Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f54a0b52-4519-4e6e-99b3-16c3bc056e7a.roa
File:                     f54a0b52-4519-4e6e-99b3-16c3bc056e7a.roa (raw, json)
Hash identifier:          RnYZLnY7oQpzySR1LVbOdjVh8veHGPEHSQ+sXlILMpU=
Subject key identifier:   76:F5:86:73:18:58:E8:DD:87:2A:B2:AE:7D:3E:AC:BB:33:57:61:C9
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2F5CB120E75013A4D42871C95A3F4CE127C774E3
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f54a0b52-4519-4e6e-99b3-16c3bc056e7a.roa
Signing time:             Tue 04 Nov 2025 02:10:40 +0000
ROA not before:           Tue 04 Nov 2025 02:10:40 +0000
ROA not after:            Tue 09 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        54.160.0.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 06 Nov 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:5c:b1:20:e7:50:13:a4:d4:28:71:c9:5a:3f:4c:e1:27:c7:74:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov  4 02:10:40 2025 GMT
            Not After : Dec  9 23:59:59 2025 GMT
        Subject: serialNumber=1c6dbc28728f2465936a27acd30390fbbb2652e3d1c745227cae7e6deeb2baee, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:42:06:41:97:40:0f:57:cc:4b:b8:c7:43:c7:
                    c1:43:2d:87:ee:88:23:dc:43:e5:6f:28:76:e7:2e:
                    56:c3:ac:11:cc:3d:ac:14:a7:12:01:75:8a:9a:21:
                    14:de:86:a7:15:41:02:c8:90:e6:91:3e:d7:8a:31:
                    f1:72:44:d4:6b:b6:85:51:85:b7:28:8c:44:6c:28:
                    46:ff:e5:bf:9d:9f:50:ad:02:81:99:09:8f:58:35:
                    0c:03:f8:db:94:7a:70:c2:b0:f6:91:5a:93:f9:d4:
                    8f:d3:0e:5d:f6:0d:ca:5c:01:6b:f0:b6:95:a2:4e:
                    3f:55:4c:14:9c:c4:86:33:1c:7e:82:1c:9a:e2:91:
                    57:5a:65:bb:3e:30:88:ce:45:78:5c:eb:a5:14:7c:
                    3e:fb:a5:22:f0:86:7f:d3:03:f1:f3:c3:4a:73:a8:
                    64:1a:25:4e:81:ae:e1:63:79:b9:20:75:a5:2f:17:
                    ee:83:0b:5e:81:55:6b:41:55:6a:5c:78:02:6a:49:
                    51:aa:1b:e1:bf:51:d5:5e:01:aa:37:73:ba:75:d2:
                    de:7f:aa:a3:66:44:3e:cf:22:46:1f:5c:f6:af:cd:
                    c8:ec:ab:f0:77:95:8c:c1:d5:4c:04:3b:18:93:05:
                    8b:4e:1a:40:a7:31:0a:8d:78:e2:0f:75:51:f5:61:
                    f6:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:F5:86:73:18:58:E8:DD:87:2A:B2:AE:7D:3E:AC:BB:33:57:61:C9
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f54a0b52-4519-4e6e-99b3-16c3bc056e7a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.160.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         a8:65:ff:18:c8:8e:ab:1a:56:70:62:68:94:f4:7f:71:4b:b3:
         ce:9a:f2:27:97:7d:f5:e4:5f:23:24:7b:11:91:56:6b:fc:6e:
         df:d5:af:5c:d4:22:31:70:68:54:8e:f5:03:b3:b3:e5:03:88:
         e4:da:d7:5f:44:38:f5:99:da:d5:12:62:5e:90:d1:1f:02:1f:
         73:25:03:a0:f9:3c:31:c3:6e:0a:95:04:d3:7e:36:92:ab:20:
         e8:d1:c2:5c:d0:a2:37:ff:03:62:c1:7b:c4:2b:1f:66:da:18:
         cf:8b:84:44:32:3c:d6:16:72:53:a1:e8:4a:f5:50:f6:e2:6f:
         44:c0:b5:88:c0:bf:33:d8:f4:d6:8d:60:ae:4a:c7:f7:1d:18:
         a3:4e:a5:e0:56:ba:09:36:bd:11:89:a6:07:45:b3:05:e2:e5:
         21:34:4a:fb:d6:3b:a9:6d:cc:cb:e5:0a:ad:3f:f6:4b:02:7c:
         3b:52:65:8a:b2:01:96:57:5f:12:2c:b2:19:2d:28:ea:9c:1f:
         55:8d:09:3a:0a:f0:3d:04:98:51:86:6f:46:c4:cf:86:05:b3:
         98:71:52:de:ef:f4:c3:62:87:66:f6:d0:34:11:83:0c:d1:18:
         38:ee:ca:8a:38:0a:28:1a:cb:eb:30:8e:ee:c1:06:ab:c1:0e:
         f9:f4:40:aa
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUL1yxIOdQE6TUKHHJWj9M4SfHdOMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTA0MDIxMDQwWhcNMjUxMjA5MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYzZkYmMyODcyOGYyNDY1OTM2YTI3YWNkMzAzOTBmYmJi
MjY1MmUzZDFjNzQ1MjI3Y2FlN2U2ZGVlYjJiYWVlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzQgZBl0APV8xLuMdDx8FDLYfuiCPcQ+VvKHbnLlbDrBHM
PawUpxIBdYqaIRTehqcVQQLIkOaRPteKMfFyRNRrtoVRhbcojERsKEb/5b+dn1Ct
AoGZCY9YNQwD+NuUenDCsPaRWpP51I/TDl32DcpcAWvwtpWiTj9VTBScxIYzHH6C
HJrikVdaZbs+MIjORXhc66UUfD77pSLwhn/TA/Hzw0pzqGQaJU6BruFjebkgdaUv
F+6DC16BVWtBVWpceAJqSVGqG+G/UdVeAao3c7p10t5/qqNmRD7PIkYfXPavzcjs
q/B3lYzB1UwEOxiTBYtOGkCnMQqNeOIPdVH1YfZ3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUdvWGcxhY6N2HKrKufT6suzNXYckwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2Y1NGEwYjUyLTQ1MTktNGU2ZS05OWIzLTE2YzNiYzA1NmU3YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAY2oAAwDQYJKoZIhvcNAQELBQADggEBAKhl/xjIjqsaVnBiaJT0f3FLs86a
8ieXffXkXyMkexGRVmv8bt/Vr1zUIjFwaFSO9QOzs+UDiOTa119EOPWZ2tUSYl6Q
0R8CH3MlA6D5PDHDbgqVBNN+NpKrIOjRwlzQojf/A2LBe8QrH2baGM+LhEQyPNYW
clOh6Er1UPbib0TAtYjAvzPY9NaNYK5Kx/cdGKNOpeBWugk2vRGJpgdFswXi5SE0
SvvWO6ltzMvlCq0/9ksCfDtSZYqyAZZXXxIsshktKOqcH1WNCToK8D0EmFGGb0bE
z4YFs5hxUt7v9MNih2b20DQRgwzRGDjuyoo4Cigay+swju7BBqvBDvn0QKo=
-----END CERTIFICATE-----