Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a0a429e3-e7ff-4211-b53b-efbdce5fb3a8.roa
File:                     a0a429e3-e7ff-4211-b53b-efbdce5fb3a8.roa (raw, json)
Hash identifier:          tZJaNND39RH4BsftLTdIAkK5j0ExSAWCw8jVEsWjRrQ=
Subject key identifier:   04:5E:29:62:3D:09:1A:7F:31:B2:E7:80:2C:6B:21:C4:BA:8B:42:EF
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4EFB46EBAD1126232D86DF4A8ECC2FEDD5AC581C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a0a429e3-e7ff-4211-b53b-efbdce5fb3a8.roa
Signing time:             Tue 29 Jul 2025 15:41:04 +0000
ROA not before:           Tue 29 Jul 2025 15:41:04 +0000
ROA not after:            Tue 02 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.203.248.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:fb:46:eb:ad:11:26:23:2d:86:df:4a:8e:cc:2f:ed:d5:ac:58:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 29 15:41:04 2025 GMT
            Not After : Sep  2 23:59:59 2025 GMT
        Subject: serialNumber=aefcd60a27c71e5accdf8f37d4e74ab57f2e05023dd730da6ecce5dff468b528, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:cb:8c:7b:80:6d:ac:a0:14:51:b5:09:40:92:
                    69:cc:92:6d:27:8c:f6:7c:a1:e5:5e:53:df:fa:f1:
                    49:65:0f:93:7d:45:97:c9:cc:82:3c:0c:c8:68:d9:
                    47:35:34:c1:02:a7:f3:f0:b4:ef:ad:fe:6c:c8:36:
                    d1:db:d6:5a:7e:b4:3c:35:1b:70:5f:86:f6:58:ea:
                    25:e6:de:8f:7e:34:84:b3:e8:95:ed:d4:36:dc:62:
                    03:3b:45:99:43:9a:bb:7d:42:19:0a:23:f6:c0:76:
                    e8:ae:49:83:50:94:ca:69:b8:07:5b:3e:fa:0c:9a:
                    39:0b:94:cf:26:9f:8b:87:9c:b9:d4:cd:ed:64:1f:
                    fc:d9:cf:cf:cd:1d:18:86:61:a7:b8:01:53:09:6a:
                    9b:09:56:a8:d4:9d:ba:d4:de:65:c1:df:c2:81:86:
                    4c:d4:17:d0:40:7b:02:b4:5c:a0:29:ac:25:27:c0:
                    39:f0:6d:78:5d:0d:b8:25:30:81:05:bf:af:d0:a7:
                    ba:50:d3:d5:a9:59:31:47:49:a1:77:99:b1:68:0a:
                    f4:df:1e:11:ba:e6:6c:25:fb:5f:09:99:49:3e:b0:
                    35:17:2f:7d:53:b6:6d:83:df:39:51:0f:7a:35:57:
                    2f:50:f3:76:e2:a9:b0:af:7e:cd:b3:e0:75:02:01:
                    28:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:5E:29:62:3D:09:1A:7F:31:B2:E7:80:2C:6B:21:C4:BA:8B:42:EF
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a0a429e3-e7ff-4211-b53b-efbdce5fb3a8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.203.248.0/21

    Signature Algorithm: sha256WithRSAEncryption
         30:f0:88:e5:96:79:3d:5f:78:b0:81:97:37:cc:ee:55:25:da:
         49:12:26:a9:6f:44:1b:16:74:dd:74:72:53:a7:a9:28:e5:2e:
         cf:bb:15:9f:30:ef:4a:dc:f4:6b:0e:36:03:ac:24:b1:0d:d0:
         ed:13:e1:bd:23:da:1f:0e:4b:e7:50:99:41:ff:c6:06:a6:e0:
         9e:34:f6:53:9a:56:ab:54:00:1a:d3:d5:2e:9c:87:67:6e:61:
         8e:7f:94:8e:1f:24:dd:4b:7a:25:4e:65:2a:ff:95:72:66:98:
         12:f8:1b:7b:9b:a8:02:d3:05:a3:24:d9:5a:2f:b5:10:49:aa:
         1e:c9:43:39:54:c7:bd:c5:b7:da:f0:b0:2b:f6:f7:e3:8b:18:
         60:fc:be:92:f4:12:ad:cb:3d:89:a7:f8:6d:78:eb:89:bc:11:
         e4:9b:96:45:18:fe:8c:6d:90:83:c3:a8:35:b9:e1:e3:99:9e:
         dc:41:71:8a:f8:bb:5d:53:59:eb:dc:82:ec:68:5d:19:ee:73:
         54:d1:72:50:a3:a3:88:0b:a2:1b:10:ba:84:25:96:59:7c:60:
         ec:ee:2a:89:fb:9e:d2:d8:0d:a4:6a:12:86:55:85:8b:a0:88:
         59:66:97:83:6c:18:05:c3:d8:30:3e:d0:79:41:aa:b3:81:26:
         7d:94:f3:7b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTvtG660RJiMtht9Kjswv7dWsWBwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI5MTU0MTA0WhcNMjUwOTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhZWZjZDYwYTI3YzcxZTVhY2NkZjhmMzdkNGU3NGFiNTdm
MmUwNTAyM2RkNzMwZGE2ZWNjZTVkZmY0NjhiNTI4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9y4x7gG2soBRRtQlAkmnMkm0njPZ8oeVeU9/68UllD5N9
RZfJzII8DMho2Uc1NMECp/PwtO+t/mzINtHb1lp+tDw1G3BfhvZY6iXm3o9+NISz
6JXt1DbcYgM7RZlDmrt9QhkKI/bAduiuSYNQlMppuAdbPvoMmjkLlM8mn4uHnLnU
ze1kH/zZz8/NHRiGYae4AVMJapsJVqjUnbrU3mXB38KBhkzUF9BAewK0XKAprCUn
wDnwbXhdDbglMIEFv6/Qp7pQ09WpWTFHSaF3mbFoCvTfHhG65mwl+18JmUk+sDUX
L31Ttm2D3zlRD3o1Vy9Q83biqbCvfs2z4HUCASiFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBF4pYj0JGn8xsueALGshxLqLQu8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2EwYTQyOWUzLWU3ZmYtNDIxMS1iNTNiLWVmYmRjZTVmYjNhOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAM2y/gwDQYJKoZIhvcNAQELBQADggEBADDwiOWWeT1feLCBlzfM7lUl2kkS
JqlvRBsWdN10clOnqSjlLs+7FZ8w70rc9GsONgOsJLEN0O0T4b0j2h8OS+dQmUH/
xgam4J409lOaVqtUABrT1S6ch2duYY5/lI4fJN1LeiVOZSr/lXJmmBL4G3ubqALT
BaMk2VovtRBJqh7JQzlUx73Ft9rwsCv29+OLGGD8vpL0Eq3LPYmn+G1464m8EeSb
lkUY/oxtkIPDqDW54eOZntxBcYr4u11TWevcguxoXRnuc1TRclCjo4gLohsQuoQl
lll8YOzuKon7ntLYDaRqEoZVhYugiFlml4NsGAXD2DA+0HlBqrOBJn2U83s=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:44:11 2025 by rpki-client