Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/56cd15b8-b342-4c8d-a108-7911cfac5800.roa
File:                     56cd15b8-b342-4c8d-a108-7911cfac5800.roa (raw, json)
Hash identifier:          vn/CTm7WWgiyZEb+G0hZ0gRCcb8LhlghAus5EE+9NQY=
Subject key identifier:   4C:99:62:90:31:98:E5:E1:9E:F7:F4:06:E0:F2:8E:E3:61:83:F7:73
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       167E03AC5D9842CB82865B0EDC72EF0E1D069486
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/56cd15b8-b342-4c8d-a108-7911cfac5800.roa
Signing time:             Fri 26 Sep 2025 02:44:49 +0000
ROA not before:           Fri 26 Sep 2025 02:44:49 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.230.116.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:7e:03:ac:5d:98:42:cb:82:86:5b:0e:dc:72:ef:0e:1d:06:94:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 26 02:44:49 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=2ca41133f25b3741a312ece1727fe4db91449c6a04afd90fce787b43d30a9f64, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:64:b2:5b:96:ea:9f:85:56:78:90:0e:19:2d:
                    9d:5f:ed:4f:d5:70:52:af:a9:a4:d7:55:9d:5f:09:
                    a3:0d:71:98:08:01:4b:c6:54:6a:97:8b:04:cf:3e:
                    b4:33:97:d2:04:d6:c8:4e:48:4a:06:e6:66:47:f8:
                    b3:ec:65:13:23:39:35:a6:d8:8b:c4:37:15:09:d0:
                    f2:34:dc:dd:d4:96:6a:ca:82:da:b5:17:40:3c:0c:
                    b1:0c:b5:68:20:46:8d:bd:01:2a:ab:ca:12:95:f5:
                    f8:04:a3:6d:c9:93:12:7b:33:ba:48:af:3e:19:0b:
                    d7:8d:b5:51:bb:37:36:a1:44:53:13:6e:0d:8d:ac:
                    59:3f:02:d1:0d:26:c3:e5:5f:d9:d0:43:e8:ba:1c:
                    0d:66:f4:a5:0f:5d:ca:e6:b7:d3:5d:a7:bb:e7:39:
                    ba:ce:3c:9b:e0:b6:24:a8:cd:01:2e:7e:83:8b:f5:
                    67:a2:b1:1b:ad:6f:dd:e1:00:3d:6d:00:4c:31:b2:
                    de:f1:6d:fa:25:86:92:bd:39:1c:12:c7:9a:96:50:
                    b8:f9:83:30:b5:bd:dd:ee:82:d0:b2:4c:ae:13:41:
                    1c:ca:2b:bd:5f:cf:d0:09:cc:dc:ab:e1:9f:ef:9c:
                    a1:49:d6:cb:60:ea:b5:b7:a6:9e:86:71:cb:8b:ea:
                    51:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:99:62:90:31:98:E5:E1:9E:F7:F4:06:E0:F2:8E:E3:61:83:F7:73
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/56cd15b8-b342-4c8d-a108-7911cfac5800.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.230.116.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7e:ce:38:6c:cd:82:d2:33:87:d7:f7:db:6a:53:cd:37:49:85:
         ad:3e:fd:8c:66:3d:0d:e6:f2:62:0c:01:bb:00:d8:36:ba:a7:
         56:40:17:f2:62:7c:cd:fb:99:ea:30:89:73:4a:6a:52:44:9a:
         85:81:94:f1:cd:9f:6a:f0:fb:17:bb:c2:4d:60:8a:7d:1c:36:
         b5:1f:00:50:07:33:48:fa:9c:92:ac:21:0f:c4:a1:33:89:95:
         ee:a1:95:11:27:ca:29:91:ba:91:74:2b:23:3e:2d:e4:1a:d3:
         9e:f7:e1:30:96:3c:1a:e2:e3:3e:06:61:0c:38:f6:ea:30:30:
         c3:88:fc:e7:e5:11:7e:b7:77:4d:7f:15:fd:e5:5e:38:18:ca:
         a6:6c:e1:a4:a4:18:be:e2:aa:41:6d:7f:d2:91:ef:d8:e8:a8:
         df:7b:aa:bb:6e:ac:7c:4a:5b:7e:15:38:c0:a3:e5:c8:45:cf:
         7c:8d:c6:5c:34:c5:f9:42:3d:a7:9d:e7:21:c1:ab:68:29:c6:
         48:7d:b5:3c:2b:f4:4d:be:fb:b1:b5:99:dd:69:7a:d3:3e:3d:
         83:3a:83:13:dd:93:4b:2f:ec:d3:c0:4c:01:55:86:6a:9f:cc:
         b6:68:2a:0f:5c:5b:d5:67:20:5c:78:de:e7:db:48:9a:76:66:
         43:59:88:d0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFn4DrF2YQsuChlsO3HLvDh0GlIYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI2MDI0NDQ5WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AyY2E0MTEzM2YyNWIzNzQxYTMxMmVjZTE3MjdmZTRkYjkx
NDQ5YzZhMDRhZmQ5MGZjZTc4N2I0M2QzMGE5ZjY0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2ZLJbluqfhVZ4kA4ZLZ1f7U/VcFKvqaTXVZ1fCaMNcZgI
AUvGVGqXiwTPPrQzl9IE1shOSEoG5mZH+LPsZRMjOTWm2IvENxUJ0PI03N3UlmrK
gtq1F0A8DLEMtWggRo29ASqryhKV9fgEo23JkxJ7M7pIrz4ZC9eNtVG7NzahRFMT
bg2NrFk/AtENJsPlX9nQQ+i6HA1m9KUPXcrmt9Ndp7vnObrOPJvgtiSozQEufoOL
9WeisRutb93hAD1tAEwxst7xbfolhpK9ORwSx5qWULj5gzC1vd3ugtCyTK4TQRzK
K71fz9AJzNyr4Z/vnKFJ1stg6rW3pp6GccuL6lF7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTJlikDGY5eGe9/QG4PKO42GD93MwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzU2Y2QxNWI4LWIzNDItNGM4ZC1hMTA4LTc5MTFjZmFjNTgwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAE25nQwDQYJKoZIhvcNAQELBQADggEBAH7OOGzNgtIzh9f322pTzTdJha0+
/YxmPQ3m8mIMAbsA2Da6p1ZAF/JifM37meowiXNKalJEmoWBlPHNn2rw+xe7wk1g
in0cNrUfAFAHM0j6nJKsIQ/EoTOJle6hlREnyimRupF0KyM+LeQa05734TCWPBri
4z4GYQw49uowMMOI/OflEX63d01/Ff3lXjgYyqZs4aSkGL7iqkFtf9KR79joqN97
qrturHxKW34VOMCj5chFz3yNxlw0xflCPaed5yHBq2gpxkh9tTwr9E2++7G1md1p
etM+PYM6gxPdk0sv7NPATAFVhmqfzLZoKg9cW9VnIFx43ufbSJp2ZkNZiNA=
-----END CERTIFICATE-----