Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0d2c3634-e11e-4da7-bc65-026b9cc14192.roa
File:                     0d2c3634-e11e-4da7-bc65-026b9cc14192.roa (raw, json)
Hash identifier:          8jZEysWIJlx/B+BT2U1dj5u6XCllXrigOHQsFrKR9uA=
Subject key identifier:   CA:9B:7B:E4:59:04:C5:DC:88:8B:5F:6C:40:E0:BA:73:D2:B8:7A:A1
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       736E7FF510D04B3C5DCC3A2984B632EFE467A1D4
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0d2c3634-e11e-4da7-bc65-026b9cc14192.roa
Signing time:             Tue 05 Aug 2025 17:40:15 +0000
ROA not before:           Tue 05 Aug 2025 17:40:15 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.92.224.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 22 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:6e:7f:f5:10:d0:4b:3c:5d:cc:3a:29:84:b6:32:ef:e4:67:a1:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Aug  5 17:40:15 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=b69dbb0fb5c63d11fe017ecbdb11859c8a2b0ce2098b5099db19c198cf8a8ed2, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:34:c2:ee:75:dd:bd:90:45:4b:1f:16:ed:2b:
                    dd:91:aa:3f:c7:e4:ca:75:b7:ae:3b:a0:a6:28:c6:
                    d7:09:2d:b2:76:f8:37:a1:e9:d9:ec:07:1d:9d:54:
                    86:3b:0e:a0:3b:23:89:20:e5:51:71:b0:98:cc:45:
                    d3:fa:38:c3:30:d7:b5:4a:29:8e:17:c5:2f:11:34:
                    8d:c4:d6:c0:f4:5f:82:a9:dd:e2:05:0d:96:0c:0d:
                    ad:2e:57:ad:86:03:8a:9c:4a:e1:90:f5:94:20:ee:
                    86:b7:61:dd:3b:b4:85:06:cd:28:ab:c0:f3:fe:b2:
                    4d:92:ca:a4:9f:1d:5c:04:d8:70:88:af:94:8f:f0:
                    74:a6:dd:fa:ed:2b:eb:fc:87:dc:57:db:d5:d8:ae:
                    66:58:d1:d8:86:82:71:5f:0c:85:18:a1:66:30:72:
                    cd:0e:d6:54:e6:89:ad:7d:18:6d:e0:e4:c6:39:f9:
                    10:41:a8:15:5c:77:e8:bb:d8:a4:79:09:49:e8:98:
                    8f:2e:e6:02:16:2e:56:0e:6d:9b:86:c2:00:09:b5:
                    8c:59:1c:de:ee:07:e3:5d:95:60:fa:f7:fe:6f:b0:
                    08:d2:7b:6e:bd:ed:9d:54:6e:95:19:c5:cb:99:3f:
                    97:ed:98:e0:fb:1d:2d:5b:66:14:77:3a:a3:ea:2d:
                    96:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:9B:7B:E4:59:04:C5:DC:88:8B:5F:6C:40:E0:BA:73:D2:B8:7A:A1
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0d2c3634-e11e-4da7-bc65-026b9cc14192.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.92.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         ae:07:6b:ac:66:0a:41:60:ff:6d:6b:bf:15:b9:a3:19:c3:a8:
         ea:24:a7:0d:88:23:f6:0f:90:cf:f2:68:d9:4b:ca:59:2d:a3:
         e8:49:02:e4:24:32:a8:54:e4:36:15:20:86:5f:79:2b:a3:a1:
         a8:ec:99:04:55:3c:84:f5:f6:62:f7:40:00:16:d2:a6:95:75:
         3a:c5:ab:ff:85:6f:53:f5:01:50:08:93:f8:1c:55:b0:4a:d3:
         3d:26:5a:00:7f:d7:ef:06:71:b8:da:18:f1:11:75:99:7f:0d:
         69:e1:a4:6c:bb:5b:cd:42:23:80:ab:8b:34:d8:5f:89:7f:b5:
         b7:4b:11:af:db:c8:a3:f5:83:23:b6:68:9c:79:9e:4c:1f:42:
         15:d7:c2:d2:75:33:7f:1a:a4:c6:a9:39:9a:55:5a:8d:05:2e:
         05:5f:12:38:20:40:2c:48:5b:cd:a7:31:f2:b2:b4:7c:09:68:
         5b:d3:91:3f:c8:50:61:b0:4e:e6:c7:d9:2c:16:80:d3:7a:27:
         35:9d:f2:85:7b:96:a8:93:20:ef:c8:4c:8a:20:9c:c8:ec:6b:
         74:af:6a:ba:5b:96:51:25:b9:55:ce:6d:96:ff:42:93:84:e8:
         c4:ac:b1:6f:3d:5f:0a:c7:e0:7f:f9:e7:8e:d1:7f:c2:23:d3:
         e1:b7:00:42
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUc25/9RDQSzxdzDophLYy7+RnodQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwODA1MTc0MDE1WhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNjlkYmIwZmI1YzYzZDExZmUwMTdlY2JkYjExODU5Yzhh
MmIwY2UyMDk4YjUwOTlkYjE5YzE5OGNmOGE4ZWQyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzNMLudd29kEVLHxbtK92Rqj/H5Mp1t647oKYoxtcJLbJ2
+Deh6dnsBx2dVIY7DqA7I4kg5VFxsJjMRdP6OMMw17VKKY4XxS8RNI3E1sD0X4Kp
3eIFDZYMDa0uV62GA4qcSuGQ9ZQg7oa3Yd07tIUGzSirwPP+sk2SyqSfHVwE2HCI
r5SP8HSm3frtK+v8h9xX29XYrmZY0diGgnFfDIUYoWYwcs0O1lTmia19GG3g5MY5
+RBBqBVcd+i72KR5CUnomI8u5gIWLlYObZuGwgAJtYxZHN7uB+NdlWD69/5vsAjS
e2697Z1UbpUZxcuZP5ftmOD7HS1bZhR3OqPqLZarAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUypt75FkExdyIi19sQOC6c9K4eqEwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzBkMmMzNjM0LWUxMWUtNGRhNy1iYzY1LTAyNmI5Y2MxNDE5Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU2XOAwDQYJKoZIhvcNAQELBQADggEBAK4Ha6xmCkFg/21rvxW5oxnDqOok
pw2II/YPkM/yaNlLylkto+hJAuQkMqhU5DYVIIZfeSujoajsmQRVPIT19mL3QAAW
0qaVdTrFq/+Fb1P1AVAIk/gcVbBK0z0mWgB/1+8GcbjaGPERdZl/DWnhpGy7W81C
I4CrizTYX4l/tbdLEa/byKP1gyO2aJx5nkwfQhXXwtJ1M38apMapOZpVWo0FLgVf
EjggQCxIW82nMfKytHwJaFvTkT/IUGGwTubH2SwWgNN6JzWd8oV7lqiTIO/ITIog
nMjsa3SvarpbllEluVXObZb/QpOE6MSssW89XwrH4H/5547Rf8Ij0+G3AEI=
-----END CERTIFICATE-----