, json)
Hash identifier:          6KPMsS8I/qbcIo2kG7qEnod7PiV9QgmwbhwEUxcjaGE=
Subject key identifier:   C4:99:1E:FB:59:06:53:6A:E5:DF:AE:DC:57:EA:1A:0C:6B:31:77:8C
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       3CA85E444062DA04609E2FCDF57477BE4833F3C1
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1312fb2e-2f33-4495-a9b8-446939a375df.roa
Signing time:             Tue 29 Jul 2025 15:21:45 +0000
ROA not before:           Tue 29 Jul 2025 15:21:45 +0000
ROA not after:            Tue 02 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        54.157.0.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:a8:5e:44:40:62:da:04:60:9e:2f:cd:f5:74:77:be:48:33:f3:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 29 15:21:45 2025 GMT
            Not After : Sep  2 23:59:59 2025 GMT
        Subject: serialNumber=42b92473ba9fe5725601effb84eb917a7b341ccecac79f2f4b450907c50b5d99, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:fe:6f:0d:c6:a8:e3:b3:94:6e:50:b5:4e:46:
                    27:0b:9e:8c:cc:60:84:23:8f:ed:8a:0a:84:23:15:
                    0e:b1:44:74:e1:04:d2:85:1f:e4:47:1a:74:df:09:
                    ab:27:64:76:8c:22:6f:3a:2d:70:e5:ce:e2:76:90:
                    0e:fe:b7:3a:01:f8:88:09:23:61:6b:38:5c:a8:b6:
                    0c:70:cb:d7:ce:49:2e:dd:d6:5c:52:a7:75:9b:32:
                    bd:df:a9:53:83:33:52:96:08:d6:f3:44:bd:57:40:
                    b4:c7:86:b5:20:6b:9b:90:8d:f5:8c:73:7d:8e:88:
                    c2:2f:24:52:99:cd:19:38:78:f3:a8:d9:62:54:5e:
                    dc:fe:8e:e8:16:b5:2f:72:48:f2:91:3b:58:fc:a3:
                    7f:17:90:7b:60:3e:ba:3b:6c:49:5e:e0:98:26:d5:
                    3e:20:61:10:48:17:af:2a:02:03:30:4a:0a:eb:22:
                    d6:95:3e:d9:d9:ba:84:93:31:d0:3e:1a:d8:de:68:
                    e1:4b:ed:a7:33:dc:4d:75:06:b1:0c:8d:14:3e:96:
                    00:e6:0b:b7:20:83:91:39:41:2d:63:fa:73:e8:6a:
                    e5:2e:78:73:20:32:d4:74:2c:27:19:24:81:65:f4:
                    aa:8a:80:2d:fd:9f:1a:39:35:b7:0f:fc:4b:01:64:
                    6a:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:99:1E:FB:59:06:53:6A:E5:DF:AE:DC:57:EA:1A:0C:6B:31:77:8C
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1312fb2e-2f33-4495-a9b8-446939a375df.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.157.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         b0:7e:d3:0b:a3:e0:6b:64:93:55:35:77:f5:ab:63:60:27:7a:
         ca:c1:c0:5d:3e:ec:43:35:7d:14:19:ac:a7:61:84:ae:16:2a:
         d6:3d:b8:7e:ae:f8:e6:29:77:30:57:78:b6:e8:0c:9b:21:0f:
         7a:25:38:77:9f:c7:b1:6a:76:c8:d0:e7:82:77:51:1c:2c:b9:
         6e:49:24:42:70:c4:7d:02:bc:fb:4a:ae:c7:b8:dc:fa:ef:6d:
         0c:10:29:3b:4f:4c:b9:d7:74:88:54:47:8d:ba:d2:8e:6c:39:
         3f:62:a6:c5:9d:6c:ea:8c:e8:57:f3:39:ab:3c:11:fa:7f:95:
         49:54:c7:c0:03:1f:2b:c2:ce:6a:a7:cb:8e:d9:4e:bb:28:c6:
         9f:43:1e:b4:9e:c6:aa:63:65:31:90:2d:c6:e3:18:99:3f:3a:
         1f:1b:e9:55:16:ca:07:05:f0:21:98:e8:0e:74:3e:40:e2:8d:
         4c:d9:d3:e9:df:5d:88:34:cc:31:a6:32:8a:1e:5f:7b:1e:45:
         51:e2:c1:76:28:53:54:d9:8c:2d:a4:46:65:43:64:60:ea:79:
         38:86:c7:af:72:8c:d3:7d:eb:8f:6a:71:3e:6d:1c:30:06:07:
         81:08:22:d6:39:3f:91:c7:a7:d1:0b:b4:fa:d3:31:9c:04:2e:
         74:28:2f:50
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPKheREBi2gRgni/N9XR3vkgz88EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI5MTUyMTQ1WhcNMjUwOTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A0MmI5MjQ3M2JhOWZlNTcyNTYwMWVmZmI4NGViOTE3YTdi
MzQxY2NlY2FjNzlmMmY0YjQ1MDkwN2M1MGI1ZDk5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDG/m8Nxqjjs5RuULVORicLnozMYIQjj+2KCoQjFQ6xRHTh
BNKFH+RHGnTfCasnZHaMIm86LXDlzuJ2kA7+tzoB+IgJI2FrOFyotgxwy9fOSS7d
1lxSp3WbMr3fqVODM1KWCNbzRL1XQLTHhrUga5uQjfWMc32OiMIvJFKZzRk4ePOo
2WJUXtz+jugWtS9ySPKRO1j8o38XkHtgPro7bEle4Jgm1T4gYRBIF68qAgMwSgrr
ItaVPtnZuoSTMdA+GtjeaOFL7acz3E11BrEMjRQ+lgDmC7cgg5E5QS1j+nPoauUu
eHMgMtR0LCcZJIFl9KqKgC39nxo5NbcP/EsBZGohAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUxJke+1kGU2rl367cV+oaDGsxd4wwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzEzMTJmYjJlLTJmMzMtNDQ5NS1hOWI4LTQ0NjkzOWEzNzVkZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAY2nQAwDQYJKoZIhvcNAQELBQADggEBALB+0wuj4Gtkk1U1d/WrY2AnesrB
wF0+7EM1fRQZrKdhhK4WKtY9uH6u+OYpdzBXeLboDJshD3olOHefx7FqdsjQ54J3
URwsuW5JJEJwxH0CvPtKrse43PrvbQwQKTtPTLnXdIhUR4260o5sOT9ipsWdbOqM
6FfzOas8Efp/lUlUx8ADHyvCzmqny47ZTrsoxp9DHrSexqpjZTGQLcbjGJk/Oh8b
6VUWygcF8CGY6A50PkDijUzZ0+nfXYg0zDGmMooeX3seRVHiwXYoU1TZjC2kRmVD
ZGDqeTiGx69yjNN9649qcT5tHDAGB4EIItY5P5HHp9ELtPrTMZwELnQoL1A=
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:06:14 2025 by rpki-client