Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1da3f1fb-2590-422d-9b28-4bd14d22f09b.roa
File:                     1da3f1fb-2590-422d-9b28-4bd14d22f09b.roa (raw, json)
Hash identifier:          fW4qgKe6w4OOq49JsgMV1wGqugyReFwo79daBWxtpO8=
Subject key identifier:   79:94:11:CF:FB:D8:F9:CE:65:DB:96:42:8C:2E:40:07:F6:84:66:52
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4CA289F9D3ED8921D6CC0F11CD09229E8E27FD
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1da3f1fb-2590-422d-9b28-4bd14d22f09b.roa
Signing time:             Tue 05 Aug 2025 17:20:26 +0000
ROA not before:           Tue 05 Aug 2025 17:20:26 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.239.113.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 22 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:a2:89:f9:d3:ed:89:21:d6:cc:0f:11:cd:09:22:9e:8e:27:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Aug  5 17:20:26 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=c3af73d325c9205286d1f4c401f95554224642d4e4e04f1ac23effd62d572da9, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:f8:e0:e8:3c:37:13:1f:71:cc:08:24:4c:9b:
                    1e:28:98:41:06:22:58:6d:da:68:53:7e:cf:ed:07:
                    7c:09:c2:c5:7c:99:61:15:a8:1c:63:2d:01:cb:56:
                    4f:34:3c:8f:11:9d:a7:27:18:59:e1:a6:87:71:c1:
                    e6:af:55:15:bd:7c:12:c6:29:b1:5f:a4:ba:67:73:
                    4a:7a:f2:27:fe:6e:a5:95:5a:45:d9:7c:7c:ae:dd:
                    a9:3a:19:bd:d1:25:3d:dc:3f:3b:64:ba:1e:17:ce:
                    1a:db:0b:19:5c:82:39:1d:0b:25:88:65:f1:92:d9:
                    6a:49:63:2b:94:e1:e3:5c:08:5a:50:d5:75:e3:4c:
                    03:c2:5b:e7:23:0e:28:98:25:14:fd:19:0f:39:1f:
                    eb:c1:78:a4:7c:e7:7e:18:52:bd:0f:78:2e:80:b9:
                    00:68:e5:ea:e5:b8:1c:f2:6b:26:69:67:e3:03:7f:
                    69:ab:ec:a9:fb:8f:d0:ed:be:14:76:f0:18:d4:ec:
                    a8:46:e4:ef:2b:f5:41:7e:4e:5e:a0:f8:3b:5d:10:
                    5c:24:ac:8e:bb:29:d7:36:98:e9:2a:37:7e:d0:61:
                    e1:13:81:52:33:b2:54:57:d3:65:29:43:3c:bb:bf:
                    6e:26:40:96:5e:95:f8:1c:81:5b:56:4c:e3:0b:21:
                    ec:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:94:11:CF:FB:D8:F9:CE:65:DB:96:42:8C:2E:40:07:F6:84:66:52
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1da3f1fb-2590-422d-9b28-4bd14d22f09b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.239.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:4a:00:72:9e:3d:39:89:99:4a:33:ea:9a:47:be:64:fd:24:
         13:0d:9b:74:e7:c0:15:6d:7c:2b:ee:9c:da:01:2c:48:8e:32:
         ed:68:c7:9b:37:9d:bb:5c:22:f6:79:fb:45:6e:62:52:b8:f4:
         cd:c6:2e:57:42:cb:22:14:3b:25:c9:d7:f3:50:e8:2a:00:75:
         39:2b:ba:24:94:3a:1a:86:0e:69:8d:ea:cb:2b:0d:cc:94:e9:
         d1:61:b4:f1:c1:22:9a:ad:ed:47:bc:40:c8:e7:f1:37:66:80:
         83:12:f7:cd:89:ac:6d:2c:bc:14:9e:50:35:1b:1f:64:b2:09:
         6f:eb:99:c0:62:d9:b7:aa:76:6b:64:3f:4e:b2:f6:ca:e4:a2:
         48:29:88:6e:dd:14:a4:b1:ae:c1:94:01:ee:48:4c:f0:e9:55:
         45:93:f3:bb:3f:52:8f:33:b7:2e:f1:43:6c:32:54:9a:c8:09:
         20:07:85:b3:5e:55:11:15:92:50:fc:a4:ed:2a:47:60:a0:06:
         b7:7d:58:53:f8:64:8f:0b:e8:89:ca:64:4e:a4:6c:03:53:03:
         7d:af:63:05:77:a0:69:23:18:71:5c:fb:25:81:d9:27:00:d2:
         49:8d:58:9b:75:3f:25:27:70:ca:aa:23:91:ec:30:28:3b:d7:
         80:35:25:14
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITTKKJ+dPtiSHWzA8RzQkino4n/TANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzJkZjZmM2IzYTM0YjYzODZkMWEzMmQ4ZjRmYTMxNzhlZjMx
ODg3ZDhiNDI4ZGZhYTQ3NjAeFw0yNTA4MDUxNzIwMjZaFw0yNTA5MDkyMzU5NTla
MHoxSTBHBgNVBAUTQGMzYWY3M2QzMjVjOTIwNTI4NmQxZjRjNDAxZjk1NTU0MjI0
NjQyZDRlNGUwNGYxYWMyM2VmZmQ2MmQ1NzJkYTkxLTArBgNVBAMTJDVmMjc2MDQ1
LTViOWYtNDVlZi05MjNkLWYzZmNlMjRhNjIyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJz44Og8NxMfccwIJEybHiiYQQYiWG3aaFN+z+0HfAnCxXyZ
YRWoHGMtActWTzQ8jxGdpycYWeGmh3HB5q9VFb18EsYpsV+kumdzSnryJ/5upZVa
Rdl8fK7dqToZvdElPdw/O2S6HhfOGtsLGVyCOR0LJYhl8ZLZakljK5Th41wIWlDV
deNMA8Jb5yMOKJglFP0ZDzkf68F4pHznfhhSvQ94LoC5AGjl6uW4HPJrJmln4wN/
aavsqfuP0O2+FHbwGNTsqEbk7yv1QX5OXqD4O10QXCSsjrsp1zaY6So3ftBh4ROB
UjOyVFfTZSlDPLu/biZAll6V+ByBW1ZM4wsh7GUCAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBR5lBHP+9j5zmXblkKMLkAH9oRmUjAfBgNVHSMEGDAWgBQlrdNCsB63pY6t
GZAmiLVLP4H0uDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzg1MWNlZjE3LTEz
MmEtNDMzNy1iN2QxLWJmMTZhNTJmZmQwMy9kZjZmM2IzYTM0YjYzODZkMWEzMmQ4
ZjRmYTMxNzhlZjMxODg3ZDhiNDI4ZGZhYTQ3Ni5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9mNzAzNjk2ZS1lNDdiLTRjMjAtYmQ5My02Zjgw
OTA0ZTQyZDIvMWRhM2YxZmItMjU5MC00MjJkLTliMjgtNGJkMTRkMjJmMDliLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMt
NmY4MDkwNGU0MmQyL3RqaHRHakxZOVBveGVPOHhpSDJMUW8zNnBIWS5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEADbvcTANBgkqhkiG9w0BAQsFAAOCAQEAFEoAcp49OYmZSjPqmke+ZP0kEw2b
dOfAFW18K+6c2gEsSI4y7WjHmzedu1wi9nn7RW5iUrj0zcYuV0LLIhQ7JcnX81Do
KgB1OSu6JJQ6GoYOaY3qyysNzJTp0WG08cEimq3tR7xAyOfxN2aAgxL3zYmsbSy8
FJ5QNRsfZLIJb+uZwGLZt6p2a2Q/TrL2yuSiSCmIbt0UpLGuwZQB7khM8OlVRZPz
uz9SjzO3LvFDbDJUmsgJIAeFs15VERWSUPyk7SpHYKAGt31YU/hkjwvoicpkTqRs
A1MDfa9jBXegaSMYcVz7JYHZJwDSSY1Ym3U/JSdwyqojkewwKDvXgDUlFA==
-----END CERTIFICATE-----