Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a0e2a2b7-9f23-4ebe-aefd-803cc1a98db6.roa
File:                     a0e2a2b7-9f23-4ebe-aefd-803cc1a98db6.roa (raw, json)
Hash identifier:          5qWlTCA1Z+8W+DgL7f9NQMJ4NrJLbwlUgrdnnYOZCe4=
Subject key identifier:   DD:72:BA:4F:8D:B9:3A:72:2F:56:9A:80:81:C5:E4:00:EC:24:AF:94
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       436CA616679D251F80DAB4FFFDFDAE2B66939928
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a0e2a2b7-9f23-4ebe-aefd-803cc1a98db6.roa
Signing time:             Tue 03 Jun 2025 16:10:13 +0000
ROA not before:           Tue 03 Jun 2025 16:10:13 +0000
ROA not after:            Tue 08 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.179.0.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:6c:a6:16:67:9d:25:1f:80:da:b4:ff:fd:fd:ae:2b:66:93:99:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun  3 16:10:13 2025 GMT
            Not After : Jul  8 23:59:59 2025 GMT
        Subject: serialNumber=a4c5ee80eb8b4cef1e0f0d53046ad0fa8ff50ba2bc6f6ac0c21420cace5861df, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:03:78:17:f0:7d:e8:ff:fd:d3:a7:ca:1e:f8:
                    e0:ae:ff:53:e7:a2:36:c0:59:ab:59:3e:24:e6:60:
                    ce:23:13:85:4d:b4:04:ad:47:fe:45:d5:84:6a:e6:
                    f1:60:8e:3a:35:ec:a5:f1:1f:3b:91:b3:58:33:61:
                    80:49:34:ff:d7:5e:29:45:fd:60:fe:72:b5:63:b4:
                    dc:a2:18:58:18:2c:f4:e2:63:c4:9f:59:94:61:fe:
                    08:98:ff:a8:c8:6b:30:b6:fa:f2:50:77:ec:a2:ff:
                    1e:c5:f5:03:6a:97:c7:dc:73:e2:8d:61:54:92:70:
                    3a:84:12:31:dd:e6:a2:f8:f1:ca:93:df:cb:88:82:
                    60:72:63:e0:2a:f7:5e:72:0c:1e:62:ae:cc:8a:2a:
                    b7:de:f8:ff:43:1e:ba:03:be:7b:89:8f:dc:c3:21:
                    cf:9c:61:93:a8:ea:e2:9e:45:03:5c:5f:43:70:8c:
                    12:c8:28:7d:8e:f2:25:08:b4:9d:2c:ca:e5:1b:7c:
                    52:a9:d3:a2:8f:b0:68:74:93:bb:f0:b9:5c:01:b0:
                    c3:41:64:02:61:4f:7c:5c:0d:98:41:7c:41:97:24:
                    39:24:ed:68:37:30:6e:07:47:8d:f4:79:49:dc:7e:
                    38:cb:21:10:e9:ac:6f:44:2a:5f:f6:0e:3a:ce:70:
                    29:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:72:BA:4F:8D:B9:3A:72:2F:56:9A:80:81:C5:E4:00:EC:24:AF:94
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a0e2a2b7-9f23-4ebe-aefd-803cc1a98db6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.179.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         93:9f:1d:56:30:6c:ea:19:2c:bf:fb:a0:ef:97:76:25:84:87:
         0c:61:7a:a4:14:c3:17:03:6f:5f:c9:4e:b8:ae:19:ff:44:fa:
         99:2b:94:8f:dc:5e:24:14:42:a6:b2:ff:90:54:db:0b:99:05:
         a2:5d:7b:c8:c7:d7:d3:f8:28:71:3e:70:f7:37:71:e5:6d:a3:
         48:16:50:3f:75:e9:46:fe:10:af:3a:a8:c7:98:96:e5:ef:e1:
         7c:c2:06:e6:85:b1:51:10:2c:9e:f2:49:26:b1:88:ba:1e:41:
         03:e0:26:9d:09:bd:f7:64:9e:b6:62:9f:4e:ff:47:98:44:5f:
         24:7f:5a:99:49:dd:2f:af:45:ef:d9:87:37:89:12:51:b7:83:
         81:c2:87:a0:21:14:6d:fc:1f:54:77:ee:5c:09:8d:87:98:77:
         f4:49:35:a2:92:b1:df:ea:6a:98:4b:ed:aa:3c:50:6f:18:83:
         27:be:76:56:7a:26:29:33:6c:8b:08:5a:ce:bf:59:57:59:98:
         ed:4e:a3:52:f8:2b:12:6d:90:74:6d:b5:19:e4:f8:66:73:32:
         6f:a0:e2:56:c6:10:f6:58:cf:5c:f9:bf:89:57:28:d2:51:c3:
         d2:95:01:f8:86:3d:91:56:d8:99:a2:20:6b:27:98:e6:f2:93:
         75:39:d5:ad
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQ2ymFmedJR+A2rT//f2uK2aTmSgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNjAzMTYxMDEzWhcNMjUwNzA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNGM1ZWU4MGViOGI0Y2VmMWUwZjBkNTMwNDZhZDBmYThm
ZjUwYmEyYmM2ZjZhYzBjMjE0MjBjYWNlNTg2MWRmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4A3gX8H3o//3Tp8oe+OCu/1PnojbAWatZPiTmYM4jE4VN
tAStR/5F1YRq5vFgjjo17KXxHzuRs1gzYYBJNP/XXilF/WD+crVjtNyiGFgYLPTi
Y8SfWZRh/giY/6jIazC2+vJQd+yi/x7F9QNql8fcc+KNYVSScDqEEjHd5qL48cqT
38uIgmByY+Aq915yDB5irsyKKrfe+P9DHroDvnuJj9zDIc+cYZOo6uKeRQNcX0Nw
jBLIKH2O8iUItJ0syuUbfFKp06KPsGh0k7vwuVwBsMNBZAJhT3xcDZhBfEGXJDkk
7Wg3MG4HR430eUncfjjLIRDprG9EKl/2DjrOcClnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3XK6T425OnIvVpqAgcXkAOwkr5QwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2EwZTJhMmI3LTlmMjMtNGViZS1hZWZkLTgwM2NjMWE5OGRiNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAc2swAwDQYJKoZIhvcNAQELBQADggEBAJOfHVYwbOoZLL/7oO+XdiWEhwxh
eqQUwxcDb1/JTriuGf9E+pkrlI/cXiQUQqay/5BU2wuZBaJde8jH19P4KHE+cPc3
ceVto0gWUD916Ub+EK86qMeYluXv4XzCBuaFsVEQLJ7ySSaxiLoeQQPgJp0Jvfdk
nrZin07/R5hEXyR/WplJ3S+vRe/ZhzeJElG3g4HCh6AhFG38H1R37lwJjYeYd/RJ
NaKSsd/qaphL7ao8UG8Ygye+dlZ6JikzbIsIWs6/WVdZmO1Oo1L4KxJtkHRttRnk
+GZzMm+g4lbGEPZYz1z5v4lXKNJRw9KVAfiGPZFW2JmiIGsnmObyk3U51a0=
-----END CERTIFICATE-----