Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8d5989d2-9987-4ecd-b5dd-0c3c12c78aa2.roa
File:                     8d5989d2-9987-4ecd-b5dd-0c3c12c78aa2.roa (raw, json)
Hash identifier:          kii/ysnW4b2ml4qyIuBsqaKu8pbjYwTPH4V4jpLIjrs=
Subject key identifier:   97:01:97:4B:4A:33:4C:C0:97:1C:68:D4:72:7F:80:3D:63:F1:E1:D4
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0D68ED8B65D3AEC2225D6C9DF5DE51373B7ADA38
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8d5989d2-9987-4ecd-b5dd-0c3c12c78aa2.roa
Signing time:             Tue 29 Jul 2025 15:21:55 +0000
ROA not before:           Tue 29 Jul 2025 15:21:55 +0000
ROA not after:            Tue 02 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.153.0.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:68:ed:8b:65:d3:ae:c2:22:5d:6c:9d:f5:de:51:37:3b:7a:da:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 29 15:21:55 2025 GMT
            Not After : Sep  2 23:59:59 2025 GMT
        Subject: serialNumber=c76c02e27c9232dd4f7ece2435d60ae96906aed8a571c64ae9e5a2340821a30f, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ad:7f:de:5d:0d:3f:d3:ec:74:c8:e9:6a:2b:
                    16:da:49:58:3b:e7:15:8b:75:8a:87:d8:1a:04:ee:
                    14:e6:19:41:95:aa:f4:46:cd:19:cf:ac:98:c9:57:
                    00:e9:12:21:f3:10:74:93:da:3a:62:34:84:e3:7a:
                    8c:94:22:21:b2:b5:7c:25:0d:8e:6b:77:1e:d2:f0:
                    39:8f:3c:26:42:43:7a:f0:1e:18:d7:9a:4b:a0:80:
                    71:e5:3a:60:82:92:4e:5b:24:3c:64:f3:0b:5c:6f:
                    62:25:d9:0c:54:89:b9:4c:fe:bb:b1:92:67:d5:2f:
                    df:5d:a1:d4:14:73:93:01:14:6a:4c:86:b4:54:83:
                    ff:09:34:07:46:de:bf:f1:42:df:98:4c:84:d7:95:
                    4e:60:eb:ec:e5:2f:e2:a0:1e:ed:9e:c6:d3:25:e5:
                    f7:97:8d:2e:0c:d3:66:8d:cb:52:de:10:8f:e4:53:
                    cc:4b:57:09:47:88:cc:ae:c8:88:d3:b6:f3:01:44:
                    3f:8c:e1:86:bf:28:12:c5:96:21:af:dd:d2:05:17:
                    d3:48:65:b2:4b:81:37:66:c0:eb:70:0a:91:f3:66:
                    19:2f:8f:8c:6f:ee:45:e6:63:94:00:4e:e2:5f:f5:
                    aa:55:cf:59:4a:05:a4:af:ca:d1:80:bc:27:40:1e:
                    a7:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:01:97:4B:4A:33:4C:C0:97:1C:68:D4:72:7F:80:3D:63:F1:E1:D4
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8d5989d2-9987-4ecd-b5dd-0c3c12c78aa2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.153.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         05:3c:5d:e0:71:da:77:fa:4e:a8:9b:f1:49:f4:98:d8:83:79:
         39:ca:37:6f:69:a3:30:e9:4c:4d:40:21:30:73:14:8a:30:2e:
         70:41:a4:f1:97:74:07:18:79:e6:3a:b9:67:e7:fe:d6:ce:a3:
         17:48:80:45:b8:f7:9f:f6:41:0b:6c:cd:1b:d3:b5:67:e7:6b:
         6a:6f:cb:e8:db:57:a1:d5:80:33:04:7e:53:fc:1f:3b:67:15:
         ef:1c:19:03:0d:5e:d7:b5:35:2f:30:19:13:02:d5:e2:82:96:
         98:01:a0:55:07:ea:d7:12:2d:19:9b:ca:37:72:8c:47:1b:31:
         44:6b:ad:9d:ad:bf:cb:a2:47:65:74:99:3c:41:3b:ab:07:a7:
         c8:b9:d6:a5:42:ec:a6:be:be:a1:43:15:b9:8d:e5:63:d5:89:
         07:9f:7f:a6:f2:d8:6d:87:3e:80:62:12:a5:4c:19:d9:ff:6a:
         37:22:b1:35:8c:0a:12:65:d5:05:c7:71:37:4e:1d:f8:76:8b:
         a2:99:39:7c:4f:7f:83:94:8b:a0:2b:ea:c2:2c:88:c3:de:03:
         26:ea:88:5f:e0:b0:53:7d:64:97:c8:01:ac:02:9d:5e:ea:46:
         dd:e0:2a:4d:0e:eb:b2:1b:b2:89:32:cf:05:64:e8:34:01:ed:
         a8:0e:8e:7d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDWjti2XTrsIiXWyd9d5RNzt62jgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI5MTUyMTU1WhcNMjUwOTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNzZjMDJlMjdjOTIzMmRkNGY3ZWNlMjQzNWQ2MGFlOTY5
MDZhZWQ4YTU3MWM2NGFlOWU1YTIzNDA4MjFhMzBmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6rX/eXQ0/0+x0yOlqKxbaSVg75xWLdYqH2BoE7hTmGUGV
qvRGzRnPrJjJVwDpEiHzEHST2jpiNITjeoyUIiGytXwlDY5rdx7S8DmPPCZCQ3rw
HhjXmkuggHHlOmCCkk5bJDxk8wtcb2Il2QxUiblM/ruxkmfVL99dodQUc5MBFGpM
hrRUg/8JNAdG3r/xQt+YTITXlU5g6+zlL+KgHu2extMl5feXjS4M02aNy1LeEI/k
U8xLVwlHiMyuyIjTtvMBRD+M4Ya/KBLFliGv3dIFF9NIZbJLgTdmwOtwCpHzZhkv
j4xv7kXmY5QATuJf9apVz1lKBaSvytGAvCdAHqcDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUlwGXS0ozTMCXHGjUcn+APWPx4dQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzhkNTk4OWQyLTk5ODctNGVjZC1iNWRkLTBjM2MxMmM3OGFhMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAc2mQAwDQYJKoZIhvcNAQELBQADggEBAAU8XeBx2nf6Tqib8Un0mNiDeTnK
N29pozDpTE1AITBzFIowLnBBpPGXdAcYeeY6uWfn/tbOoxdIgEW495/2QQtszRvT
tWfna2pvy+jbV6HVgDMEflP8HztnFe8cGQMNXte1NS8wGRMC1eKClpgBoFUH6tcS
LRmbyjdyjEcbMURrrZ2tv8uiR2V0mTxBO6sHp8i51qVC7Ka+vqFDFbmN5WPViQef
f6by2G2HPoBiEqVMGdn/ajcisTWMChJl1QXHcTdOHfh2i6KZOXxPf4OUi6Ar6sIs
iMPeAybqiF/gsFN9ZJfIAawCnV7qRt3gKk0O67IbsokyzwVk6DQB7agOjn0=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:38:21 2025 by rpki-client