Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d9bda163-e4c4-4a0b-a17b-80c77fecb3d5.roa
File:                     d9bda163-e4c4-4a0b-a17b-80c77fecb3d5.roa (raw, json)
Hash identifier:          WltWQ7w2/99C4kR4yCXOZvtzUhRuT8vw6afH+/O9PvM=
Subject key identifier:   C8:99:4D:BB:B5:E2:29:9A:E6:AE:19:97:22:07:6B:68:4C:93:32:FE
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0F0CEB83F0C05C8A8FEBDD3A6DC65B1D722867B8
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d9bda163-e4c4-4a0b-a17b-80c77fecb3d5.roa
Signing time:             Tue 29 Jul 2025 16:51:36 +0000
ROA not before:           Tue 29 Jul 2025 16:51:36 +0000
ROA not after:            Tue 02 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        54.237.192.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:0c:eb:83:f0:c0:5c:8a:8f:eb:dd:3a:6d:c6:5b:1d:72:28:67:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 29 16:51:36 2025 GMT
            Not After : Sep  2 23:59:59 2025 GMT
        Subject: serialNumber=d789dc32dc422dcbc15dde01d0f010785a0f5f03acb8090ad7f276968a9cc759, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:5c:2f:f4:66:18:8c:14:98:a0:b0:d1:be:d1:
                    73:01:4c:72:24:c2:0b:aa:40:6a:71:3e:d4:f6:cb:
                    3d:d7:04:6c:2d:bb:0c:3c:8d:f0:3e:98:fe:dd:d2:
                    70:45:dd:6c:36:f3:b3:08:0d:3d:88:92:11:b4:cd:
                    0a:6d:a3:5d:83:c2:ac:a2:52:7a:33:d8:55:d4:e7:
                    03:d2:09:0a:90:6f:f3:2e:2e:fc:da:a7:5f:dd:98:
                    2d:cc:a2:33:a0:43:fe:5e:41:86:4b:ef:43:6d:63:
                    f8:7d:8b:22:b5:74:7c:07:ae:94:76:cd:56:a1:58:
                    5c:98:70:05:95:71:50:69:5c:c9:28:d7:6d:07:ec:
                    a7:b6:18:88:0d:ae:8a:64:d9:c5:5b:75:13:d6:df:
                    d8:8b:b4:a1:5c:8b:e6:3a:bc:4b:70:d8:d3:47:1d:
                    b4:ca:a0:8b:80:b9:93:0d:8a:76:8c:d1:4d:3d:af:
                    a2:f7:52:6e:28:0c:a9:fc:61:17:a1:81:93:e0:f0:
                    e8:cd:6e:a1:da:87:a8:10:0d:ee:46:e9:5e:0f:10:
                    ba:06:b5:47:b6:28:99:22:67:71:9d:21:22:18:8e:
                    22:9c:75:47:03:ef:8b:1e:8c:b0:6e:96:58:b2:92:
                    9d:cb:4a:16:d5:3d:50:88:a5:bc:ba:5d:85:60:f0:
                    e3:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:99:4D:BB:B5:E2:29:9A:E6:AE:19:97:22:07:6B:68:4C:93:32:FE
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d9bda163-e4c4-4a0b-a17b-80c77fecb3d5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.237.192.0/19

    Signature Algorithm: sha256WithRSAEncryption
         2e:4c:52:23:56:a1:41:6e:eb:b0:a9:bf:c7:f7:0f:16:12:6a:
         1b:f8:97:eb:80:aa:e1:78:4e:9f:19:5d:73:74:c7:bd:5a:4b:
         55:cf:cf:d9:02:7f:6c:c9:da:98:d2:8e:0f:f9:dc:b2:df:bb:
         0d:e2:3f:57:5c:25:9d:10:3b:26:07:1f:e5:16:3f:8d:28:42:
         19:e0:4f:fd:91:41:fd:a5:71:32:32:45:1c:0e:9d:86:fc:58:
         d1:09:30:85:28:1d:7c:29:4c:49:5e:cd:4a:9b:3f:69:bd:92:
         e2:26:02:14:61:15:91:80:36:83:49:25:04:ca:71:38:b5:bc:
         00:37:b3:87:bb:f9:8d:73:ec:dd:0c:a3:12:d6:45:b6:ad:12:
         e2:c2:2d:41:77:21:a4:ab:94:47:f5:c9:b1:7a:29:78:ea:d8:
         a7:80:8f:9f:e7:74:58:85:c8:93:68:7f:16:91:92:4c:3c:fa:
         08:44:57:58:2b:25:e1:2c:ae:7c:f8:d2:14:76:77:53:7f:aa:
         c5:22:0b:7b:e9:65:71:2b:ba:a0:37:09:6d:c4:ab:43:4b:a6:
         91:9a:75:3d:a6:b2:6c:0b:a9:95:b3:33:5f:1d:1a:4d:1f:e5:
         52:5a:b0:77:dc:7f:ab:5e:71:69:48:a3:89:5c:65:2e:49:e7:
         36:1c:a6:d0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDwzrg/DAXIqP6906bcZbHXIoZ7gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI5MTY1MTM2WhcNMjUwOTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BkNzg5ZGMzMmRjNDIyZGNiYzE1ZGRlMDFkMGYwMTA3ODVh
MGY1ZjAzYWNiODA5MGFkN2YyNzY5NjhhOWNjNzU5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXXC/0ZhiMFJigsNG+0XMBTHIkwguqQGpxPtT2yz3XBGwt
uww8jfA+mP7d0nBF3Ww287MIDT2IkhG0zQpto12DwqyiUnoz2FXU5wPSCQqQb/Mu
Lvzap1/dmC3MojOgQ/5eQYZL70NtY/h9iyK1dHwHrpR2zVahWFyYcAWVcVBpXMko
120H7Ke2GIgNropk2cVbdRPW39iLtKFci+Y6vEtw2NNHHbTKoIuAuZMNinaM0U09
r6L3Um4oDKn8YRehgZPg8OjNbqHah6gQDe5G6V4PELoGtUe2KJkiZ3GdISIYjiKc
dUcD74sejLBulliykp3LShbVPVCIpby6XYVg8OOpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUyJlNu7XiKZrmrhmXIgdraEyTMv4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2Q5YmRhMTYzLWU0YzQtNGEwYi1hMTdiLTgwYzc3ZmVjYjNkNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU27cAwDQYJKoZIhvcNAQELBQADggEBAC5MUiNWoUFu67Cpv8f3DxYSahv4
l+uAquF4Tp8ZXXN0x71aS1XPz9kCf2zJ2pjSjg/53LLfuw3iP1dcJZ0QOyYHH+UW
P40oQhngT/2RQf2lcTIyRRwOnYb8WNEJMIUoHXwpTElezUqbP2m9kuImAhRhFZGA
NoNJJQTKcTi1vAA3s4e7+Y1z7N0MoxLWRbatEuLCLUF3IaSrlEf1ybF6KXjq2KeA
j5/ndFiFyJNofxaRkkw8+ghEV1grJeEsrnz40hR2d1N/qsUiC3vpZXEruqA3CW3E
q0NLppGadT2msmwLqZWzM18dGk0f5VJasHfcf6tecWlIo4lcZS5J5zYcptA=
-----END CERTIFICATE-----