Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4937f861-5023-4671-8c59-4877790f4ab6.roa
File:                     4937f861-5023-4671-8c59-4877790f4ab6.roa (raw, json)
Hash identifier:          pWnoznznt4ef/j088n/QO8GlbSmJUXfSy7NhIkMp6DA=
Subject key identifier:   85:9C:32:6F:BA:8A:6A:CF:DF:F3:E0:C0:E0:B1:32:29:10:20:E8:65
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       166DAE1F83AD9F564007DB2EFAA53C2411790344
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4937f861-5023-4671-8c59-4877790f4ab6.roa
Signing time:             Fri 19 Sep 2025 15:12:10 +0000
ROA not before:           Fri 19 Sep 2025 15:12:10 +0000
ROA not after:            Fri 24 Oct 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        54.145.0.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 09 Oct 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:6d:ae:1f:83:ad:9f:56:40:07:db:2e:fa:a5:3c:24:11:79:03:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 19 15:12:10 2025 GMT
            Not After : Oct 24 23:59:59 2025 GMT
        Subject: serialNumber=df9af76f4bb6cad4f4ccf9c4ea596211f77d3fd0f0c00968062d4ffffc62cc33, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:49:e0:6d:9f:bd:59:9f:f0:04:53:26:f4:7f:
                    f0:bf:9d:d8:7d:09:a9:21:c7:40:f7:d6:8f:bd:71:
                    28:06:65:ea:38:7f:f9:ae:a2:8c:7f:61:4f:fb:2e:
                    ae:48:1b:d9:28:c7:28:eb:c0:60:55:39:0f:34:04:
                    e1:df:e4:d2:14:63:a1:32:56:21:00:f9:b0:51:34:
                    cf:98:cc:40:f5:0b:f4:17:d9:4c:c3:44:e6:8b:96:
                    f3:ca:cc:8b:8e:b7:f9:d0:0f:71:e8:ad:08:22:bc:
                    2f:fc:44:1a:b8:df:71:e3:59:e6:16:c2:10:09:64:
                    4e:da:29:44:c8:d3:af:d2:01:f2:4f:df:72:78:a8:
                    a9:5f:74:0d:e3:25:4e:90:46:b2:6e:dc:ef:aa:7d:
                    ec:ed:2b:94:da:ad:64:c7:7f:b4:a6:3c:56:f6:51:
                    42:ce:95:d9:13:85:5a:48:52:5b:95:82:ac:42:76:
                    75:e3:65:2d:31:ab:8a:c1:e1:21:02:88:99:ec:66:
                    f4:31:0c:cb:76:d4:38:80:23:9b:19:d0:96:9c:9a:
                    2c:23:67:19:45:a8:b0:32:49:d2:98:c3:3f:01:de:
                    10:ae:ff:41:64:34:66:90:38:36:08:d1:30:30:7d:
                    3f:6a:56:02:c8:24:18:3e:7b:02:ef:c2:ca:86:72:
                    07:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:9C:32:6F:BA:8A:6A:CF:DF:F3:E0:C0:E0:B1:32:29:10:20:E8:65
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4937f861-5023-4671-8c59-4877790f4ab6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.145.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         07:39:3c:eb:9b:6b:43:f3:a7:4f:c5:55:4c:87:4d:26:dc:27:
         8e:80:ec:52:ea:a7:61:6c:c8:06:ac:ce:2f:84:0e:ca:90:22:
         4e:85:91:81:d7:8b:fb:d2:73:b3:c8:fd:e9:df:54:ab:71:3f:
         4e:7a:8a:7a:d6:e6:fb:6b:20:92:fc:8e:a0:7a:59:6b:c2:7f:
         cf:5b:d5:85:25:bc:80:ab:1e:b7:30:eb:be:8c:b3:36:a7:2b:
         de:74:99:b7:78:19:ee:07:7e:6e:31:c4:54:05:2e:70:65:31:
         5f:8a:d2:09:b7:3b:50:88:ce:a0:8a:ec:41:66:25:60:a6:30:
         3d:54:70:18:ce:ba:ee:7b:17:31:bb:50:62:42:4f:0a:39:42:
         03:73:d7:65:3a:8b:d7:2a:70:3d:9c:ab:cf:c2:96:fe:0c:a9:
         c5:21:bb:fd:6d:97:cf:d9:4d:61:d5:de:b8:24:71:28:1b:c5:
         26:96:a7:9b:00:29:75:49:6c:da:58:75:12:6c:95:57:d4:81:
         76:a0:f7:2e:0d:52:fd:0c:ed:73:6a:62:0c:6b:70:e8:71:93:
         ce:42:91:2d:ff:bf:44:ed:56:ca:9c:26:1a:93:11:9f:34:6e:
         c8:ba:2b:7c:56:70:db:32:71:e1:b0:28:8b:4c:3a:6e:f4:0e:
         2e:27:f2:ef
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFm2uH4Otn1ZAB9su+qU8JBF5A0QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTE5MTUxMjEwWhcNMjUxMDI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZjlhZjc2ZjRiYjZjYWQ0ZjRjY2Y5YzRlYTU5NjIxMWY3
N2QzZmQwZjBjMDA5NjgwNjJkNGZmZmZjNjJjYzMzMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcSeBtn71Zn/AEUyb0f/C/ndh9Cakhx0D31o+9cSgGZeo4
f/muoox/YU/7Lq5IG9koxyjrwGBVOQ80BOHf5NIUY6EyViEA+bBRNM+YzED1C/QX
2UzDROaLlvPKzIuOt/nQD3HorQgivC/8RBq433HjWeYWwhAJZE7aKUTI06/SAfJP
33J4qKlfdA3jJU6QRrJu3O+qfeztK5TarWTHf7SmPFb2UULOldkThVpIUluVgqxC
dnXjZS0xq4rB4SECiJnsZvQxDMt21DiAI5sZ0JacmiwjZxlFqLAySdKYwz8B3hCu
/0FkNGaQODYI0TAwfT9qVgLIJBg+ewLvwsqGcgfjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUhZwyb7qKas/f8+DA4LEyKRAg6GUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzQ5MzdmODYxLTUwMjMtNDY3MS04YzU5LTQ4Nzc3OTBmNGFiNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAY2kQAwDQYJKoZIhvcNAQELBQADggEBAAc5POuba0Pzp0/FVUyHTSbcJ46A
7FLqp2FsyAaszi+EDsqQIk6FkYHXi/vSc7PI/enfVKtxP056inrW5vtrIJL8jqB6
WWvCf89b1YUlvICrHrcw676MszanK950mbd4Ge4Hfm4xxFQFLnBlMV+K0gm3O1CI
zqCK7EFmJWCmMD1UcBjOuu57FzG7UGJCTwo5QgNz12U6i9cqcD2cq8/Clv4MqcUh
u/1tl8/ZTWHV3rgkcSgbxSaWp5sAKXVJbNpYdRJslVfUgXag9y4NUv0M7XNqYgxr
cOhxk85CkS3/v0TtVsqcJhqTEZ80bsi6K3xWcNsyceGwKItMOm70Di4n8u8=
-----END CERTIFICATE-----