Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/074360a4-6d5a-4717-b08b-25ed674fcad6.roa
File:                     074360a4-6d5a-4717-b08b-25ed674fcad6.roa (raw, json)
Hash identifier:          k+MsMX+tG11xm41CBEPo4imnUURqpd2U6ZHefJyH48Y=
Subject key identifier:   57:0B:41:CC:15:63:DF:4D:23:64:3C:AB:D4:BB:CA:78:0F:1B:C2:F9
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2F17D480320DA7F1B53F59BAF74EA7228A54DF69
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/074360a4-6d5a-4717-b08b-25ed674fcad6.roa
Signing time:             Thu 16 Oct 2025 21:17:22 +0000
ROA not before:           Thu 16 Oct 2025 21:17:22 +0000
ROA not after:            Thu 20 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.182.228.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:17:d4:80:32:0d:a7:f1:b5:3f:59:ba:f7:4e:a7:22:8a:54:df:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 16 21:17:22 2025 GMT
            Not After : Nov 20 23:59:59 2025 GMT
        Subject: serialNumber=d85102e0585ce14e062a524ee1ac600323fdf816f484292d82aaf1f445252571, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:5f:c0:9a:b3:85:03:8b:76:c9:88:56:2e:0d:
                    82:93:c6:6a:b2:3a:32:28:b0:26:08:06:a3:3e:6e:
                    1c:5b:c7:f9:e1:ba:ba:7d:c4:a2:94:3d:76:f7:1a:
                    39:b1:4a:58:00:cd:99:21:f2:34:9d:4b:09:20:40:
                    d7:76:9d:4f:6e:67:85:04:ec:b4:41:d3:19:f3:ff:
                    e1:43:22:b7:fd:bd:9c:9d:62:7b:71:a0:ff:54:72:
                    fd:61:39:54:79:f9:92:56:10:66:30:13:2f:2e:0f:
                    78:40:c7:22:a1:bb:11:cb:d3:0d:f7:f4:73:9f:15:
                    1c:c0:c5:0e:3a:9f:65:8b:6e:7d:20:eb:be:18:6e:
                    ee:81:23:de:58:0b:51:f2:fc:1b:20:af:b5:eb:59:
                    6d:e4:cf:5e:0b:26:c4:c3:a2:77:04:a2:f9:d9:3e:
                    63:79:20:e3:43:49:81:c2:39:0c:4c:ba:c7:e1:07:
                    ea:c8:08:15:89:63:ee:56:21:04:f8:e9:0c:4a:7f:
                    11:b0:2f:5f:ff:bb:e1:c0:8e:09:61:7c:f1:58:5e:
                    2d:e1:30:b6:64:c4:b8:76:69:68:ca:6e:68:e4:4b:
                    08:cd:2e:21:bf:40:2f:74:32:d8:7f:a8:18:54:34:
                    41:4d:64:00:ed:1f:0c:07:54:64:35:39:13:fd:12:
                    e8:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:0B:41:CC:15:63:DF:4D:23:64:3C:AB:D4:BB:CA:78:0F:1B:C2:F9
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/074360a4-6d5a-4717-b08b-25ed674fcad6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.182.228.0/23

    Signature Algorithm: sha256WithRSAEncryption
         99:3a:ac:48:2c:08:0d:d1:88:33:a6:79:31:a0:86:4b:31:cb:
         4e:79:df:a2:02:85:2e:d3:9c:b9:40:78:b1:31:6f:6c:26:ad:
         31:6d:4b:a1:1b:00:46:56:a5:1a:9e:35:cd:6d:36:50:67:aa:
         0e:bd:74:aa:eb:d4:d0:96:72:52:48:06:97:dc:98:1f:ef:5d:
         18:37:65:c7:e6:76:6d:70:68:8d:dc:89:91:f5:3f:7b:21:e2:
         bb:c2:6d:9b:9e:e5:3b:13:f5:35:4c:fb:58:90:cd:0e:d2:de:
         27:40:f1:bb:01:fa:03:6b:3b:94:39:6b:76:76:eb:52:44:51:
         b3:ca:53:68:1b:0b:bf:ee:8f:ea:27:94:17:ae:66:1d:fe:b3:
         9a:fe:94:a8:bd:45:5c:84:c7:15:85:d4:85:51:2f:93:65:e8:
         7f:ef:a0:27:87:18:74:27:92:0c:65:21:79:5a:09:39:84:e3:
         e9:1f:3c:6e:ac:43:8d:0e:24:dd:ff:3b:51:ab:24:74:5b:ef:
         48:a3:4e:06:93:a4:b5:02:ca:87:a5:42:48:59:ce:87:38:6c:
         00:b9:f0:47:1a:01:41:db:cb:d7:16:8e:2d:2e:30:35:60:d7:
         ec:20:58:57:dd:e9:64:dc:57:cf:a0:51:1a:4f:29:4a:92:85:
         de:cc:2b:f7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULxfUgDINp/G1P1m6906nIopU32kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE2MjExNzIyWhcNMjUxMTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkODUxMDJlMDU4NWNlMTRlMDYyYTUyNGVlMWFjNjAwMzIz
ZmRmODE2ZjQ4NDI5MmQ4MmFhZjFmNDQ1MjUyNTcxMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDTX8Cas4UDi3bJiFYuDYKTxmqyOjIosCYIBqM+bhxbx/nh
urp9xKKUPXb3GjmxSlgAzZkh8jSdSwkgQNd2nU9uZ4UE7LRB0xnz/+FDIrf9vZyd
YntxoP9Ucv1hOVR5+ZJWEGYwEy8uD3hAxyKhuxHL0w339HOfFRzAxQ46n2WLbn0g
674Ybu6BI95YC1Hy/Bsgr7XrWW3kz14LJsTDoncEovnZPmN5IONDSYHCOQxMusfh
B+rICBWJY+5WIQT46QxKfxGwL1//u+HAjglhfPFYXi3hMLZkxLh2aWjKbmjkSwjN
LiG/QC90Mth/qBhUNEFNZADtHwwHVGQ1ORP9EuifAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVwtBzBVj300jZDyr1LvKeA8bwvkwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzA3NDM2MGE0LTZkNWEtNDcxNy1iMDhiLTI1ZWQ2NzRmY2FkNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAE2tuQwDQYJKoZIhvcNAQELBQADggEBAJk6rEgsCA3RiDOmeTGghksxy055
36IChS7TnLlAeLExb2wmrTFtS6EbAEZWpRqeNc1tNlBnqg69dKrr1NCWclJIBpfc
mB/vXRg3Zcfmdm1waI3ciZH1P3sh4rvCbZue5TsT9TVM+1iQzQ7S3idA8bsB+gNr
O5Q5a3Z261JEUbPKU2gbC7/uj+onlBeuZh3+s5r+lKi9RVyExxWF1IVRL5Nl6H/v
oCeHGHQnkgxlIXlaCTmE4+kfPG6sQ40OJN3/O1GrJHRb70ijTgaTpLUCyoelQkhZ
zoc4bAC58EcaAUHby9cWji0uMDVg1+wgWFfd6WTcV8+gURpPKUqShd7MK/c=
-----END CERTIFICATE-----