Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/22b078b7-c123-4298-8bd4-6cdabd20c90d.roa
File:                     22b078b7-c123-4298-8bd4-6cdabd20c90d.roa (raw, json)
Hash identifier:          1RDLL76lGZJPeZb+wSYC+Qt5wOQ94OuYy6s6xoi+P7w=
Subject key identifier:   43:A6:6A:4A:39:EB:36:35:13:67:04:70:28:F1:52:79:58:2F:DB:44
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7180FBD200788A7A158D9DBEDA760CB1650ABBC1
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/22b078b7-c123-4298-8bd4-6cdabd20c90d.roa
Signing time:             Tue 29 Jul 2025 17:11:00 +0000
ROA not before:           Tue 29 Jul 2025 17:11:00 +0000
ROA not after:            Tue 02 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.251.254.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:80:fb:d2:00:78:8a:7a:15:8d:9d:be:da:76:0c:b1:65:0a:bb:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 29 17:11:00 2025 GMT
            Not After : Sep  2 23:59:59 2025 GMT
        Subject: serialNumber=1aaa86a4434e8005e6e0c89fb6ca78cead7944f69ecb5e6e4dadff00af52a8d9, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:22:74:95:5f:d0:3f:06:66:df:6e:8d:10:88:
                    94:a0:4e:4c:44:e3:26:17:31:d7:5b:8e:5d:6c:b3:
                    16:f4:5b:0d:06:14:fd:a1:df:7d:72:04:fd:67:41:
                    90:cb:3a:e9:62:7a:cf:ce:7e:3e:37:ce:d9:ff:fe:
                    76:dc:24:3e:d3:b7:87:72:57:25:88:ae:35:ae:79:
                    8a:d3:af:91:4d:32:2f:a0:a5:ed:f4:a8:d3:d7:d9:
                    e0:c6:15:e2:0d:a3:01:92:f7:da:81:74:a8:39:34:
                    b8:89:b6:e6:a2:50:4a:36:60:45:97:a1:01:68:a8:
                    73:e1:ab:b2:5a:0e:4f:3b:75:dc:c0:78:a6:28:32:
                    bf:48:46:11:25:a8:04:c4:98:15:01:b9:98:3d:41:
                    fc:6d:ab:89:60:e1:21:46:07:16:c0:5c:e4:29:44:
                    77:5d:61:c1:3c:0a:ff:ee:33:41:6b:ed:98:60:45:
                    68:31:17:4d:f7:00:e5:4f:0d:33:79:d1:ed:8c:fa:
                    a8:7f:9d:56:06:70:0c:cf:35:24:4b:14:34:ff:30:
                    53:72:33:06:0e:76:c6:5d:14:65:fc:a1:93:9d:d8:
                    02:9e:60:c7:fa:79:4c:a2:12:7e:c2:ea:8b:0c:fb:
                    16:59:c1:25:22:41:8f:82:1d:ab:9f:7c:f1:80:ed:
                    84:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:A6:6A:4A:39:EB:36:35:13:67:04:70:28:F1:52:79:58:2F:DB:44
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/22b078b7-c123-4298-8bd4-6cdabd20c90d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.251.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:a1:af:ad:e3:89:f3:4c:82:92:ee:3f:32:6b:37:48:58:09:
         e5:33:2d:f8:51:a2:b1:be:77:cd:61:ac:f9:5f:38:67:d2:44:
         63:6e:1f:35:ac:3b:eb:7e:cd:89:72:9c:08:26:74:db:26:54:
         c7:25:d3:2b:78:c8:35:c4:58:9a:f9:07:33:1b:15:a6:89:b2:
         c8:be:95:8f:9a:5c:d0:49:7f:1c:d9:0d:36:be:05:a5:af:78:
         da:96:cc:84:83:63:4e:de:b6:24:5d:54:af:7b:ec:25:6f:2e:
         fe:67:aa:0f:01:67:0f:32:e9:88:4d:d7:47:2c:e6:0b:2f:17:
         e5:96:c1:6d:dd:b4:cc:3c:08:d5:ff:da:4f:25:33:12:4f:35:
         19:f8:eb:87:4b:3c:e3:64:f3:35:64:05:48:83:b5:eb:59:29:
         73:dc:67:c8:36:be:79:91:c8:24:e4:b1:03:86:49:6a:b8:4f:
         f2:9b:4d:db:a1:9f:76:c7:61:6b:76:4c:7b:b1:74:f7:7a:33:
         f2:3d:e5:20:12:e3:29:37:aa:ba:b6:2d:c6:c5:4c:56:f1:c7:
         a5:9d:54:ff:bd:4b:4d:23:f4:c6:93:bd:68:2c:63:05:96:44:
         1d:a9:42:f4:63:e0:28:f8:b7:e4:50:2d:c7:6c:e9:c9:41:93:
         4d:e1:c1:b8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcYD70gB4inoVjZ2+2nYMsWUKu8EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI5MTcxMTAwWhcNMjUwOTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0AxYWFhODZhNDQzNGU4MDA1ZTZlMGM4OWZiNmNhNzhjZWFk
Nzk0NGY2OWVjYjVlNmU0ZGFkZmYwMGFmNTJhOGQ5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWInSVX9A/Bmbfbo0QiJSgTkxE4yYXMddbjl1ssxb0Ww0G
FP2h331yBP1nQZDLOulies/Ofj43ztn//nbcJD7Tt4dyVyWIrjWueYrTr5FNMi+g
pe30qNPX2eDGFeINowGS99qBdKg5NLiJtuaiUEo2YEWXoQFoqHPhq7JaDk87ddzA
eKYoMr9IRhElqATEmBUBuZg9Qfxtq4lg4SFGBxbAXOQpRHddYcE8Cv/uM0Fr7Zhg
RWgxF033AOVPDTN50e2M+qh/nVYGcAzPNSRLFDT/MFNyMwYOdsZdFGX8oZOd2AKe
YMf6eUyiEn7C6osM+xZZwSUiQY+CHauffPGA7YSlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUQ6ZqSjnrNjUTZwRwKPFSeVgv20QwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzIyYjA3OGI3LWMxMjMtNDI5OC04YmQ0LTZjZGFiZDIwYzkwZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA2+/4wDQYJKoZIhvcNAQELBQADggEBAAChr63jifNMgpLuPzJrN0hYCeUz
LfhRorG+d81hrPlfOGfSRGNuHzWsO+t+zYlynAgmdNsmVMcl0yt4yDXEWJr5BzMb
FaaJssi+lY+aXNBJfxzZDTa+BaWveNqWzISDY07etiRdVK977CVvLv5nqg8BZw8y
6YhN10cs5gsvF+WWwW3dtMw8CNX/2k8lMxJPNRn464dLPONk8zVkBUiDtetZKXPc
Z8g2vnmRyCTksQOGSWq4T/KbTduhn3bHYWt2THuxdPd6M/I95SAS4yk3qrq2LcbF
TFbxx6WdVP+9S00j9MaTvWgsYwWWRB2pQvRj4Cj4t+RQLcds6clBk03hwbg=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:37:45 2025 by rpki-client