Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/29176684-9654-4098-a54e-bbbf4bfb5f09.roa
File:                     29176684-9654-4098-a54e-bbbf4bfb5f09.roa (raw, json)
Hash identifier:          2aabDVzEmWEQjpUyVGELu1YEZ0RcNf+7cA4AEhA0k18=
Subject key identifier:   32:F6:6F:41:B6:0F:C1:22:B7:77:11:1F:4A:57:DC:C9:58:BF:A9:EE
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4514CC3376A0C92863A3306D5ECF8D3E9C87C3AB
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/29176684-9654-4098-a54e-bbbf4bfb5f09.roa
Signing time:             Thu 16 Oct 2025 21:51:40 +0000
ROA not before:           Thu 16 Oct 2025 21:51:40 +0000
ROA not after:            Thu 20 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.182.78.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:14:cc:33:76:a0:c9:28:63:a3:30:6d:5e:cf:8d:3e:9c:87:c3:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 16 21:51:40 2025 GMT
            Not After : Nov 20 23:59:59 2025 GMT
        Subject: serialNumber=c17453af0f7e42c9144573b3c1538b39aaf34a18659303e9bb7450450ef334af, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:5a:9c:18:12:f3:29:64:6d:b4:68:97:7b:5d:
                    57:db:b6:19:4e:eb:0c:e7:2b:fc:1a:ed:63:f1:5e:
                    ad:34:0c:35:e9:b6:69:67:8e:8a:fc:3e:bd:23:3b:
                    1c:83:c6:78:bb:55:78:3d:fc:54:c1:69:50:03:9c:
                    5b:4e:26:88:b5:bd:9c:d0:bf:48:fa:2d:ba:88:1e:
                    03:3d:66:3a:04:99:ad:f4:07:11:2f:29:4f:1b:b5:
                    49:5a:5c:62:66:0a:f7:09:a7:fc:bd:c9:8c:cb:ef:
                    8f:a7:50:50:55:83:76:84:a8:2e:55:36:28:4a:5c:
                    ab:38:1a:7f:f5:2d:e8:b8:f2:c2:86:87:d4:92:e7:
                    e1:5c:cd:87:f6:4f:a1:55:f4:7f:a0:57:0f:c1:cd:
                    94:0a:7b:57:07:d0:57:65:e2:95:5b:01:31:d1:a7:
                    b8:7a:9f:f8:21:db:19:42:56:1f:1c:27:ad:74:e5:
                    21:fc:b0:c7:0a:e2:98:6e:c8:23:a9:08:26:4c:9a:
                    b8:d7:7a:25:48:fb:7c:d9:be:ad:7d:16:97:62:f0:
                    4f:90:6e:db:b7:1f:55:38:38:37:27:da:e2:2c:5c:
                    0a:b5:63:33:a0:77:8d:29:95:0c:c3:a9:00:61:e6:
                    95:65:2c:d0:5e:a1:22:95:da:4e:74:30:96:99:29:
                    8c:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:F6:6F:41:B6:0F:C1:22:B7:77:11:1F:4A:57:DC:C9:58:BF:A9:EE
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/29176684-9654-4098-a54e-bbbf4bfb5f09.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.182.78.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7b:7b:96:2d:de:e9:57:af:6d:b5:27:af:7f:07:9c:b4:de:0d:
         ea:40:a7:30:f3:17:c5:cc:14:f0:b3:76:96:61:50:fc:4a:5c:
         98:b2:ab:1e:ac:a2:2f:f7:66:6a:5f:96:fa:74:d3:c4:f3:a6:
         72:aa:f4:9a:07:70:4c:83:74:05:d2:2f:98:d0:75:a1:09:4e:
         63:7f:fe:5a:28:cb:cb:74:45:58:a5:2f:ac:07:0e:ac:7a:8c:
         d9:5d:c4:94:28:90:14:11:4a:ae:5b:4c:94:76:b7:82:82:46:
         d7:8c:90:b5:16:fd:07:8f:72:2d:1b:06:68:11:fc:97:41:42:
         a8:74:ba:b3:1e:0f:57:bf:6c:0d:8c:a7:8c:7f:21:46:55:3b:
         da:d8:52:dc:34:d0:d3:2c:bb:0b:4f:5c:f7:27:37:54:c9:ff:
         26:dc:5b:37:f9:d9:a6:0e:db:0a:53:e2:05:21:67:1b:31:ac:
         53:db:05:d7:ed:c0:98:bf:1e:7c:ef:c9:4f:e6:7d:64:1c:13:
         68:e5:78:6d:ee:1c:ae:ba:7f:50:3d:e7:d6:b6:da:cd:9c:48:
         6f:72:db:7b:63:88:69:28:f9:6a:56:3f:4c:a5:9c:57:6b:34:
         8d:d5:0f:b1:de:9e:36:35:ab:03:5d:9d:a5:7d:41:dc:b6:92:
         3b:81:4b:69
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURRTMM3agyShjozBtXs+NPpyHw6swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE2MjE1MTQwWhcNMjUxMTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BjMTc0NTNhZjBmN2U0MmM5MTQ0NTczYjNjMTUzOGIzOWFh
ZjM0YTE4NjU5MzAzZTliYjc0NTA0NTBlZjMzNGFmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsWpwYEvMpZG20aJd7XVfbthlO6wznK/wa7WPxXq00DDXp
tmlnjor8Pr0jOxyDxni7VXg9/FTBaVADnFtOJoi1vZzQv0j6LbqIHgM9ZjoEma30
BxEvKU8btUlaXGJmCvcJp/y9yYzL74+nUFBVg3aEqC5VNihKXKs4Gn/1Lei48sKG
h9SS5+FczYf2T6FV9H+gVw/BzZQKe1cH0Fdl4pVbATHRp7h6n/gh2xlCVh8cJ610
5SH8sMcK4phuyCOpCCZMmrjXeiVI+3zZvq19Fpdi8E+Qbtu3H1U4ODcn2uIsXAq1
YzOgd40plQzDqQBh5pVlLNBeoSKV2k50MJaZKYzhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUMvZvQbYPwSK3dxEfSlfcyVi/qe4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzI5MTc2Njg0LTk2NTQtNDA5OC1hNTRlLWJiYmY0YmZiNWYwOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAE2tk4wDQYJKoZIhvcNAQELBQADggEBAHt7li3e6VevbbUnr38HnLTeDepA
pzDzF8XMFPCzdpZhUPxKXJiyqx6soi/3Zmpflvp008TzpnKq9JoHcEyDdAXSL5jQ
daEJTmN//looy8t0RVilL6wHDqx6jNldxJQokBQRSq5bTJR2t4KCRteMkLUW/QeP
ci0bBmgR/JdBQqh0urMeD1e/bA2Mp4x/IUZVO9rYUtw00NMsuwtPXPcnN1TJ/ybc
Wzf52aYO2wpT4gUhZxsxrFPbBdftwJi/HnzvyU/mfWQcE2jleG3uHK66f1A959a2
2s2cSG9y23tjiGko+WpWP0ylnFdrNI3VD7HenjY1qwNdnaV9Qdy2kjuBS2k=
-----END CERTIFICATE-----