Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bed5c1f0-a446-4c7a-ace9-206cba43d6b5.roa
File:                     bed5c1f0-a446-4c7a-ace9-206cba43d6b5.roa (raw, json)
Hash identifier:          d8GeCpidpGz+YBYUDTB4ekU8azE0VRyC3r5RKHgssP0=
Subject key identifier:   E2:DA:CF:6E:92:22:20:CF:7D:5B:56:AC:76:20:F9:75:5D:73:2A:BA
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       39C7B9DA7BF8375AE07411EC45AFD62837EB46FA
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bed5c1f0-a446-4c7a-ace9-206cba43d6b5.roa
Signing time:             Tue 03 Jun 2025 16:00:53 +0000
ROA not before:           Tue 03 Jun 2025 16:00:53 +0000
ROA not after:            Tue 08 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.184.0.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:c7:b9:da:7b:f8:37:5a:e0:74:11:ec:45:af:d6:28:37:eb:46:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun  3 16:00:53 2025 GMT
            Not After : Jul  8 23:59:59 2025 GMT
        Subject: serialNumber=1949271ff857101f60f0e1e0f5775ce5323e8242d6537597ff8a2d5ad421e89d, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:95:dc:e2:33:e6:3e:3e:49:81:49:7c:1d:c1:
                    83:c1:00:56:b3:21:b3:5a:38:03:cd:c9:c2:42:63:
                    8c:1b:2a:21:2c:f1:dd:fb:b8:a6:91:ce:f2:ca:8c:
                    27:e7:8f:7d:d1:f4:72:92:2b:a9:f5:0c:45:bb:9d:
                    eb:e7:b3:fa:f2:b1:f6:b8:3d:7d:4e:96:a7:10:00:
                    18:8c:68:b5:b7:40:38:ac:6b:e8:40:dd:76:4c:ac:
                    17:53:1d:18:4f:ad:97:a6:16:fd:c0:28:1e:74:c7:
                    f8:2d:05:53:8f:67:e1:cc:54:e0:c4:0e:4e:d3:72:
                    e7:40:1d:79:3b:5f:b9:2a:70:b2:30:b3:54:54:22:
                    f1:d4:2a:d5:ca:4d:86:3c:ea:c0:4f:9f:5b:b1:6b:
                    80:d8:e6:fa:24:88:14:eb:43:e9:f0:63:4e:76:27:
                    05:69:20:8a:47:b4:ac:30:13:61:c7:00:c3:ab:dd:
                    3a:45:5e:8c:50:47:8e:c9:a9:80:a9:97:c9:42:f1:
                    9e:bb:c3:80:41:93:e3:46:b1:3c:41:da:a6:c1:43:
                    1b:d5:50:49:13:72:7e:a7:1a:f0:c3:70:f7:69:ec:
                    7c:f8:84:c5:c9:27:ed:d7:51:4b:59:e6:02:e2:d3:
                    0b:f3:4c:61:24:4a:77:cd:b9:18:3f:42:f7:50:a8:
                    6a:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:DA:CF:6E:92:22:20:CF:7D:5B:56:AC:76:20:F9:75:5D:73:2A:BA
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bed5c1f0-a446-4c7a-ace9-206cba43d6b5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.184.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         52:ee:8d:84:64:a5:81:af:97:27:a2:ad:5f:4f:a2:57:28:b7:
         04:e3:40:63:35:c9:dd:d4:d1:39:89:1c:c9:4a:32:d3:74:28:
         8b:2c:d9:f5:f4:7b:49:9e:52:51:7b:c4:b3:05:44:19:13:06:
         d7:af:4b:01:b0:44:46:1b:51:58:7d:4f:33:6d:db:a3:8f:52:
         34:29:25:50:d3:4a:8c:f6:72:74:55:6b:af:5b:ac:57:19:87:
         80:78:f0:13:49:1a:d1:b8:bd:d7:4e:59:c2:1a:eb:6d:14:f6:
         57:03:d1:62:d4:3c:09:35:77:da:6c:77:d0:1f:ff:ee:3a:d6:
         9b:57:42:76:1e:84:f5:18:5f:fd:f8:4d:a0:b6:e1:00:66:a0:
         a1:c3:49:8a:32:72:1e:cf:d5:b0:6a:26:13:5e:76:11:7d:7d:
         46:e3:3e:e0:a8:1c:2d:eb:92:e4:80:6e:a5:36:06:f3:36:0b:
         ee:c2:7e:22:c8:fa:65:b8:39:fb:6c:ec:27:d6:61:d8:22:b4:
         cd:b4:f4:08:96:56:8a:6a:87:67:2b:f5:57:c0:0e:6e:5d:33:
         32:00:4d:23:31:8f:f8:9e:fd:4f:da:8b:bd:1f:cd:dc:e9:d9:
         70:b4:2c:d3:40:12:aa:55:e6:62:09:ff:3e:8d:16:b7:7e:48:
         e4:67:26:0f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOce52nv4N1rgdBHsRa/WKDfrRvowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNjAzMTYwMDUzWhcNMjUwNzA4MjM1OTU5
WjB6MUkwRwYDVQQFE0AxOTQ5MjcxZmY4NTcxMDFmNjBmMGUxZTBmNTc3NWNlNTMy
M2U4MjQyZDY1Mzc1OTdmZjhhMmQ1YWQ0MjFlODlkMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDpldziM+Y+PkmBSXwdwYPBAFazIbNaOAPNycJCY4wbKiEs
8d37uKaRzvLKjCfnj33R9HKSK6n1DEW7nevns/rysfa4PX1OlqcQABiMaLW3QDis
a+hA3XZMrBdTHRhPrZemFv3AKB50x/gtBVOPZ+HMVODEDk7TcudAHXk7X7kqcLIw
s1RUIvHUKtXKTYY86sBPn1uxa4DY5vokiBTrQ+nwY052JwVpIIpHtKwwE2HHAMOr
3TpFXoxQR47JqYCpl8lC8Z67w4BBk+NGsTxB2qbBQxvVUEkTcn6nGvDDcPdp7Hz4
hMXJJ+3XUUtZ5gLi0wvzTGEkSnfNuRg/QvdQqGrpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4trPbpIiIM99W1asdiD5dV1zKrowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2JlZDVjMWYwLWE0NDYtNGM3YS1hY2U5LTIwNmNiYTQzZDZiNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAY2uAAwDQYJKoZIhvcNAQELBQADggEBAFLujYRkpYGvlyeirV9PolcotwTj
QGM1yd3U0TmJHMlKMtN0KIss2fX0e0meUlF7xLMFRBkTBtevSwGwREYbUVh9TzNt
26OPUjQpJVDTSoz2cnRVa69brFcZh4B48BNJGtG4vddOWcIa620U9lcD0WLUPAk1
d9psd9Af/+461ptXQnYehPUYX/34TaC24QBmoKHDSYoych7P1bBqJhNedhF9fUbj
PuCoHC3rkuSAbqU2BvM2C+7CfiLI+mW4Ofts7CfWYdgitM209AiWVopqh2cr9VfA
Dm5dMzIATSMxj/ie/U/ai70fzdzp2XC0LNNAEqpV5mIJ/z6NFrd+SORnJg8=
-----END CERTIFICATE-----