Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4f064262-b3c9-4ee0-98c0-4dd833ee6227.roa
File:                     4f064262-b3c9-4ee0-98c0-4dd833ee6227.roa (raw, json)
Hash identifier:          UtyHEtHXaJpMDxE3eBjH24vUkVe9diTo4kK1574PTcw=
Subject key identifier:   FC:F5:3E:17:F4:19:D3:32:A2:BE:67:31:28:ED:34:B5:8D:67:CF:35
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       1B92E938DBF208A91DBCE8A09BB996BBEDA8AF43
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4f064262-b3c9-4ee0-98c0-4dd833ee6227.roa
Signing time:             Thu 16 Oct 2025 21:18:44 +0000
ROA not before:           Thu 16 Oct 2025 21:18:44 +0000
ROA not after:            Thu 20 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.182.244.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:92:e9:38:db:f2:08:a9:1d:bc:e8:a0:9b:b9:96:bb:ed:a8:af:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 16 21:18:44 2025 GMT
            Not After : Nov 20 23:59:59 2025 GMT
        Subject: serialNumber=01a316e0124cf346bc7d79fa8d16bec33a261af6606e73646826fa50ac9e1bf2, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:dd:05:d4:ee:be:b1:9d:ae:5c:75:5d:f2:3d:
                    00:c2:59:c0:60:54:58:52:8e:bc:49:bf:b1:e4:fd:
                    00:d9:c6:05:0c:be:3f:31:e2:16:ce:bd:11:6c:e4:
                    3a:ca:5e:44:af:74:c1:84:4b:cc:0a:cf:b0:ec:fa:
                    c3:ce:b1:36:9d:87:41:f5:39:1c:f3:70:c6:57:f9:
                    ad:d3:93:ea:45:f1:c1:4a:da:90:d6:c2:b5:44:f7:
                    10:33:eb:68:ce:39:78:88:eb:3e:6d:d0:76:18:6e:
                    69:00:a6:cd:56:2d:5a:c5:3b:3a:d4:be:b1:74:d4:
                    10:e8:30:0e:9b:7f:6c:1b:a7:02:2d:9d:36:7a:ba:
                    7a:c0:77:ca:1d:b9:54:28:04:12:7f:e9:a8:39:61:
                    61:fd:0f:43:7c:0e:94:01:2a:5b:92:19:bf:d6:e1:
                    9d:5c:d0:88:c5:9b:c5:7d:0f:1a:15:b8:73:05:17:
                    60:ed:c9:b8:42:32:76:10:89:b1:1b:4d:0d:e6:85:
                    ec:dd:43:88:b6:68:15:44:e0:32:06:e5:0a:7f:8f:
                    87:91:97:62:5e:fa:c3:e1:e5:64:d2:a6:2c:89:9c:
                    79:a0:d5:a9:ae:90:57:8d:55:a8:09:cb:9f:7c:88:
                    e2:94:54:fb:b2:f9:ff:aa:f9:a7:2b:a0:b0:91:5f:
                    52:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:F5:3E:17:F4:19:D3:32:A2:BE:67:31:28:ED:34:B5:8D:67:CF:35
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4f064262-b3c9-4ee0-98c0-4dd833ee6227.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.182.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6a:cf:d3:61:7e:83:63:2e:27:04:43:f5:56:77:54:6d:de:09:
         9b:35:ab:e3:aa:a6:b9:a1:ec:47:e9:cb:32:f8:2b:11:88:8e:
         f1:ec:a6:0c:29:ac:5a:51:f9:d0:d0:dd:2d:b3:73:b3:91:dc:
         7a:37:18:51:19:07:b0:69:ad:09:e7:b0:36:f1:f0:1a:66:a3:
         53:3f:5b:f6:05:c2:16:33:ba:6c:58:6b:4f:4a:af:e5:80:d0:
         6c:ef:0c:b4:d7:9c:e7:f0:32:ad:2c:db:61:03:7c:6a:70:cd:
         c3:40:95:38:1d:0b:2e:5e:79:54:d3:47:77:c5:ff:9d:a5:aa:
         2b:fb:df:79:a7:1c:fa:26:5b:8a:fc:ee:ee:a8:ae:83:71:4f:
         8d:a3:20:fe:7b:71:56:d1:68:6a:3a:89:e0:52:74:5c:ef:36:
         bb:4e:6d:74:ba:d3:9a:48:2f:47:33:78:99:34:0c:55:e1:4e:
         3c:21:41:78:07:f4:a2:56:fb:d3:d3:62:fc:06:13:29:02:bd:
         fe:02:0f:c6:e9:76:be:9c:32:0c:3d:2a:22:bb:30:5f:3f:55:
         b9:a5:dd:85:de:31:c7:60:71:ed:eb:e8:5d:e8:f0:6d:04:ec:
         b6:37:f6:c3:bc:5f:4c:e5:61:fd:91:b0:6d:fc:f0:de:83:45:
         df:5f:47:ce
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUG5LpONvyCKkdvOigm7mWu+2or0MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE2MjExODQ0WhcNMjUxMTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0AwMWEzMTZlMDEyNGNmMzQ2YmM3ZDc5ZmE4ZDE2YmVjMzNh
MjYxYWY2NjA2ZTczNjQ2ODI2ZmE1MGFjOWUxYmYyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCR3QXU7r6xna5cdV3yPQDCWcBgVFhSjrxJv7Hk/QDZxgUM
vj8x4hbOvRFs5DrKXkSvdMGES8wKz7Ds+sPOsTadh0H1ORzzcMZX+a3Tk+pF8cFK
2pDWwrVE9xAz62jOOXiI6z5t0HYYbmkAps1WLVrFOzrUvrF01BDoMA6bf2wbpwIt
nTZ6unrAd8oduVQoBBJ/6ag5YWH9D0N8DpQBKluSGb/W4Z1c0IjFm8V9DxoVuHMF
F2DtybhCMnYQibEbTQ3mhezdQ4i2aBVE4DIG5Qp/j4eRl2Je+sPh5WTSpiyJnHmg
1amukFeNVagJy598iOKUVPuy+f+q+acroLCRX1I/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU/PU+F/QZ0zKivmcxKO00tY1nzzUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzRmMDY0MjYyLWIzYzktNGVlMC05OGMwLTRkZDgzM2VlNjIyNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAI2tvQwDQYJKoZIhvcNAQELBQADggEBAGrP02F+g2MuJwRD9VZ3VG3eCZs1
q+Oqprmh7EfpyzL4KxGIjvHspgwprFpR+dDQ3S2zc7OR3Ho3GFEZB7BprQnnsDbx
8Bpmo1M/W/YFwhYzumxYa09Kr+WA0GzvDLTXnOfwMq0s22EDfGpwzcNAlTgdCy5e
eVTTR3fF/52lqiv733mnHPomW4r87u6oroNxT42jIP57cVbRaGo6ieBSdFzvNrtO
bXS605pIL0czeJk0DFXhTjwhQXgH9KJW+9PTYvwGEykCvf4CD8bpdr6cMgw9KiK7
MF8/Vbml3YXeMcdgce3r6F3o8G0E7LY39sO8X0zlYf2RsG388N6DRd9fR84=
-----END CERTIFICATE-----