Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3ae6e6f6-6a5b-4027-9524-5bedd41e0a69.roa
File:                     3ae6e6f6-6a5b-4027-9524-5bedd41e0a69.roa (raw, json)
Hash identifier:          xSAOR5JjEZV64+F+ym6SoZh+AA4zFc7h+1P+Rhh8wDc=
Subject key identifier:   16:F8:92:FF:52:D1:3C:DB:88:F3:4B:F9:2D:21:0F:BB:8A:81:59:4A
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       12C609E413DE4A3AA466E866945AF55E510BFDE3
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3ae6e6f6-6a5b-4027-9524-5bedd41e0a69.roa
Signing time:             Wed 20 Aug 2025 00:21:30 +0000
ROA not before:           Wed 20 Aug 2025 00:21:30 +0000
ROA not after:            Wed 24 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.177.80.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 22 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:c6:09:e4:13:de:4a:3a:a4:66:e8:66:94:5a:f5:5e:51:0b:fd:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Aug 20 00:21:30 2025 GMT
            Not After : Sep 24 23:59:59 2025 GMT
        Subject: serialNumber=5b63a522ff83945d53382e2fe508438df2fe060ca0b523df797df0d47c94f719, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:0a:3d:19:29:83:9b:10:b0:24:ec:2f:ec:9f:
                    25:42:59:97:d7:4d:af:72:f7:0d:19:58:2b:b4:ca:
                    ff:99:b9:03:58:b4:6c:31:00:6f:a0:e2:28:0d:90:
                    79:b6:e0:c6:b4:df:04:47:6d:79:e7:ac:85:c2:71:
                    b0:a7:1d:a2:ed:3e:97:34:44:ab:6c:b2:4d:ca:d0:
                    b3:85:9d:73:39:b2:42:7b:78:5b:c1:a1:da:ea:e9:
                    72:b7:91:ba:51:1e:48:f6:15:ff:39:9b:0a:a5:86:
                    3f:81:2c:c5:42:70:d9:0b:9b:a9:9d:e0:64:a8:5d:
                    a6:24:01:bf:27:f8:c6:43:c8:16:f7:94:2f:a5:a7:
                    33:fc:74:e8:85:b9:e9:68:99:fc:81:5e:f1:de:42:
                    bd:b7:43:0f:19:f4:c0:70:d7:ec:6d:c1:f6:71:38:
                    3d:33:8d:44:3a:6a:c4:8c:38:69:04:2b:a6:28:18:
                    78:29:8a:33:9e:c8:73:f1:21:16:fd:7c:6d:49:cc:
                    d9:a1:5f:7e:1a:4f:ae:cb:7a:17:8d:61:42:c4:7d:
                    1c:71:38:f5:d5:4f:e0:46:7c:de:fa:62:f5:c2:d9:
                    02:d1:07:47:51:39:cb:25:d9:9e:6b:a8:25:cf:6a:
                    8a:f2:bb:10:66:fc:f3:26:1f:73:c3:59:78:e0:9e:
                    ce:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:F8:92:FF:52:D1:3C:DB:88:F3:4B:F9:2D:21:0F:BB:8A:81:59:4A
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3ae6e6f6-6a5b-4027-9524-5bedd41e0a69.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.177.80.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:0e:43:77:9f:50:15:8e:5f:69:e2:61:9a:a5:86:90:44:67:
         7c:ae:9e:73:0e:f0:86:e3:18:db:c1:80:27:e8:2c:db:91:f9:
         ff:ab:e8:4d:e8:94:99:eb:3d:10:b8:9c:0d:d5:a9:ae:dc:22:
         4e:90:a5:24:22:b2:d6:5c:10:30:59:e7:46:88:70:04:fb:2d:
         36:bf:3c:6f:3d:f0:45:42:a2:38:f8:41:3d:16:5f:99:ce:b2:
         33:74:38:92:fe:a2:50:64:5a:3b:17:51:38:4f:f0:0e:c3:8b:
         a2:f8:1b:d0:4b:47:10:71:78:f3:e9:02:ee:ff:36:ea:80:b1:
         c2:8f:64:5e:12:bd:01:82:1f:9f:6b:03:0d:54:7f:8b:e9:ed:
         63:59:8e:98:7e:42:a5:7c:d2:60:71:8a:d2:7a:ac:68:84:13:
         79:8f:35:2a:9b:f4:7e:40:88:4d:df:d1:14:22:65:39:09:43:
         b0:2b:d4:97:89:0c:86:61:7b:a2:3e:a5:63:a4:cd:c9:a2:a1:
         68:5d:20:99:3c:19:47:00:0d:88:c6:fb:57:5f:88:06:b8:d4:
         c8:66:76:3d:88:29:79:06:31:57:52:48:d2:04:00:06:9c:14:
         e3:48:52:4a:62:5e:ba:80:37:50:ce:c6:75:c6:6d:c0:c7:f4:
         b5:65:f8:59
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEsYJ5BPeSjqkZuhmlFr1XlEL/eMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwODIwMDAyMTMwWhcNMjUwOTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A1YjYzYTUyMmZmODM5NDVkNTMzODJlMmZlNTA4NDM4ZGYy
ZmUwNjBjYTBiNTIzZGY3OTdkZjBkNDdjOTRmNzE5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvCj0ZKYObELAk7C/snyVCWZfXTa9y9w0ZWCu0yv+ZuQNY
tGwxAG+g4igNkHm24Ma03wRHbXnnrIXCcbCnHaLtPpc0RKtssk3K0LOFnXM5skJ7
eFvBodrq6XK3kbpRHkj2Ff85mwqlhj+BLMVCcNkLm6md4GSoXaYkAb8n+MZDyBb3
lC+lpzP8dOiFuelomfyBXvHeQr23Qw8Z9MBw1+xtwfZxOD0zjUQ6asSMOGkEK6Yo
GHgpijOeyHPxIRb9fG1JzNmhX34aT67LeheNYULEfRxxOPXVT+BGfN76YvXC2QLR
B0dROcsl2Z5rqCXPaoryuxBm/PMmH3PDWXjgns57AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUFviS/1LRPNuI80v5LSEPu4qBWUowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzNhZTZlNmY2LTZhNWItNDAyNy05NTI0LTViZWRkNDFlMGE2OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAPsVAwDQYJKoZIhvcNAQELBQADggEBAJYOQ3efUBWOX2niYZqlhpBEZ3yu
nnMO8IbjGNvBgCfoLNuR+f+r6E3olJnrPRC4nA3Vqa7cIk6QpSQistZcEDBZ50aI
cAT7LTa/PG898EVCojj4QT0WX5nOsjN0OJL+olBkWjsXUThP8A7Di6L4G9BLRxBx
ePPpAu7/NuqAscKPZF4SvQGCH59rAw1Uf4vp7WNZjph+QqV80mBxitJ6rGiEE3mP
NSqb9H5AiE3f0RQiZTkJQ7Ar1JeJDIZhe6I+pWOkzcmioWhdIJk8GUcADYjG+1df
iAa41Mhmdj2IKXkGMVdSSNIEAAacFONIUkpiXrqAN1DOxnXGbcDH9LVl+Fk=
-----END CERTIFICATE-----