Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/acb2d1d9-8eb0-4cde-9774-7fc9a5495886.roa
File:                     acb2d1d9-8eb0-4cde-9774-7fc9a5495886.roa (raw, json)
Hash identifier:          4aGa3UNmWhx3owcFP7Fh2Q7vyo6oMWgvxsGVOj/YtA8=
Subject key identifier:   B4:78:7B:FE:15:93:DE:4B:B8:65:21:9A:2F:0E:95:52:AF:B9:37:48
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5EF15E6BF950E83256B0D2F6E29C2F8D397E8208
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/acb2d1d9-8eb0-4cde-9774-7fc9a5495886.roa
Signing time:             Fri 25 Jul 2025 16:01:26 +0000
ROA not before:           Fri 25 Jul 2025 16:01:26 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        54.166.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:f1:5e:6b:f9:50:e8:32:56:b0:d2:f6:e2:9c:2f:8d:39:7e:82:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 25 16:01:26 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=e0f47ac9c1173c4b3286eaa64a8ea76ddb09da769411f684aea60becc5b9cce5, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:e0:15:54:05:c4:8a:f0:89:cb:e5:c4:b4:33:
                    19:d9:3a:50:29:2f:9e:a9:e5:26:6e:63:2a:90:0d:
                    55:3c:76:72:d0:29:10:5f:1d:ef:79:f0:45:ee:97:
                    2d:50:76:0f:ed:31:27:1f:58:ec:ab:4b:25:64:5c:
                    21:d5:58:5e:a4:05:07:82:88:dd:06:39:80:9c:19:
                    93:ce:9d:0a:71:03:5a:9e:c3:96:2c:23:ca:ef:48:
                    95:87:f3:6d:05:0c:8f:a6:ad:36:27:0e:71:ed:33:
                    aa:71:d4:e7:71:5c:8a:c5:22:89:3b:f1:ff:c9:50:
                    0c:d9:0d:42:29:40:96:65:6a:06:e8:73:5c:42:6e:
                    50:3d:29:65:f7:44:58:52:73:0a:f9:54:f9:76:5f:
                    0e:08:5c:bc:5d:dc:06:fa:b3:ce:fa:48:d5:91:05:
                    ea:52:f0:9f:6e:eb:ee:73:c2:33:cd:86:dc:31:d7:
                    36:ca:9b:de:28:51:53:d9:1e:0d:d1:4b:9b:06:2c:
                    fb:f7:6e:62:7c:01:fe:fc:96:a0:2a:72:4c:60:1f:
                    e0:23:70:34:04:27:88:6c:2a:e1:2c:38:46:52:b1:
                    24:a6:5a:97:e0:96:61:52:11:a8:d8:0d:c0:47:d1:
                    d0:37:24:8e:7c:e9:7f:15:f8:f8:8e:a3:52:a5:50:
                    29:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:78:7B:FE:15:93:DE:4B:B8:65:21:9A:2F:0E:95:52:AF:B9:37:48
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/acb2d1d9-8eb0-4cde-9774-7fc9a5495886.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.166.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         6c:a5:59:51:8f:e9:05:4a:e0:46:b6:1e:b9:5b:21:5b:c4:15:
         e1:39:cb:65:2f:df:f9:10:a5:48:44:41:0d:f1:b0:5d:3b:d2:
         95:10:cd:49:01:73:1c:55:dc:3c:96:cf:a0:87:31:f6:3a:ea:
         4b:20:71:d1:28:0c:03:65:00:be:59:6c:d2:f7:40:b9:60:21:
         19:89:54:fb:f2:2d:40:fe:0c:ae:30:b4:72:e4:de:ce:8c:40:
         33:84:a7:d8:ab:25:51:b7:f5:06:c7:db:8e:78:1e:96:30:85:
         8f:f3:81:5e:5f:d2:06:f3:95:be:19:8c:55:e1:46:6e:6e:84:
         fb:47:62:ec:fb:b3:4a:6a:37:4c:38:d5:03:a7:54:04:06:ec:
         2a:82:51:93:10:6d:2e:8b:4c:dc:63:2a:cd:53:3c:f3:35:07:
         f9:1c:2d:30:b7:71:26:08:9a:fe:ec:db:69:0c:94:ff:de:00:
         82:5a:92:50:4d:fb:f9:f0:8b:d8:ba:a5:ad:ff:93:ac:e9:82:
         c9:41:2c:b8:04:bf:01:c8:cd:86:48:3e:91:02:27:cb:d1:e7:
         95:b5:2c:0f:00:81:21:cd:c0:d1:c3:ab:46:df:de:ce:e9:22:
         a1:0f:f5:97:06:fc:26:b8:5a:e5:c3:48:94:4c:6d:d4:1d:5e:
         a4:31:8d:da
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUXvFea/lQ6DJWsNL24pwvjTl+gggwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI1MTYwMTI2WhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlMGY0N2FjOWMxMTczYzRiMzI4NmVhYTY0YThlYTc2ZGRi
MDlkYTc2OTQxMWY2ODRhZWE2MGJlY2M1YjljY2U1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCx4BVUBcSK8InL5cS0MxnZOlApL56p5SZuYyqQDVU8dnLQ
KRBfHe958EXuly1Qdg/tMScfWOyrSyVkXCHVWF6kBQeCiN0GOYCcGZPOnQpxA1qe
w5YsI8rvSJWH820FDI+mrTYnDnHtM6px1OdxXIrFIok78f/JUAzZDUIpQJZlagbo
c1xCblA9KWX3RFhScwr5VPl2Xw4IXLxd3Ab6s876SNWRBepS8J9u6+5zwjPNhtwx
1zbKm94oUVPZHg3RS5sGLPv3bmJ8Af78lqAqckxgH+AjcDQEJ4hsKuEsOEZSsSSm
WpfglmFSEajYDcBH0dA3JI586X8V+PiOo1KlUClnAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUtHh7/hWT3ku4ZSGaLw6VUq+5N0gwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2FjYjJkMWQ5LThlYjAtNGNkZS05Nzc0LTdmYzlhNTQ5NTg4Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwE2pjANBgkqhkiG9w0BAQsFAAOCAQEAbKVZUY/pBUrgRrYeuVshW8QV4TnL
ZS/f+RClSERBDfGwXTvSlRDNSQFzHFXcPJbPoIcx9jrqSyBx0SgMA2UAvlls0vdA
uWAhGYlU+/ItQP4MrjC0cuTezoxAM4Sn2KslUbf1BsfbjngeljCFj/OBXl/SBvOV
vhmMVeFGbm6E+0di7PuzSmo3TDjVA6dUBAbsKoJRkxBtLotM3GMqzVM88zUH+Rwt
MLdxJgia/uzbaQyU/94AglqSUE37+fCL2Lqlrf+TrOmCyUEsuAS/AcjNhkg+kQIn
y9HnlbUsDwCBIc3A0cOrRt/ezukioQ/1lwb8Jrha5cNIlExt1B1epDGN2g==
-----END CERTIFICATE-----