Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/37a22513-4fd4-4a36-ac5b-6fef6b888edc.roa
File:                     37a22513-4fd4-4a36-ac5b-6fef6b888edc.roa (raw, json)
Hash identifier:          o8HL3HjGbcUvtW8SGiah93ritPdJyKfQFSG1UEQbbaA=
Subject key identifier:   F6:9C:60:B5:78:27:3B:21:E9:E9:4A:8C:8C:90:3D:AF:7D:45:24:F5
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2B6A41A877B7382EBC12255DE49D66FD115554C5
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/37a22513-4fd4-4a36-ac5b-6fef6b888edc.roa
Signing time:             Tue 04 Nov 2025 00:31:02 +0000
ROA not before:           Tue 04 Nov 2025 00:31:02 +0000
ROA not after:            Tue 09 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.179.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 08 Nov 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:6a:41:a8:77:b7:38:2e:bc:12:25:5d:e4:9d:66:fd:11:55:54:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov  4 00:31:02 2025 GMT
            Not After : Dec  9 23:59:59 2025 GMT
        Subject: serialNumber=8ac7079109c5f1159e8a8f35fcf46310341e0c4043128b005f87a6d7e1f729be, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:b1:34:e3:7a:5c:ce:ce:13:f9:e3:60:99:64:
                    1b:b5:dc:77:1b:6b:04:d2:d9:54:ba:bf:48:ca:a9:
                    f0:c9:db:a2:79:77:1d:40:d2:3c:0f:72:dd:2c:6a:
                    19:45:0a:f8:59:9a:e6:e1:8b:91:e9:2f:88:55:dd:
                    0f:9e:37:0d:e3:0e:a3:ed:a3:be:c4:ac:4f:52:87:
                    d4:42:cc:ab:e8:ba:da:75:d3:1c:1e:ef:94:ab:21:
                    05:34:e1:3d:fb:d8:df:af:a9:7f:7d:df:de:e1:32:
                    05:5b:50:24:8f:b7:7d:26:e0:4b:d5:c9:3a:86:db:
                    ad:85:5c:16:0e:b5:65:06:df:bd:d3:3b:cb:29:47:
                    ff:3f:14:11:dd:f7:2c:60:07:2a:9e:16:67:40:96:
                    11:e8:d3:ec:d2:6b:a3:17:5f:6f:e1:7a:79:53:72:
                    aa:2f:b1:9e:27:89:68:cc:f8:59:3b:1c:aa:94:a6:
                    13:94:54:5c:53:3b:6b:00:27:a0:9b:e6:e7:6f:9c:
                    e7:3c:4c:c7:a8:46:26:f2:b3:7e:fe:f9:bd:56:27:
                    d2:c7:7d:68:a4:fd:dc:7c:ee:df:46:71:ca:b6:93:
                    9a:a3:9f:44:7a:b4:ac:a7:66:76:cc:7b:eb:0b:e1:
                    79:22:3f:35:08:19:52:db:e4:7a:78:7d:28:25:8f:
                    5e:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:9C:60:B5:78:27:3B:21:E9:E9:4A:8C:8C:90:3D:AF:7D:45:24:F5
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/37a22513-4fd4-4a36-ac5b-6fef6b888edc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.179.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         58:2b:09:64:da:5e:dd:a2:cc:2b:c6:24:1f:b9:45:f4:24:e3:
         2c:44:25:78:c4:f7:eb:3e:97:4c:b3:13:40:a5:68:53:2f:59:
         14:c9:f8:63:8b:32:07:86:6c:5c:7d:b4:15:76:d8:05:89:6e:
         f3:4d:46:34:73:51:c2:df:de:0f:dd:50:81:0d:74:ec:87:8b:
         cb:ca:56:d1:a1:4f:41:dc:25:0a:9e:06:b3:06:5d:42:a0:0f:
         23:f2:1a:77:4e:14:1c:60:f2:31:8d:ea:41:c7:09:f2:09:59:
         74:7c:ca:58:4d:01:49:1c:9c:5f:fd:8c:b8:93:ec:a0:22:52:
         6b:ee:5f:07:25:c1:43:41:cf:1d:0e:90:cd:0e:f9:bb:07:26:
         99:93:d4:09:ee:a0:4e:9d:34:38:d6:ff:b6:e5:4c:90:cb:c2:
         6a:34:2b:48:d4:7a:e1:50:32:47:05:57:8c:58:60:c1:4d:79:
         a2:de:eb:6a:cf:5a:11:9c:b0:8c:46:33:ad:b8:48:dc:07:f1:
         e9:a5:81:7b:2d:da:9d:c2:e9:95:6b:ef:af:d1:c3:0a:43:05:
         f1:28:3d:61:93:24:ab:b1:b8:fd:56:33:0c:45:d6:59:20:4c:
         52:7f:c2:bf:cf:65:43:ea:9e:69:ec:55:aa:7a:62:a2:ff:ff:
         1f:b9:1f:ef
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUK2pBqHe3OC68EiVd5J1m/RFVVMUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTA0MDAzMTAyWhcNMjUxMjA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A4YWM3MDc5MTA5YzVmMTE1OWU4YThmMzVmY2Y0NjMxMDM0
MWUwYzQwNDMxMjhiMDA1Zjg3YTZkN2UxZjcyOWJlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjsTTjelzOzhP542CZZBu13HcbawTS2VS6v0jKqfDJ26J5
dx1A0jwPct0sahlFCvhZmubhi5HpL4hV3Q+eNw3jDqPto77ErE9Sh9RCzKvoutp1
0xwe75SrIQU04T372N+vqX99397hMgVbUCSPt30m4EvVyTqG262FXBYOtWUG373T
O8spR/8/FBHd9yxgByqeFmdAlhHo0+zSa6MXX2/henlTcqovsZ4niWjM+Fk7HKqU
phOUVFxTO2sAJ6Cb5udvnOc8TMeoRibys37++b1WJ9LHfWik/dx87t9Gccq2k5qj
n0R6tKynZnbMe+sL4XkiPzUIGVLb5Hp4fSglj14fAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU9pxgtXgnOyHp6UqMjJA9r31FJPUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzM3YTIyNTEzLTRmZDQtNGEzNi1hYzViLTZmZWY2Yjg4OGVkYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2szANBgkqhkiG9w0BAQsFAAOCAQEAWCsJZNpe3aLMK8YkH7lF9CTjLEQl
eMT36z6XTLMTQKVoUy9ZFMn4Y4syB4ZsXH20FXbYBYlu801GNHNRwt/eD91QgQ10
7IeLy8pW0aFPQdwlCp4GswZdQqAPI/Iad04UHGDyMY3qQccJ8glZdHzKWE0BSRyc
X/2MuJPsoCJSa+5fByXBQ0HPHQ6QzQ75uwcmmZPUCe6gTp00ONb/tuVMkMvCajQr
SNR64VAyRwVXjFhgwU15ot7ras9aEZywjEYzrbhI3Afx6aWBey3ancLplWvvr9HD
CkMF8Sg9YZMkq7G4/VYzDEXWWSBMUn/Cv89lQ+qeaexVqnpiov//H7kf7w==
-----END CERTIFICATE-----