Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/581d3fec-1929-406d-8d07-00ea84378921.roa
File:                     581d3fec-1929-406d-8d07-00ea84378921.roa (raw, json)
Hash identifier:          zSulvcMuHm2Fa3tze8S5ZNaTyy8VkPdrd+RQtDgc2EE=
Subject key identifier:   84:5E:62:7E:9A:66:39:C0:BB:35:71:71:E2:73:37:12:E9:5E:9A:91
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       054690385E5B14507A06C7E2AA3406B1B18A6C1E
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/581d3fec-1929-406d-8d07-00ea84378921.roa
Signing time:             Fri 17 Oct 2025 22:52:43 +0000
ROA not before:           Fri 17 Oct 2025 22:52:43 +0000
ROA not after:            Fri 21 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.234.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 06 Nov 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:46:90:38:5e:5b:14:50:7a:06:c7:e2:aa:34:06:b1:b1:8a:6c:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 17 22:52:43 2025 GMT
            Not After : Nov 21 23:59:59 2025 GMT
        Subject: serialNumber=71c1e9d3839077622573cc9870910331b2d4eecc083c240078fb389bf1b94b55, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:8e:0d:e8:c4:98:04:3b:23:5e:a4:f8:06:4e:
                    4c:9b:73:96:ca:c9:1a:e6:e3:97:74:f7:b7:9a:0b:
                    ed:ec:ee:36:af:bf:91:81:68:72:4f:56:a2:d4:64:
                    d0:6f:50:ed:40:fd:eb:09:08:12:4c:12:09:27:e5:
                    80:26:07:03:0b:51:7c:4b:5f:e8:bc:b8:5d:21:44:
                    e2:8f:69:98:ee:cc:80:b0:7c:9a:d5:19:a1:f0:8c:
                    33:c7:c4:fb:0d:94:60:ec:ba:8a:a9:be:e6:5a:33:
                    7a:d4:18:85:50:30:62:4b:9e:8c:d1:f1:18:ac:92:
                    3b:e4:98:f1:28:e0:f2:00:15:19:0e:e6:44:ec:b6:
                    2d:38:0b:31:31:b1:29:7a:e0:8b:54:5a:ed:47:f9:
                    98:b3:66:d0:b7:f2:38:97:ba:6b:78:bd:88:11:3c:
                    86:df:ee:a7:5e:10:c3:b7:d7:ae:e4:7f:00:87:6c:
                    8d:48:43:2e:64:42:9e:9d:1a:d6:b8:74:6e:cf:ea:
                    c6:c7:f0:fc:ce:37:91:c7:52:dc:83:55:e5:1e:ee:
                    8b:46:fd:cf:f8:9c:a4:46:b6:99:94:3f:c4:1b:19:
                    6b:ce:07:4b:31:7a:42:fb:ab:71:33:cb:57:bd:96:
                    26:ea:5f:29:cb:c8:a0:59:50:a9:6f:d3:ef:f3:bd:
                    63:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:5E:62:7E:9A:66:39:C0:BB:35:71:71:E2:73:37:12:E9:5E:9A:91
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/581d3fec-1929-406d-8d07-00ea84378921.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.234.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         47:e7:29:df:73:60:50:90:e4:6b:80:8c:59:b2:23:62:9d:5c:
         70:f1:45:07:01:1f:3a:6d:fb:af:34:ca:45:eb:6e:ff:4e:25:
         e7:60:96:ee:bb:8e:aa:01:a5:82:3f:4e:5e:16:96:87:c2:ed:
         67:b7:97:c3:d4:34:c5:16:c4:27:71:77:bb:4e:56:78:13:8a:
         8a:7a:c0:46:ee:1c:87:02:f0:d2:7d:00:0c:79:89:b9:8e:8c:
         1f:08:c7:0d:cd:b9:34:d2:06:26:e1:0d:a9:b1:ee:fb:54:76:
         dd:33:0b:27:f8:fd:50:22:e2:8e:40:98:be:1e:dc:2e:bf:67:
         5e:32:f6:a2:bb:36:97:1e:e7:49:e1:6a:72:5d:ce:25:1d:88:
         67:65:7a:26:e1:3c:28:9e:ff:57:13:f0:b6:20:a1:50:88:78:
         06:6c:41:30:ca:8d:93:6b:52:4f:77:46:f9:72:cd:c7:16:b7:
         0f:9b:3f:79:06:43:3d:90:c2:d2:c7:82:83:c2:0b:48:ee:86:
         24:0e:06:f2:e2:c6:5a:4d:5d:5b:32:9a:0a:0e:9f:73:93:24:
         1c:e9:ec:81:95:74:a6:4c:ca:fd:99:d8:1a:a3:83:bb:24:97:
         72:88:6b:4e:2b:6f:ea:44:97:6d:a4:d2:38:50:41:cf:12:58:
         91:06:6f:46
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUBUaQOF5bFFB6BsfiqjQGsbGKbB4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE3MjI1MjQzWhcNMjUxMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0A3MWMxZTlkMzgzOTA3NzYyMjU3M2NjOTg3MDkxMDMzMWIy
ZDRlZWNjMDgzYzI0MDA3OGZiMzg5YmYxYjk0YjU1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCUjg3oxJgEOyNepPgGTkybc5bKyRrm45d097eaC+3s7jav
v5GBaHJPVqLUZNBvUO1A/esJCBJMEgkn5YAmBwMLUXxLX+i8uF0hROKPaZjuzICw
fJrVGaHwjDPHxPsNlGDsuoqpvuZaM3rUGIVQMGJLnozR8RiskjvkmPEo4PIAFRkO
5kTsti04CzExsSl64ItUWu1H+ZizZtC38jiXumt4vYgRPIbf7qdeEMO3167kfwCH
bI1IQy5kQp6dGta4dG7P6sbH8PzON5HHUtyDVeUe7otG/c/4nKRGtpmUP8QbGWvO
B0sxekL7q3Ezy1e9libqXynLyKBZUKlv0+/zvWMrAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUhF5ifppmOcC7NXFx4nM3EulempEwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzU4MWQzZmVjLTE5MjktNDA2ZC04ZDA3LTAwZWE4NDM3ODkyMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA26jANBgkqhkiG9w0BAQsFAAOCAQEAR+cp33NgUJDka4CMWbIjYp1ccPFF
BwEfOm37rzTKRetu/04l52CW7ruOqgGlgj9OXhaWh8LtZ7eXw9Q0xRbEJ3F3u05W
eBOKinrARu4chwLw0n0ADHmJuY6MHwjHDc25NNIGJuENqbHu+1R23TMLJ/j9UCLi
jkCYvh7cLr9nXjL2ors2lx7nSeFqcl3OJR2IZ2V6JuE8KJ7/VxPwtiChUIh4BmxB
MMqNk2tST3dG+XLNxxa3D5s/eQZDPZDC0seCg8ILSO6GJA4G8uLGWk1dWzKaCg6f
c5MkHOnsgZV0pkzK/ZnYGqODuySXcohrTitv6kSXbaTSOFBBzxJYkQZvRg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:08:10 2025 by rpki-client