Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4ed46c33-65ef-488c-97e8-2241e4cdee74.roa
File:                     4ed46c33-65ef-488c-97e8-2241e4cdee74.roa (raw, json)
Hash identifier:          popZNl0a1UX2juzlL7LTDLm9WNHDkWOFGH84ePo9hXA=
Subject key identifier:   9E:BF:20:CD:F8:32:F1:BC:E1:B7:86:04:4E:8F:76:DB:0C:C5:05:96
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       240B6AE1F3ABD196798741A636B7AF34A3B182BF
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4ed46c33-65ef-488c-97e8-2241e4cdee74.roa
Signing time:             Tue 19 Aug 2025 16:01:40 +0000
ROA not before:           Tue 19 Aug 2025 16:01:40 +0000
ROA not after:            Tue 23 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.168.192.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 22 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:0b:6a:e1:f3:ab:d1:96:79:87:41:a6:36:b7:af:34:a3:b1:82:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Aug 19 16:01:40 2025 GMT
            Not After : Sep 23 23:59:59 2025 GMT
        Subject: serialNumber=e038b9ca5277bc1dc71b4f42271c2047155fdddc357bbf2ff00bd0f320e68e3b, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:3b:4f:63:0a:97:aa:e6:f4:ad:a2:0c:43:09:
                    d3:a8:f3:8d:cf:43:bf:18:fe:d8:88:56:5a:4c:71:
                    c4:67:ed:fd:11:7b:71:b2:97:43:ea:6d:37:16:6b:
                    8e:99:a6:3a:88:c6:07:19:e8:f2:3f:44:bd:e8:f6:
                    6c:9c:82:54:c5:8d:cd:eb:48:11:1d:8e:c2:33:d1:
                    07:74:71:4b:90:66:3c:df:27:72:67:e5:f3:ec:43:
                    46:0a:50:9a:26:96:4c:5e:81:7f:f8:9c:bd:d7:a2:
                    8c:94:64:8c:1c:c5:67:78:ab:0b:bf:7d:89:22:49:
                    b3:16:19:61:e5:bf:17:97:de:00:7f:6b:ce:c7:fb:
                    a8:02:88:0b:f6:b5:e6:68:f7:a0:33:46:9c:ab:c3:
                    46:e4:5e:ea:9f:ac:b6:b9:07:38:b0:d3:9d:b4:f8:
                    08:bc:af:50:9c:79:f7:26:b7:89:3b:a2:90:64:e7:
                    f3:34:29:f3:18:1b:90:21:f5:ee:8b:6a:2c:33:4f:
                    67:67:98:9e:33:e2:c6:ff:b3:d0:c1:2c:f8:e5:1c:
                    df:54:99:91:1b:65:06:d1:75:ac:13:eb:fe:88:01:
                    79:24:a9:09:04:68:77:d8:b3:f4:a7:ab:3c:cc:2c:
                    e3:7d:7f:c5:43:da:b4:86:8d:9f:16:c5:9b:fd:21:
                    aa:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:BF:20:CD:F8:32:F1:BC:E1:B7:86:04:4E:8F:76:DB:0C:C5:05:96
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4ed46c33-65ef-488c-97e8-2241e4cdee74.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.168.192.0/19

    Signature Algorithm: sha256WithRSAEncryption
         2a:eb:f4:36:5d:b6:b2:a1:53:d3:6e:30:f6:3a:51:8d:e4:f9:
         97:35:e9:c3:ba:fd:db:6b:54:32:3e:d0:69:26:68:be:c8:1b:
         5f:a2:af:34:5a:23:84:ab:70:b9:8c:24:e3:d3:8a:13:2e:6b:
         74:fd:1a:b7:aa:65:ba:dc:8f:47:af:5f:02:d8:8a:7d:53:86:
         00:29:6c:ce:d1:13:ba:f0:a0:8b:86:bb:b1:55:05:43:05:61:
         fe:38:3b:e2:91:d6:fd:bc:ae:03:da:a6:86:ce:63:56:d0:30:
         ce:a1:21:47:9f:97:fb:4a:fa:0e:5c:c0:7e:ad:50:1b:a6:a5:
         68:82:be:88:da:9d:75:e9:0a:84:14:75:82:34:69:53:64:ad:
         8e:3a:e9:43:b9:ad:ad:9c:39:21:d6:b6:15:94:50:35:1a:55:
         9e:b0:3a:57:5a:3f:50:6d:c0:81:32:9c:fd:72:21:db:ff:3f:
         14:f8:28:7e:5b:09:e4:17:aa:32:77:22:0b:03:33:f6:64:41:
         e4:56:cb:ac:32:49:7c:ef:41:3c:3d:08:07:c3:01:00:1a:6e:
         fc:c5:2a:90:85:97:ac:1a:56:91:ac:58:af:b1:7b:af:0d:94:
         7b:28:8d:dc:f3:cc:9b:4f:29:3f:82:fd:f2:ee:ed:0f:17:22:
         35:8b:1f:10
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJAtq4fOr0ZZ5h0GmNrevNKOxgr8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwODE5MTYwMTQwWhcNMjUwOTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlMDM4YjljYTUyNzdiYzFkYzcxYjRmNDIyNzFjMjA0NzE1
NWZkZGRjMzU3YmJmMmZmMDBiZDBmMzIwZTY4ZTNiMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2O09jCpeq5vStogxDCdOo843PQ78Y/tiIVlpMccRn7f0R
e3Gyl0PqbTcWa46ZpjqIxgcZ6PI/RL3o9mycglTFjc3rSBEdjsIz0Qd0cUuQZjzf
J3Jn5fPsQ0YKUJomlkxegX/4nL3XooyUZIwcxWd4qwu/fYkiSbMWGWHlvxeX3gB/
a87H+6gCiAv2teZo96AzRpyrw0bkXuqfrLa5Bziw0520+Ai8r1Ccefcmt4k7opBk
5/M0KfMYG5Ah9e6LaiwzT2dnmJ4z4sb/s9DBLPjlHN9UmZEbZQbRdawT6/6IAXkk
qQkEaHfYs/SnqzzMLON9f8VD2rSGjZ8WxZv9Iap5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUnr8gzfgy8bzht4YETo922wzFBZYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzRlZDQ2YzMzLTY1ZWYtNDg4Yy05N2U4LTIyNDFlNGNkZWU3NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU2qMAwDQYJKoZIhvcNAQELBQADggEBACrr9DZdtrKhU9NuMPY6UY3k+Zc1
6cO6/dtrVDI+0GkmaL7IG1+irzRaI4SrcLmMJOPTihMua3T9GreqZbrcj0evXwLY
in1ThgApbM7RE7rwoIuGu7FVBUMFYf44O+KR1v28rgPapobOY1bQMM6hIUefl/tK
+g5cwH6tUBumpWiCvojanXXpCoQUdYI0aVNkrY466UO5ra2cOSHWthWUUDUaVZ6w
OldaP1BtwIEynP1yIdv/PxT4KH5bCeQXqjJ3IgsDM/ZkQeRWy6wySXzvQTw9CAfD
AQAabvzFKpCFl6waVpGsWK+xe68NlHsojdzzzJtPKT+C/fLu7Q8XIjWLHxA=
-----END CERTIFICATE-----