Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7a61e883-5c5a-4707-a09d-19f8c7294da3.roa
File:                     7a61e883-5c5a-4707-a09d-19f8c7294da3.roa (raw, json)
Hash identifier:          rVdyx3b1i2vSdzEtseW0xfDENXjYoRni/qXB2zmB11k=
Subject key identifier:   B3:10:D3:92:1D:FF:8C:F2:49:80:FE:D2:EE:B6:8A:89:87:1C:A0:F7
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4F89B138F0BE88CBE86838934D4735C46C22C651
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7a61e883-5c5a-4707-a09d-19f8c7294da3.roa
Signing time:             Tue 29 Jul 2025 15:01:20 +0000
ROA not before:           Tue 29 Jul 2025 15:01:20 +0000
ROA not after:            Tue 02 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.156.32.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:89:b1:38:f0:be:88:cb:e8:68:38:93:4d:47:35:c4:6c:22:c6:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 29 15:01:20 2025 GMT
            Not After : Sep  2 23:59:59 2025 GMT
        Subject: serialNumber=eec44755026e4364f5d288eedc84bb743d873aa49f4051228cb69870892adea0, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:5e:c3:42:87:b0:7a:ae:b6:81:be:ec:d3:8a:
                    32:4b:b3:ed:b1:1b:8a:a6:96:f5:87:33:95:81:b3:
                    ed:4c:ae:76:62:51:47:de:04:93:69:9e:01:23:9e:
                    58:98:8a:64:c9:aa:81:4a:c6:27:e5:34:1d:a6:25:
                    96:79:19:b9:b8:78:b4:69:7d:13:3c:28:ef:b9:66:
                    10:73:6a:c4:a8:70:b8:1f:39:e4:b0:61:2c:66:ad:
                    0d:c7:04:01:c8:a4:8a:1b:8b:4a:c9:88:7a:f9:d0:
                    28:0a:ba:9b:4d:38:71:a2:4a:97:9e:2a:4a:b7:d8:
                    01:68:7b:8c:87:93:d3:41:a7:8c:a3:6f:c1:a1:c3:
                    e8:d0:47:92:6f:f6:97:a3:e6:1e:af:0e:ef:97:09:
                    a3:fc:20:54:99:72:fc:f0:19:fa:3a:f0:ab:43:d0:
                    62:02:3a:03:b4:98:2b:b6:a8:1d:20:f0:bd:35:08:
                    98:31:a7:49:f2:df:64:87:e9:21:aa:a7:8c:32:ec:
                    f2:41:a0:e5:98:c3:86:a9:d0:89:91:3d:10:67:d4:
                    4c:b1:f6:d0:81:e0:96:67:ab:50:af:26:20:ce:10:
                    61:93:20:a3:1d:60:30:35:ca:f0:a8:85:4a:8b:a9:
                    7e:64:2f:0c:e1:84:d9:e2:e5:a4:00:74:78:bd:17:
                    23:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:10:D3:92:1D:FF:8C:F2:49:80:FE:D2:EE:B6:8A:89:87:1C:A0:F7
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7a61e883-5c5a-4707-a09d-19f8c7294da3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.156.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         58:5e:e7:01:c8:9b:fb:f6:4f:b0:5a:d7:5b:e2:b4:54:98:05:
         3a:a9:4f:32:83:ae:8a:e1:d9:7c:64:c6:e8:98:ea:2d:a1:5f:
         90:16:04:47:3e:f7:61:47:f4:10:fb:97:d0:e4:8b:17:e0:5e:
         13:bf:21:24:bf:3d:4e:e9:33:75:71:d2:5f:89:e7:21:7c:ed:
         77:0c:c0:61:f8:4f:37:19:83:dd:ac:ec:91:1c:7a:46:0e:ef:
         f4:70:f9:db:53:b7:9c:df:48:04:3c:dd:2f:7d:e6:17:c0:dd:
         0d:70:2c:ca:fe:84:a3:e3:4a:b6:19:1b:49:97:7c:36:58:db:
         a8:89:ea:0b:71:44:cf:c5:ca:50:2b:13:38:ed:cf:2a:b4:0b:
         50:4e:fa:76:e2:f4:d9:db:ea:b7:8d:28:d6:d1:e3:e9:25:ff:
         0b:ee:a4:3a:6c:db:bf:cc:c3:09:da:76:a9:f7:b6:6b:ca:b4:
         2d:8f:b5:35:59:65:12:8f:06:d8:d7:da:bc:53:3b:32:40:32:
         f4:d3:64:f4:4f:1e:c1:e3:7f:a9:eb:dd:09:9b:fc:b2:aa:af:
         bd:e2:8a:65:5f:1e:7c:95:7f:b7:78:7e:66:41:98:57:7b:b6:
         cd:88:1b:2c:54:8f:2a:4e:a0:28:fa:50:cd:c4:da:60:0d:d0:
         04:64:27:ff
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUT4mxOPC+iMvoaDiTTUc1xGwixlEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI5MTUwMTIwWhcNMjUwOTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BlZWM0NDc1NTAyNmU0MzY0ZjVkMjg4ZWVkYzg0YmI3NDNk
ODczYWE0OWY0MDUxMjI4Y2I2OTg3MDg5MmFkZWEwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCkXsNCh7B6rraBvuzTijJLs+2xG4qmlvWHM5WBs+1MrnZi
UUfeBJNpngEjnliYimTJqoFKxiflNB2mJZZ5Gbm4eLRpfRM8KO+5ZhBzasSocLgf
OeSwYSxmrQ3HBAHIpIobi0rJiHr50CgKuptNOHGiSpeeKkq32AFoe4yHk9NBp4yj
b8Ghw+jQR5Jv9pej5h6vDu+XCaP8IFSZcvzwGfo68KtD0GICOgO0mCu2qB0g8L01
CJgxp0ny32SH6SGqp4wy7PJBoOWYw4ap0ImRPRBn1Eyx9tCB4JZnq1CvJiDOEGGT
IKMdYDA1yvCohUqLqX5kLwzhhNni5aQAdHi9FyPXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUsxDTkh3/jPJJgP7S7raKiYccoPcwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzdhNjFlODgzLTVjNWEtNDcwNy1hMDlkLTE5ZjhjNzI5NGRhMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU2nCAwDQYJKoZIhvcNAQELBQADggEBAFhe5wHIm/v2T7Ba11vitFSYBTqp
TzKDrorh2XxkxuiY6i2hX5AWBEc+92FH9BD7l9DkixfgXhO/ISS/PU7pM3Vx0l+J
5yF87XcMwGH4TzcZg92s7JEcekYO7/Rw+dtTt5zfSAQ83S995hfA3Q1wLMr+hKPj
SrYZG0mXfDZY26iJ6gtxRM/FylArEzjtzyq0C1BO+nbi9Nnb6reNKNbR4+kl/wvu
pDps27/Mwwnadqn3tmvKtC2PtTVZZRKPBtjX2rxTOzJAMvTTZPRPHsHjf6nr3Qmb
/LKqr73iimVfHnyVf7d4fmZBmFd7ts2IGyxUjypOoCj6UM3E2mAN0ARkJ/8=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:43:48 2025 by rpki-client