Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e6dd6883-672d-45b0-8a2c-34ac40b1083f.roa
File:                     e6dd6883-672d-45b0-8a2c-34ac40b1083f.roa (raw, json)
Hash identifier:          WLcRrciJjZK1WuP0zL/VI7thOLgT18e1YALjdD5LQEw=
Subject key identifier:   9C:73:BF:4F:5F:FD:DC:7F:ED:44:72:46:B0:45:68:FB:22:9A:09:79
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       01771B16C63D658333B890FDFB487C625E82025C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e6dd6883-672d-45b0-8a2c-34ac40b1083f.roa
Signing time:             Fri 13 Jun 2025 18:21:21 +0000
ROA not before:           Fri 13 Jun 2025 18:21:21 +0000
ROA not after:            Fri 18 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.240.192.0/18 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:77:1b:16:c6:3d:65:83:33:b8:90:fd:fb:48:7c:62:5e:82:02:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun 13 18:21:21 2025 GMT
            Not After : Jul 18 23:59:59 2025 GMT
        Subject: serialNumber=055d114507c1b7772701d98b63a45beebf2d33bfab1102070b2408fecea8b8cd, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:87:91:80:53:4b:1b:a3:9f:20:90:34:8b:60:
                    e7:56:57:89:50:73:b5:3f:10:01:6f:ae:91:e1:e1:
                    57:51:b6:ef:0e:66:b2:83:6c:87:3c:9d:40:6c:2a:
                    0f:c6:08:b1:82:5f:ec:f9:e8:60:47:6b:53:0a:4e:
                    40:6d:69:96:12:33:22:9a:95:18:b7:33:24:79:8d:
                    07:1d:e1:7c:4e:9b:82:ed:8a:e6:fd:b0:0f:21:e2:
                    6f:d6:1d:95:12:2c:4f:33:4d:1c:cb:e7:b9:65:18:
                    ff:22:f1:b4:99:32:0d:05:3e:13:42:72:a2:f6:c8:
                    55:93:24:ab:14:f3:70:24:1e:45:35:ac:5a:9f:7a:
                    de:e0:74:25:32:4b:b2:b4:f7:0d:4f:1e:2b:96:75:
                    e6:a1:b8:d7:2f:d7:6c:d2:87:87:96:4a:8f:bd:a8:
                    f6:5e:88:56:c8:92:ff:4d:fc:ad:0c:1e:c9:ee:8c:
                    74:a5:ea:0a:ee:5c:8b:3c:39:fc:77:4d:6a:e2:90:
                    4a:cb:df:3e:a3:19:ad:aa:0e:bf:29:0f:77:1e:c4:
                    89:bf:22:7c:9b:be:1e:a9:e4:5e:55:c6:5b:e0:4e:
                    ef:8b:33:c1:d9:d4:96:4a:79:e8:56:78:a6:58:70:
                    fd:c3:24:ee:9f:84:08:3e:5a:38:23:ed:f3:6b:bb:
                    04:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:73:BF:4F:5F:FD:DC:7F:ED:44:72:46:B0:45:68:FB:22:9A:09:79
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e6dd6883-672d-45b0-8a2c-34ac40b1083f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.240.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         3c:da:d5:60:8a:60:7a:00:19:fb:77:88:7a:f3:97:65:53:a7:
         53:61:ca:94:87:5f:24:91:22:82:2b:a2:ea:01:fd:0f:56:1a:
         c7:c5:8c:db:30:a6:c3:4f:34:85:c8:a8:ee:73:a0:d3:cc:19:
         5e:8d:d0:ac:e8:ae:97:fa:c4:a0:02:56:43:7e:bf:e0:60:ab:
         e8:67:27:60:17:06:15:27:ac:1c:f8:e2:3f:b9:d4:7c:db:ae:
         08:72:05:16:ad:d2:b6:b4:0f:3e:99:b3:cd:ae:fb:da:20:d3:
         74:43:7e:12:10:cc:96:44:2d:2e:f9:f0:1e:36:88:2a:f9:af:
         d1:6e:0f:cc:89:6a:f0:5d:ce:23:21:0d:8d:96:cc:9e:16:06:
         ea:0b:e7:ef:17:d8:89:a1:7f:e3:12:06:ef:90:d5:92:fc:61:
         2a:7b:fa:5d:3e:9f:25:5b:2d:d8:4d:0e:d2:54:3e:45:4f:43:
         ae:b8:31:bd:f0:d1:79:37:40:d6:2e:99:72:0c:c4:04:61:ec:
         b8:dd:74:ac:36:b5:72:11:58:ca:20:98:bf:7f:bf:9a:04:51:
         a6:31:29:c3:e7:42:8a:06:af:17:e7:8e:70:2d:15:16:4c:84:
         8c:6e:0c:e7:35:0c:0c:92:74:c5:68:bf:7a:9c:81:c1:b5:48:
         d9:2b:30:ea
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAXcbFsY9ZYMzuJD9+0h8Yl6CAlwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNjEzMTgyMTIxWhcNMjUwNzE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNTVkMTE0NTA3YzFiNzc3MjcwMWQ5OGI2M2E0NWJlZWJm
MmQzM2JmYWIxMTAyMDcwYjI0MDhmZWNlYThiOGNkMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2h5GAU0sbo58gkDSLYOdWV4lQc7U/EAFvrpHh4VdRtu8O
ZrKDbIc8nUBsKg/GCLGCX+z56GBHa1MKTkBtaZYSMyKalRi3MyR5jQcd4XxOm4Lt
iub9sA8h4m/WHZUSLE8zTRzL57llGP8i8bSZMg0FPhNCcqL2yFWTJKsU83AkHkU1
rFqfet7gdCUyS7K09w1PHiuWdeahuNcv12zSh4eWSo+9qPZeiFbIkv9N/K0MHsnu
jHSl6gruXIs8Ofx3TWrikErL3z6jGa2qDr8pD3cexIm/Inybvh6p5F5VxlvgTu+L
M8HZ1JZKeehWeKZYcP3DJO6fhAg+Wjgj7fNruwS3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUnHO/T1/93H/tRHJGsEVo+yKaCXkwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2U2ZGQ2ODgzLTY3MmQtNDViMC04YTJjLTM0YWM0MGIxMDgzZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAY28MAwDQYJKoZIhvcNAQELBQADggEBADza1WCKYHoAGft3iHrzl2VTp1Nh
ypSHXySRIoIrouoB/Q9WGsfFjNswpsNPNIXIqO5zoNPMGV6N0Kzorpf6xKACVkN+
v+Bgq+hnJ2AXBhUnrBz44j+51HzbrghyBRat0ra0Dz6Zs82u+9og03RDfhIQzJZE
LS758B42iCr5r9FuD8yJavBdziMhDY2WzJ4WBuoL5+8X2Imhf+MSBu+Q1ZL8YSp7
+l0+nyVbLdhNDtJUPkVPQ664Mb3w0Xk3QNYumXIMxARh7LjddKw2tXIRWMogmL9/
v5oEUaYxKcPnQooGrxfnjnAtFRZMhIxuDOc1DAySdMVov3qcgcG1SNkrMOo=
-----END CERTIFICATE-----