Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f54a0b52-4519-4e6e-99b3-16c3bc056e7a.roa
File:                     f54a0b52-4519-4e6e-99b3-16c3bc056e7a.roa (raw, json)
Hash identifier:          BJ+fGeEsq5FkIfqdmniluKnQQSMC+r2glAs5W73ZSRU=
Subject key identifier:   0E:7A:9E:F8:93:26:6D:05:11:59:C3:C7:45:60:66:33:CC:6D:BB:A3
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5F4F24948416D597DD92BD59C0B020E37BFB5205
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f54a0b52-4519-4e6e-99b3-16c3bc056e7a.roa
Signing time:             Fri 25 Jul 2025 16:00:45 +0000
ROA not before:           Fri 25 Jul 2025 16:00:45 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        54.160.0.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:4f:24:94:84:16:d5:97:dd:92:bd:59:c0:b0:20:e3:7b:fb:52:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 25 16:00:45 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=d5e43543491c84dff87fe3a655578a8815f5ad8e876c8591c56604081d1ce800, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:53:a8:3d:7d:a9:45:8e:b8:7e:57:6e:ee:ed:
                    8d:fb:25:75:9a:e8:66:d3:a6:d3:a7:6e:ed:35:6f:
                    1b:d1:c1:15:61:0f:76:e1:e9:e0:12:39:c5:ad:4a:
                    72:c9:74:93:bd:cc:84:7d:1b:b6:98:71:4a:35:03:
                    9f:53:1b:7d:38:c0:81:1b:dd:96:78:cf:d9:9c:7d:
                    39:90:c3:91:8d:db:ff:b8:d3:b8:18:24:90:bc:ed:
                    c7:56:f5:2c:c7:b6:a6:2f:0d:2c:aa:71:fd:6d:61:
                    75:f6:e8:85:c0:38:86:6c:f7:41:03:17:46:a9:10:
                    6c:a8:47:7d:60:37:7d:f3:e5:26:16:d6:e5:9b:a0:
                    d1:05:f7:a4:07:e1:b3:db:60:f5:07:50:a6:20:92:
                    53:3a:bd:59:46:c3:b5:d2:a7:13:0c:e0:2b:1e:25:
                    10:59:bb:72:67:9e:63:bd:8e:85:08:7d:6e:f2:04:
                    91:7e:b6:12:06:82:4e:4b:4d:10:fe:85:1f:f0:a0:
                    21:e3:bb:08:50:8a:87:85:23:3a:0c:78:86:52:40:
                    95:3a:b3:31:6d:1e:5c:b9:ca:2d:ac:be:d6:92:a0:
                    92:d8:7a:8c:5f:fe:47:c0:7c:17:06:33:54:72:16:
                    d6:b2:1e:5d:c3:87:6c:47:20:90:31:f3:13:db:6f:
                    b6:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:7A:9E:F8:93:26:6D:05:11:59:C3:C7:45:60:66:33:CC:6D:BB:A3
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f54a0b52-4519-4e6e-99b3-16c3bc056e7a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.160.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         79:d6:65:f5:d1:8f:57:81:61:cd:23:c0:fe:85:84:8a:19:81:
         23:10:5f:9b:7f:e0:13:f7:05:e1:1d:60:bf:7c:0b:34:9a:e8:
         11:bc:6c:7e:a8:7b:03:d8:3d:fc:1e:9b:8d:91:68:28:d2:5e:
         6a:65:ae:96:16:13:66:4e:57:2e:6e:20:fc:3e:ef:f7:a7:f9:
         16:c3:1e:c6:52:2d:e7:50:c0:50:1b:23:8c:59:9b:90:ac:a5:
         5a:b7:1d:7e:04:b8:1f:fd:b5:aa:ab:fe:d4:48:e2:0a:e0:9d:
         11:18:4e:58:c0:64:7c:08:57:02:75:39:a5:23:6b:f7:06:a2:
         bf:e8:75:41:e5:d1:7b:5c:73:f9:40:35:2f:fe:82:05:fa:88:
         50:51:f1:0a:c5:3c:e5:f2:78:26:27:91:71:72:9b:1a:f9:8e:
         94:03:5c:f9:2f:14:0b:14:b9:e6:b0:5b:ea:e3:b8:af:9f:0c:
         dd:f6:a8:99:09:d1:26:50:77:66:0c:5e:c7:40:93:18:a8:4b:
         fb:21:5e:f6:59:7a:8b:b2:6b:f9:75:b8:8a:e6:90:8a:41:c8:
         5e:69:13:82:e0:db:f4:b3:dd:22:29:a1:50:81:f6:b0:93:44:
         49:31:29:96:1a:59:89:28:8e:50:29:74:85:e6:52:7b:2e:1b:
         bf:b2:3d:66
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUX08klIQW1Zfdkr1ZwLAg43v7UgUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI1MTYwMDQ1WhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BkNWU0MzU0MzQ5MWM4NGRmZjg3ZmUzYTY1NTU3OGE4ODE1
ZjVhZDhlODc2Yzg1OTFjNTY2MDQwODFkMWNlODAwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrU6g9falFjrh+V27u7Y37JXWa6GbTptOnbu01bxvRwRVh
D3bh6eASOcWtSnLJdJO9zIR9G7aYcUo1A59TG304wIEb3ZZ4z9mcfTmQw5GN2/+4
07gYJJC87cdW9SzHtqYvDSyqcf1tYXX26IXAOIZs90EDF0apEGyoR31gN33z5SYW
1uWboNEF96QH4bPbYPUHUKYgklM6vVlGw7XSpxMM4CseJRBZu3JnnmO9joUIfW7y
BJF+thIGgk5LTRD+hR/woCHjuwhQioeFIzoMeIZSQJU6szFtHly5yi2svtaSoJLY
eoxf/kfAfBcGM1RyFtayHl3Dh2xHIJAx8xPbb7YlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUDnqe+JMmbQURWcPHRWBmM8xtu6MwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2Y1NGEwYjUyLTQ1MTktNGU2ZS05OWIzLTE2YzNiYzA1NmU3YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAY2oAAwDQYJKoZIhvcNAQELBQADggEBAHnWZfXRj1eBYc0jwP6FhIoZgSMQ
X5t/4BP3BeEdYL98CzSa6BG8bH6oewPYPfwem42RaCjSXmplrpYWE2ZOVy5uIPw+
7/en+RbDHsZSLedQwFAbI4xZm5CspVq3HX4EuB/9taqr/tRI4grgnREYTljAZHwI
VwJ1OaUja/cGor/odUHl0Xtcc/lANS/+ggX6iFBR8QrFPOXyeCYnkXFymxr5jpQD
XPkvFAsUueawW+rjuK+fDN32qJkJ0SZQd2YMXsdAkxioS/shXvZZeouya/l1uIrm
kIpByF5pE4Lg2/Sz3SIpoVCB9rCTREkxKZYaWYkojlApdIXmUnsuG7+yPWY=
-----END CERTIFICATE-----