Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3dbed47a-10ca-4c3f-ac7f-2c2f1c02ddc4.roa
File:                     3dbed47a-10ca-4c3f-ac7f-2c2f1c02ddc4.roa (raw, json)
Hash identifier:          uzwrdTu5tzXjQFNRWWSaEz1C35OfoxHEI5e+WalDGWI=
Subject key identifier:   06:93:4B:EB:9B:AB:07:F9:CA:4E:F6:13:59:08:C3:AE:95:3B:AF:FB
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       495DC20EE942CDDB42D3E63418E8C1E1F749CB6F
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3dbed47a-10ca-4c3f-ac7f-2c2f1c02ddc4.roa
Signing time:             Tue 29 Jul 2025 18:00:15 +0000
ROA not before:           Tue 29 Jul 2025 18:00:15 +0000
ROA not after:            Tue 02 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.253.64.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:5d:c2:0e:e9:42:cd:db:42:d3:e6:34:18:e8:c1:e1:f7:49:cb:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 29 18:00:15 2025 GMT
            Not After : Sep  2 23:59:59 2025 GMT
        Subject: serialNumber=b76819ba191cf2a47ce21127240c94ca9cff1282c55d5536be6561f8898a7afb, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:fd:7f:0f:8d:be:05:6d:09:48:03:9d:e7:10:
                    4e:5b:90:cc:3f:a0:c1:7f:61:45:45:1f:db:bb:26:
                    62:d2:c9:4c:20:1b:74:6b:0a:38:bd:04:3a:a8:a0:
                    8a:ab:a7:0b:eb:38:c9:ee:67:64:b2:72:7a:14:b1:
                    52:d4:31:f4:e2:3b:f8:3b:e3:b8:8e:70:86:89:07:
                    02:ae:64:a6:92:07:47:07:a2:17:74:4b:bd:e5:5e:
                    f4:dd:f1:d1:1e:6c:6a:59:29:18:27:e2:a3:2b:fa:
                    07:06:1f:11:b6:85:e1:0b:46:5b:65:93:45:0d:66:
                    72:d2:e7:a2:74:dd:ba:ce:17:f9:ff:aa:76:fd:36:
                    96:58:cb:db:1c:1d:c5:e1:ed:47:99:67:3a:16:3e:
                    17:61:86:2b:a4:0d:be:b7:e2:3c:39:c7:8b:f2:1b:
                    87:62:ea:39:34:72:54:44:36:6f:0c:0b:81:9d:b7:
                    30:97:1f:ed:04:2e:25:3e:85:58:bf:b4:89:13:1b:
                    3f:65:d1:df:99:06:86:00:2e:93:7b:ad:18:56:c9:
                    9e:af:3a:36:1b:f7:db:6e:46:68:70:0e:01:2b:28:
                    66:99:41:c0:95:a5:47:c4:ed:53:d7:af:88:f5:ae:
                    20:78:ca:a3:f3:87:22:70:97:3b:e9:a9:e3:f7:32:
                    86:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:93:4B:EB:9B:AB:07:F9:CA:4E:F6:13:59:08:C3:AE:95:3B:AF:FB
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3dbed47a-10ca-4c3f-ac7f-2c2f1c02ddc4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.253.64.0/19

    Signature Algorithm: sha256WithRSAEncryption
         66:8c:07:f9:ee:d6:0d:24:44:9d:67:06:33:45:9f:93:aa:bc:
         4b:ff:dc:84:d0:4f:f4:30:df:de:d3:07:a6:c2:03:31:17:d9:
         9c:c4:d4:e9:41:e2:f6:86:41:38:88:cf:25:0d:69:5b:e3:41:
         ce:0f:4b:84:4a:fe:17:01:be:e0:83:eb:dc:ee:68:2d:42:9b:
         e1:d4:40:c4:26:4b:8e:a1:1b:b2:1c:3e:1d:69:b7:2a:db:92:
         29:7e:d7:30:ce:da:e6:47:82:59:4c:89:c2:53:8e:04:11:3b:
         32:2e:e4:1b:d4:c9:0b:cc:37:28:da:11:67:10:d5:06:3a:4a:
         36:ee:5b:09:06:c9:e7:00:8b:9f:cf:d2:11:46:ba:1c:39:a9:
         a6:80:a6:55:10:e5:67:d7:a7:a7:5e:5a:d8:df:ad:40:82:84:
         28:c1:be:8e:07:ed:f0:90:e2:2e:df:5e:62:07:85:b3:93:2d:
         49:68:7b:ed:6b:7e:00:32:4c:e3:ac:16:3c:47:64:19:de:cf:
         43:5e:8d:61:71:da:42:9a:e8:a4:f8:d7:87:3a:d5:ef:2c:0d:
         a0:15:e1:25:51:90:ae:58:2f:6e:01:b8:61:85:ff:d1:94:c2:
         a0:1b:69:8c:bd:96:8e:7b:ee:90:25:a6:b3:55:38:ce:b6:ee:
         62:66:7a:a5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSV3CDulCzdtC0+Y0GOjB4fdJy28wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI5MTgwMDE1WhcNMjUwOTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNzY4MTliYTE5MWNmMmE0N2NlMjExMjcyNDBjOTRjYTlj
ZmYxMjgyYzU1ZDU1MzZiZTY1NjFmODg5OGE3YWZiMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCm/X8Pjb4FbQlIA53nEE5bkMw/oMF/YUVFH9u7JmLSyUwg
G3RrCji9BDqooIqrpwvrOMnuZ2SycnoUsVLUMfTiO/g747iOcIaJBwKuZKaSB0cH
ohd0S73lXvTd8dEebGpZKRgn4qMr+gcGHxG2heELRltlk0UNZnLS56J03brOF/n/
qnb9NpZYy9scHcXh7UeZZzoWPhdhhiukDb634jw5x4vyG4di6jk0clRENm8MC4Gd
tzCXH+0ELiU+hVi/tIkTGz9l0d+ZBoYALpN7rRhWyZ6vOjYb99tuRmhwDgErKGaZ
QcCVpUfE7VPXr4j1riB4yqPzhyJwlzvpqeP3MobNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBpNL65urB/nKTvYTWQjDrpU7r/swHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzNkYmVkNDdhLTEwY2EtNGMzZi1hYzdmLTJjMmYxYzAyZGRjNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU2/UAwDQYJKoZIhvcNAQELBQADggEBAGaMB/nu1g0kRJ1nBjNFn5OqvEv/
3ITQT/Qw397TB6bCAzEX2ZzE1OlB4vaGQTiIzyUNaVvjQc4PS4RK/hcBvuCD69zu
aC1Cm+HUQMQmS46hG7IcPh1ptyrbkil+1zDO2uZHgllMicJTjgQROzIu5BvUyQvM
NyjaEWcQ1QY6SjbuWwkGyecAi5/P0hFGuhw5qaaAplUQ5WfXp6deWtjfrUCChCjB
vo4H7fCQ4i7fXmIHhbOTLUloe+1rfgAyTOOsFjxHZBnez0NejWFx2kKa6KT414c6
1e8sDaAV4SVRkK5YL24BuGGF/9GUwqAbaYy9lo577pAlprNVOM627mJmeqU=
-----END CERTIFICATE-----