Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e4a5f946-51e6-4f6c-a511-9fec767b9a94.roa
File:                     e4a5f946-51e6-4f6c-a511-9fec767b9a94.roa (raw, json)
Hash identifier:          wUWadFbBQ5pvAUFx42o5sUwcU+sM3UGMvghuu7RKVmg=
Subject key identifier:   F1:62:98:EE:D6:C3:29:74:93:D5:BF:CB:E9:D5:F2:E7:DA:AB:11:B3
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7F30C3BBA8B7330A63458D9055601973AFFFDC56
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e4a5f946-51e6-4f6c-a511-9fec767b9a94.roa
Signing time:             Tue 03 Jun 2025 16:10:12 +0000
ROA not before:           Tue 03 Jun 2025 16:10:12 +0000
ROA not after:            Tue 08 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.188.0.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:30:c3:bb:a8:b7:33:0a:63:45:8d:90:55:60:19:73:af:ff:dc:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun  3 16:10:12 2025 GMT
            Not After : Jul  8 23:59:59 2025 GMT
        Subject: serialNumber=c41a983229c3448b579515c2ff2fde69866fbf347274afb876839d9e84d2d88a, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:a9:1e:78:17:69:30:09:d4:1b:62:ab:dd:f4:
                    06:ac:0c:b8:89:5a:df:c6:2f:c2:5b:d9:8f:ed:d0:
                    48:08:43:db:7a:11:88:6e:74:2a:4d:b2:64:f4:05:
                    2f:9d:9f:d5:75:7a:91:d5:d8:bd:62:c0:aa:d2:0b:
                    0e:31:34:f0:50:a6:dd:ae:31:92:d1:df:b4:69:5d:
                    a8:69:18:6a:fd:23:65:e8:65:ef:af:68:51:7d:0e:
                    bb:2a:b5:06:a3:7d:21:30:53:d2:63:05:10:2d:25:
                    35:57:7b:f9:da:7e:ee:41:ea:46:61:54:47:f9:3d:
                    1f:f5:75:23:5f:52:47:1f:3d:6b:97:b0:70:cf:82:
                    c9:77:4f:17:11:dd:5e:a3:97:11:ee:c2:8d:57:cc:
                    d4:4c:6c:b6:29:fd:ef:3b:55:ea:a0:2d:a9:b3:36:
                    c7:45:5a:e0:3f:ab:63:6b:1f:6d:b3:5d:ba:70:bd:
                    f6:fd:1e:04:3b:a4:de:0a:33:2d:dc:e3:f1:6f:07:
                    18:92:d1:e1:b0:fc:1b:54:7f:39:8d:1d:c8:2a:20:
                    b3:a0:aa:19:b6:90:ca:a2:82:7d:bd:d2:15:cd:49:
                    51:23:90:df:4e:83:93:db:9d:83:86:4f:4c:5c:de:
                    db:a3:9f:e7:fa:89:f8:b7:30:95:2f:00:59:5a:c8:
                    05:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:62:98:EE:D6:C3:29:74:93:D5:BF:CB:E9:D5:F2:E7:DA:AB:11:B3
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e4a5f946-51e6-4f6c-a511-9fec767b9a94.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.188.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         48:2f:71:07:ae:b8:c6:15:79:0c:4f:a9:16:74:79:14:5f:d6:
         08:09:15:92:82:c6:93:ec:db:fe:1e:a1:d8:e7:50:06:7f:47:
         03:93:39:a2:91:36:71:d6:4e:14:aa:bb:70:db:10:0b:92:40:
         16:af:d5:9e:de:f9:cd:09:cd:12:a0:81:c7:8e:fd:ec:0b:de:
         79:93:13:ba:1a:40:56:c7:76:3c:43:95:07:24:3a:5e:f8:20:
         6b:4d:e5:26:c7:bb:9b:75:e7:19:4d:ef:55:77:46:e7:74:cf:
         77:67:e6:da:6e:c1:dd:1f:0b:e0:f3:0b:36:af:fe:65:d5:62:
         83:c2:17:b5:ca:5a:6a:76:bb:f4:73:09:da:e0:6d:78:d2:e2:
         96:49:c2:5f:b9:b8:98:30:66:bf:bc:5c:07:7b:c0:b6:eb:9a:
         52:82:34:0f:d7:a6:f3:30:a6:4e:6f:3e:c5:d8:47:43:90:c6:
         23:b4:e4:a0:3c:0e:36:28:86:0f:a4:06:b5:48:0e:9f:3d:e5:
         62:b4:c0:b2:3c:cc:42:c5:6b:37:79:1d:54:d4:3a:12:18:66:
         ee:83:0c:f4:48:4f:29:9b:9a:74:f0:18:e6:49:46:db:5b:5d:
         22:ce:65:ef:ad:d9:31:0e:9b:2e:3f:a5:0f:f0:96:7c:df:97:
         d7:25:50:c8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfzDDu6i3MwpjRY2QVWAZc6//3FYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNjAzMTYxMDEyWhcNMjUwNzA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BjNDFhOTgzMjI5YzM0NDhiNTc5NTE1YzJmZjJmZGU2OTg2
NmZiZjM0NzI3NGFmYjg3NjgzOWQ5ZTg0ZDJkODhhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBqR54F2kwCdQbYqvd9AasDLiJWt/GL8Jb2Y/t0EgIQ9t6
EYhudCpNsmT0BS+dn9V1epHV2L1iwKrSCw4xNPBQpt2uMZLR37RpXahpGGr9I2Xo
Ze+vaFF9DrsqtQajfSEwU9JjBRAtJTVXe/nafu5B6kZhVEf5PR/1dSNfUkcfPWuX
sHDPgsl3TxcR3V6jlxHuwo1XzNRMbLYp/e87VeqgLamzNsdFWuA/q2NrH22zXbpw
vfb9HgQ7pN4KMy3c4/FvBxiS0eGw/BtUfzmNHcgqILOgqhm2kMqign290hXNSVEj
kN9Og5PbnYOGT0xc3tujn+f6ifi3MJUvAFlayAU3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU8WKY7tbDKXST1b/L6dXy59qrEbMwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2U0YTVmOTQ2LTUxZTYtNGY2Yy1hNTExLTlmZWM3NjdiOWE5NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAc2vAAwDQYJKoZIhvcNAQELBQADggEBAEgvcQeuuMYVeQxPqRZ0eRRf1ggJ
FZKCxpPs2/4eodjnUAZ/RwOTOaKRNnHWThSqu3DbEAuSQBav1Z7e+c0JzRKggceO
/ewL3nmTE7oaQFbHdjxDlQckOl74IGtN5SbHu5t15xlN71V3Rud0z3dn5tpuwd0f
C+DzCzav/mXVYoPCF7XKWmp2u/RzCdrgbXjS4pZJwl+5uJgwZr+8XAd7wLbrmlKC
NA/XpvMwpk5vPsXYR0OQxiO05KA8DjYohg+kBrVIDp895WK0wLI8zELFazd5HVTU
OhIYZu6DDPRITymbmnTwGOZJRttbXSLOZe+t2TEOmy4/pQ/wlnzfl9clUMg=
-----END CERTIFICATE-----