Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d3446807-54fa-46e2-b8d5-9d8328bad7de.roa
File:                     d3446807-54fa-46e2-b8d5-9d8328bad7de.roa (raw, json)
Hash identifier:          qKU+Oh0km1+J65tLnoHKwWGOqgnbezxbLBZEl9x8tkU=
Subject key identifier:   58:63:21:7E:17:37:A3:9F:28:33:7C:14:8A:8D:E0:8E:A3:F4:5F:6D
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6796C77E2BD1A69318EC6BA5482E9D6098001A0A
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d3446807-54fa-46e2-b8d5-9d8328bad7de.roa
Signing time:             Mon 09 Jun 2025 18:51:26 +0000
ROA not before:           Mon 09 Jun 2025 18:51:26 +0000
ROA not after:            Mon 14 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.247.176.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:96:c7:7e:2b:d1:a6:93:18:ec:6b:a5:48:2e:9d:60:98:00:1a:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun  9 18:51:26 2025 GMT
            Not After : Jul 14 23:59:59 2025 GMT
        Subject: serialNumber=c7dace92402d37c9b594309162884fa5ea39881c68872c63b97e622a94ead244, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:fe:ea:27:2e:f7:03:6b:d8:73:9a:e3:c1:7b:
                    ad:0c:d4:c2:4d:6c:0c:60:04:c3:e0:63:ae:b3:17:
                    35:f4:14:04:b6:40:f0:42:af:70:48:37:5e:65:a5:
                    15:ea:12:0c:3e:16:d9:ef:80:ce:14:a6:0c:4c:eb:
                    99:21:6e:2b:f7:a8:0a:29:49:dc:7d:f0:82:c1:0f:
                    63:94:fb:a3:ee:6d:37:be:65:54:e9:31:36:55:91:
                    9e:aa:bd:fd:be:b3:d3:5c:6b:7b:4f:6a:a6:7b:2e:
                    a6:2f:f3:69:53:9c:6a:76:61:0b:74:b8:3e:4b:fe:
                    d8:f4:46:8e:70:6e:23:9e:35:57:b5:29:09:23:6e:
                    89:de:2b:a9:be:53:35:2d:3d:83:dd:16:80:4f:60:
                    5a:d5:a2:fb:1a:bd:9c:26:f9:c7:ec:7f:6f:cd:e6:
                    62:41:c6:c5:10:2c:e8:eb:90:a1:84:82:c1:93:b4:
                    8c:a2:a2:16:4a:2a:30:db:cc:16:2b:eb:d1:e6:ea:
                    0d:a7:7e:bf:a7:f9:11:2b:4d:86:d4:42:f5:a5:f3:
                    8e:4b:6f:37:d6:9d:46:d2:9b:9d:fd:c5:08:17:94:
                    0f:36:08:c6:2e:4d:cc:fb:5e:94:22:1f:77:f3:6f:
                    5f:67:6d:b9:5e:3e:69:86:5a:6d:b2:fc:07:6f:1a:
                    cd:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:63:21:7E:17:37:A3:9F:28:33:7C:14:8A:8D:E0:8E:A3:F4:5F:6D
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d3446807-54fa-46e2-b8d5-9d8328bad7de.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.247.176.0/20

    Signature Algorithm: sha256WithRSAEncryption
         4b:30:23:83:ea:4d:a2:b8:96:4e:10:62:2b:cf:b4:51:2d:79:
         d1:db:44:79:a4:d2:b5:f6:d6:f9:12:ae:57:d2:bd:5b:33:27:
         e3:c4:b0:2c:df:03:80:88:84:0b:00:40:7e:60:fe:6e:2a:38:
         5d:52:fd:e7:92:f9:3b:a6:f1:7f:62:57:48:58:41:07:49:a4:
         72:8f:08:91:2d:c7:ca:74:35:70:7e:3b:e9:b3:73:45:3c:1c:
         57:88:c5:e1:04:15:a5:2f:e8:50:56:02:67:62:08:a4:3e:1a:
         8c:4c:a9:e1:b2:3c:d8:c3:a4:1e:c0:5b:a5:83:e4:ea:82:9d:
         25:fe:07:33:b7:22:a2:b1:8d:d0:ad:ae:0b:7a:2e:c9:94:a1:
         fb:7b:a3:af:c6:e7:18:cb:d9:b3:60:11:37:1b:28:b6:c2:d4:
         5c:90:6c:ed:c2:04:74:13:3c:a8:cb:42:49:a8:cf:d5:3b:e5:
         f0:1e:b8:3b:27:63:8f:e3:c5:d3:64:aa:8a:d2:25:6c:67:89:
         fb:90:ff:9c:ec:77:71:f9:5e:d1:6e:78:64:85:44:16:6d:0e:
         d6:44:0e:26:8f:0b:e3:00:e8:30:f5:17:72:63:73:26:5e:29:
         a8:29:35:e7:90:e1:a0:b4:6c:c1:e7:db:28:5a:70:43:62:d3:
         95:4e:e7:ae
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZ5bHfivRppMY7GulSC6dYJgAGgowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNjA5MTg1MTI2WhcNMjUwNzE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BjN2RhY2U5MjQwMmQzN2M5YjU5NDMwOTE2Mjg4NGZhNWVh
Mzk4ODFjNjg4NzJjNjNiOTdlNjIyYTk0ZWFkMjQ0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDI/uonLvcDa9hzmuPBe60M1MJNbAxgBMPgY66zFzX0FAS2
QPBCr3BIN15lpRXqEgw+FtnvgM4UpgxM65khbiv3qAopSdx98ILBD2OU+6PubTe+
ZVTpMTZVkZ6qvf2+s9Nca3tPaqZ7LqYv82lTnGp2YQt0uD5L/tj0Ro5wbiOeNVe1
KQkjboneK6m+UzUtPYPdFoBPYFrVovsavZwm+cfsf2/N5mJBxsUQLOjrkKGEgsGT
tIyiohZKKjDbzBYr69Hm6g2nfr+n+RErTYbUQvWl845LbzfWnUbSm539xQgXlA82
CMYuTcz7XpQiH3fzb19nbblePmmGWm2y/AdvGs2FAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUWGMhfhc3o58oM3wUio3gjqP0X20wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2QzNDQ2ODA3LTU0ZmEtNDZlMi1iOGQ1LTlkODMyOGJhZDdkZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQ297AwDQYJKoZIhvcNAQELBQADggEBAEswI4PqTaK4lk4QYivPtFEtedHb
RHmk0rX21vkSrlfSvVszJ+PEsCzfA4CIhAsAQH5g/m4qOF1S/eeS+Tum8X9iV0hY
QQdJpHKPCJEtx8p0NXB+O+mzc0U8HFeIxeEEFaUv6FBWAmdiCKQ+GoxMqeGyPNjD
pB7AW6WD5OqCnSX+BzO3IqKxjdCtrgt6LsmUoft7o6/G5xjL2bNgETcbKLbC1FyQ
bO3CBHQTPKjLQkmoz9U75fAeuDsnY4/jxdNkqorSJWxnifuQ/5zsd3H5XtFueGSF
RBZtDtZEDiaPC+MA6DD1F3JjcyZeKagpNeeQ4aC0bMHn2yhacENi05VO564=
-----END CERTIFICATE-----