Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/55c57b25-f10f-4173-969b-c60f367e5ee0.roa
File:                     55c57b25-f10f-4173-969b-c60f367e5ee0.roa (raw, json)
Hash identifier:          J4hNxBWmj4RbB1pSI2JTk3giKfIzlqnmAP+kr8dEJ/Y=
Subject key identifier:   2D:B5:F7:35:EA:5F:0E:F8:D3:CC:40:F7:53:1E:02:A9:5E:4E:8C:A4
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       40D5228AEC5F1274B41F481EEF54F79ABB649E03
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/55c57b25-f10f-4173-969b-c60f367e5ee0.roa
Signing time:             Tue 03 Jun 2025 16:21:33 +0000
ROA not before:           Tue 03 Jun 2025 16:21:33 +0000
ROA not after:            Tue 08 Jul 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        54.210.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 17 Jun 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:d5:22:8a:ec:5f:12:74:b4:1f:48:1e:ef:54:f7:9a:bb:64:9e:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun  3 16:21:33 2025 GMT
            Not After : Jul  8 23:59:59 2025 GMT
        Subject: serialNumber=74929549846e105bd03e226003bc99b20929d8dc5be60fa90debdc6ad56d86ee, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:a1:ea:09:4b:a7:c4:17:71:dd:8f:40:8b:ed:
                    70:f9:cf:2f:d0:fb:5e:d4:b9:a7:6f:eb:69:05:bd:
                    ec:04:76:99:30:0b:27:02:f5:60:59:d2:66:3d:cf:
                    8e:18:09:9b:f3:76:4e:93:a2:5a:d9:b1:61:05:71:
                    48:15:99:3b:a3:fd:c8:c6:d2:98:cf:46:9c:8b:76:
                    f1:c0:a5:cd:81:b9:e0:4d:f7:b2:0d:2f:6f:2b:90:
                    b6:92:b3:b4:5a:32:43:af:d3:0c:b4:a6:ef:ed:0d:
                    72:1e:96:77:95:3f:ed:98:8e:49:e2:5b:7f:7f:a9:
                    d3:82:29:33:17:fd:f9:22:fb:f7:a9:20:12:7d:5f:
                    d5:e0:3f:50:9f:52:bf:92:1a:94:6d:58:a8:ec:e6:
                    9b:93:28:76:e5:cb:b1:3e:c2:9a:0b:01:20:1d:6c:
                    01:21:95:90:3b:e2:03:a4:f3:f4:c6:78:92:db:10:
                    91:cd:a7:5f:02:00:e8:82:f1:f6:2f:fb:fd:10:84:
                    64:be:f6:55:6a:27:c6:d6:ba:7e:6e:c5:7c:47:19:
                    11:32:3b:15:34:60:b3:19:75:70:53:46:21:0c:d7:
                    89:1b:32:a7:b6:7e:53:77:98:27:74:86:e6:a0:80:
                    ff:70:5b:41:ab:9b:ff:26:48:6b:94:eb:ec:a7:51:
                    c7:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:B5:F7:35:EA:5F:0E:F8:D3:CC:40:F7:53:1E:02:A9:5E:4E:8C:A4
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/55c57b25-f10f-4173-969b-c60f367e5ee0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.210.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         9b:f4:83:c1:fa:c3:74:f7:50:31:cf:3a:9b:c9:92:35:fb:a3:
         58:ac:46:08:a2:0e:81:c0:e8:7b:bf:db:b3:d2:45:e1:9b:e0:
         11:56:c6:8d:83:be:cd:2b:6f:24:a5:da:0e:6f:1e:99:a0:f7:
         9d:24:88:27:ba:6a:45:84:8d:cb:7c:08:83:06:b1:b3:ee:91:
         c9:7c:f2:87:b8:a1:a4:c4:c8:34:94:6d:44:41:1a:87:30:be:
         a8:1a:87:ba:63:79:01:80:49:95:96:dc:a5:ed:11:82:bf:4e:
         23:ab:e2:97:42:d7:e2:fa:ab:aa:8e:81:e1:d8:0a:01:34:aa:
         bd:bc:0f:d3:3f:fe:09:5b:5d:2f:9c:66:53:25:06:20:c0:95:
         08:d1:6b:00:b0:c0:66:a8:0a:02:9f:79:bb:d9:64:01:cc:bd:
         b8:43:f7:43:14:8d:79:3a:2c:17:59:3f:e1:99:d1:3a:15:dd:
         26:13:09:4b:51:b0:79:fa:b3:56:3b:7a:a5:53:4d:31:89:2b:
         7c:31:73:7d:0b:20:51:0a:38:6a:51:41:b3:92:d5:73:44:46:
         e8:ec:d8:7e:e2:b9:cf:7b:7d:5b:ea:0f:41:4c:16:c9:2f:82:
         13:26:62:d9:27:4c:5e:bf:73:7c:15:3e:33:2f:0b:8f:2a:06:
         d0:0b:f9:71
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUQNUiiuxfEnS0H0ge71T3mrtkngMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNjAzMTYyMTMzWhcNMjUwNzA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A3NDkyOTU0OTg0NmUxMDViZDAzZTIyNjAwM2JjOTliMjA5
MjlkOGRjNWJlNjBmYTkwZGViZGM2YWQ1NmQ4NmVlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAoeoJS6fEF3Hdj0CL7XD5zy/Q+17Uuadv62kFvewEdpkw
CycC9WBZ0mY9z44YCZvzdk6TolrZsWEFcUgVmTuj/cjG0pjPRpyLdvHApc2BueBN
97INL28rkLaSs7RaMkOv0wy0pu/tDXIelneVP+2YjkniW39/qdOCKTMX/fki+/ep
IBJ9X9XgP1CfUr+SGpRtWKjs5puTKHbly7E+wpoLASAdbAEhlZA74gOk8/TGeJLb
EJHNp18CAOiC8fYv+/0QhGS+9lVqJ8bWun5uxXxHGREyOxU0YLMZdXBTRiEM14kb
Mqe2flN3mCd0huaggP9wW0Grm/8mSGuU6+ynUcfDAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQULbX3NepfDvjTzED3Ux4CqV5OjKQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzU1YzU3YjI1LWYxMGYtNDE3My05NjliLWM2MGYzNjdlNWVlMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwE20jANBgkqhkiG9w0BAQsFAAOCAQEAm/SDwfrDdPdQMc86m8mSNfujWKxG
CKIOgcDoe7/bs9JF4ZvgEVbGjYO+zStvJKXaDm8emaD3nSSIJ7pqRYSNy3wIgwax
s+6RyXzyh7ihpMTINJRtREEahzC+qBqHumN5AYBJlZbcpe0Rgr9OI6vil0LX4vqr
qo6B4dgKATSqvbwP0z/+CVtdL5xmUyUGIMCVCNFrALDAZqgKAp95u9lkAcy9uEP3
QxSNeTosF1k/4ZnROhXdJhMJS1GwefqzVjt6pVNNMYkrfDFzfQsgUQo4alFBs5LV
c0RG6OzYfuK5z3t9W+oPQUwWyS+CEyZi2SdMXr9zfBU+My8LjyoG0Av5cQ==
-----END CERTIFICATE-----