Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/592229fc-0992-48a6-b4d6-3aa5c5bede73.roa
File:                     592229fc-0992-48a6-b4d6-3aa5c5bede73.roa (raw, json)
Hash identifier:          mwQ7dyqRlr4bHpKB3EgD60Q8rwdmR4d2Hmel1rC44f0=
Subject key identifier:   26:DC:6E:9D:E4:2E:FC:53:B0:63:B2:80:5E:17:8C:ED:95:F9:AF:9A
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       25721D0D2DBD709697D490FBA60F5E5E0D83ED75
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/592229fc-0992-48a6-b4d6-3aa5c5bede73.roa
Signing time:             Fri 11 Jul 2025 17:50:21 +0000
ROA not before:           Fri 11 Jul 2025 17:50:21 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.89.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:72:1d:0d:2d:bd:70:96:97:d4:90:fb:a6:0f:5e:5e:0d:83:ed:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 11 17:50:21 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=b4590f92203cd4d429be0c0f405454b7b87361f9b1793a745244599b095aba3c, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:88:1f:0f:e2:99:36:a5:2e:f6:10:48:2c:ad:
                    88:c3:49:9d:97:15:6d:23:63:52:eb:78:31:41:19:
                    1f:69:a5:6e:55:ae:dc:de:52:7e:10:d7:9f:dd:e6:
                    84:d9:2d:b5:e7:b6:7c:08:b5:fa:38:42:27:27:c8:
                    ee:72:2f:87:27:15:f6:80:45:b8:35:25:06:73:ba:
                    1f:3c:e6:a5:dd:90:24:3d:fc:4a:65:ba:a9:1b:a8:
                    05:92:34:c4:f8:73:04:47:c8:c7:12:82:37:38:46:
                    2d:80:6e:0d:99:bb:4c:aa:3a:e9:f0:f0:95:06:76:
                    20:7e:e6:37:3c:ed:ca:3f:85:5e:aa:bd:00:0d:15:
                    61:3c:da:b0:dc:90:9b:e3:69:c9:d7:05:48:12:27:
                    21:2e:fd:f3:34:59:61:e5:e4:4a:c4:cb:b5:9f:0e:
                    69:18:2f:59:bf:f5:47:5d:23:bf:25:6f:23:73:bb:
                    fd:10:91:7b:6a:c7:bc:73:bf:69:02:19:a3:fc:c2:
                    8f:45:be:b6:ff:9d:80:71:09:21:c9:81:70:2b:0a:
                    33:eb:39:02:2c:71:7c:c4:1c:76:18:ae:af:da:66:
                    90:3a:0c:27:ed:b6:e9:31:2b:bb:7e:b9:c6:45:1d:
                    0e:7c:4c:d7:b2:8d:ad:67:99:09:60:81:d3:85:12:
                    71:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:DC:6E:9D:E4:2E:FC:53:B0:63:B2:80:5E:17:8C:ED:95:F9:AF:9A
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/592229fc-0992-48a6-b4d6-3aa5c5bede73.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.89.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         12:7a:17:11:3b:b9:3a:15:27:b8:44:c6:a1:e5:e5:fb:da:d9:
         57:c4:57:86:9e:ae:08:1c:de:83:b0:92:1d:4f:5d:71:c8:9a:
         b5:14:99:66:b8:6d:8a:4c:1c:fe:bc:43:f4:8c:65:23:b6:ae:
         b7:59:2c:3b:f3:42:82:bb:65:c1:e3:cb:c1:8a:5d:5d:2f:ba:
         46:e8:7a:ce:be:04:67:a0:3f:fe:f3:c1:7f:a9:8f:0e:4c:0d:
         1d:c6:88:d5:f9:fc:8e:a7:bf:a5:ea:8b:20:83:7b:ef:73:5b:
         8f:24:f4:e5:84:7e:67:3a:b8:de:c2:ac:71:61:b6:17:c2:cb:
         78:7f:2c:b6:90:42:a7:03:d3:c4:9d:be:ec:5c:9b:dc:79:35:
         bc:3a:ad:6f:c9:9f:a5:f1:c6:c9:4b:ac:12:8c:81:5a:5e:16:
         29:8d:35:de:f6:bf:74:92:38:e3:19:b1:fc:95:eb:33:1b:a3:
         47:46:1f:da:6e:a4:eb:a3:a6:a0:e5:e6:b8:f0:19:61:a1:f7:
         ab:20:d4:0f:b6:00:18:cd:2f:96:7b:57:7a:27:a5:c7:c8:8f:
         b7:91:ad:44:67:0f:c1:46:d4:27:0f:c4:d1:0f:86:e6:06:b4:
         2c:9b:12:20:30:f8:fd:7d:7c:41:c0:35:05:8a:45:49:88:5c:
         9d:24:08:2f
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJXIdDS29cJaX1JD7pg9eXg2D7XUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzExMTc1MDIxWhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNDU5MGY5MjIwM2NkNGQ0MjliZTBjMGY0MDU0NTRiN2I4
NzM2MWY5YjE3OTNhNzQ1MjQ0NTk5YjA5NWFiYTNjMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD0iB8P4pk2pS72EEgsrYjDSZ2XFW0jY1LreDFBGR9ppW5V
rtzeUn4Q15/d5oTZLbXntnwItfo4QicnyO5yL4cnFfaARbg1JQZzuh885qXdkCQ9
/EpluqkbqAWSNMT4cwRHyMcSgjc4Ri2Abg2Zu0yqOunw8JUGdiB+5jc87co/hV6q
vQANFWE82rDckJvjacnXBUgSJyEu/fM0WWHl5ErEy7WfDmkYL1m/9UddI78lbyNz
u/0QkXtqx7xzv2kCGaP8wo9Fvrb/nYBxCSHJgXArCjPrOQIscXzEHHYYrq/aZpA6
DCfttukxK7t+ucZFHQ58TNeyja1nmQlggdOFEnHbAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUJtxuneQu/FOwY7KAXheM7ZX5r5owHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzU5MjIyOWZjLTA5OTItNDhhNi1iNGQ2LTNhYTVjNWJlZGU3My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2WTANBgkqhkiG9w0BAQsFAAOCAQEAEnoXETu5OhUnuETGoeXl+9rZV8RX
hp6uCBzeg7CSHU9dcciatRSZZrhtikwc/rxD9IxlI7aut1ksO/NCgrtlwePLwYpd
XS+6Ruh6zr4EZ6A//vPBf6mPDkwNHcaI1fn8jqe/peqLIIN773NbjyT05YR+Zzq4
3sKscWG2F8LLeH8stpBCpwPTxJ2+7Fyb3Hk1vDqtb8mfpfHGyUusEoyBWl4WKY01
3va/dJI44xmx/JXrMxujR0Yf2m6k66OmoOXmuPAZYaH3qyDUD7YAGM0vlntXeiel
x8iPt5GtRGcPwUbUJw/E0Q+G5ga0LJsSIDD4/X18QcA1BYpFSYhcnSQILw==
-----END CERTIFICATE-----