Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bfc11f0d-760b-4025-851b-832d2d520831.roa
File:                     bfc11f0d-760b-4025-851b-832d2d520831.roa (raw, json)
Hash identifier:          W1QwvyiSpBWRniFbLHiaOqTILe2tQJ8rGXBuySRauOU=
Subject key identifier:   5C:C3:3F:E2:BE:61:8A:67:13:5C:51:CF:5D:E9:D2:AD:97:29:7E:A0
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7694A7870A3410BDDBECA91B0BFA15ACE1842DEE
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bfc11f0d-760b-4025-851b-832d2d520831.roa
Signing time:             Fri 26 Sep 2025 02:36:58 +0000
ROA not before:           Fri 26 Sep 2025 02:36:58 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.230.84.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:94:a7:87:0a:34:10:bd:db:ec:a9:1b:0b:fa:15:ac:e1:84:2d:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 26 02:36:58 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=694144f41472e24fb8d9ca7d1ae2f28b158c9290ce9545e5833c18f134bc1010, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:4a:e7:3a:ea:e2:64:58:0a:95:cd:d7:f8:1a:
                    4f:d4:e7:f6:6a:f1:bf:99:7f:a6:5c:ab:d2:ab:66:
                    97:81:fd:67:88:3e:ed:a7:3e:4d:70:76:7a:af:10:
                    83:ee:7c:9b:10:ee:53:1b:9c:7c:38:da:4c:05:d2:
                    ef:c2:94:33:02:71:ef:1b:b3:f9:d8:c3:22:00:74:
                    3b:38:ac:46:30:cb:c7:23:df:73:49:1b:d6:fc:1e:
                    69:34:39:87:ca:df:f7:fc:50:d5:d6:16:d0:2b:cf:
                    f5:3d:26:54:7d:5f:05:94:ca:e5:60:c5:0b:d7:f0:
                    6f:c6:2b:2b:2c:ca:6f:ee:e7:7d:a1:ce:d2:da:55:
                    81:10:7b:2f:3b:7e:50:82:12:8d:91:b7:02:30:56:
                    91:b0:68:bf:53:e1:a8:a3:5e:16:12:85:99:51:c5:
                    64:3b:9f:d9:bc:01:46:43:3a:c8:3f:50:c6:c9:fe:
                    f1:fa:e2:25:d9:4d:5a:00:5d:ed:7a:5d:07:8e:c9:
                    2f:6b:0d:ee:13:18:b3:17:62:1c:11:08:c8:3e:07:
                    e7:92:86:df:06:85:45:db:a4:b9:85:95:ea:d6:74:
                    45:dd:f4:ea:c1:64:d3:40:3c:20:be:61:fd:a3:39:
                    8c:1f:ba:50:3e:3f:e9:32:eb:d3:8b:be:3a:79:00:
                    4b:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:C3:3F:E2:BE:61:8A:67:13:5C:51:CF:5D:E9:D2:AD:97:29:7E:A0
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bfc11f0d-760b-4025-851b-832d2d520831.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.230.84.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:aa:94:9d:f9:74:d9:69:ca:04:dc:44:9a:9c:fe:f9:66:91:
         a2:10:92:ca:d2:95:1d:11:81:2f:2d:74:57:b9:61:8c:0b:23:
         9d:fb:03:9a:9a:0e:a1:ef:03:22:68:66:94:95:bf:76:23:76:
         9c:3b:e4:95:37:fa:9a:f4:e0:de:13:0b:a5:ec:07:51:a6:49:
         be:a2:5e:f7:30:b8:63:9b:13:39:6f:30:1b:2f:70:b2:e8:86:
         d9:07:6d:dc:d3:88:29:79:3d:28:8f:0c:03:52:8e:bb:d0:59:
         da:9d:a8:53:9f:48:bd:f7:b0:bc:fc:c3:d8:47:ea:fe:de:28:
         94:c3:2f:ea:eb:6b:3e:d2:7c:30:55:27:2c:2f:25:af:a0:df:
         0d:6f:c4:83:47:f1:2c:b3:5d:dd:a9:86:e1:a1:36:b1:5f:7a:
         6e:0b:a3:6c:01:a5:46:70:59:64:c5:d3:92:07:53:39:14:03:
         a2:d4:b3:74:3a:08:b7:55:4b:82:93:88:4e:68:37:18:7a:42:
         df:b7:1d:3e:ad:03:93:40:69:71:43:b2:a2:a9:44:cc:8a:54:
         0f:7a:0c:d6:a9:70:18:fe:b0:e9:8f:08:37:2d:45:ea:09:51:
         02:77:13:d1:6a:8a:cd:e0:ad:ab:53:5e:70:3c:22:0c:98:fd:
         2f:4d:31:22
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdpSnhwo0EL3b7KkbC/oVrOGELe4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI2MDIzNjU4WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A2OTQxNDRmNDE0NzJlMjRmYjhkOWNhN2QxYWUyZjI4YjE1
OGM5MjkwY2U5NTQ1ZTU4MzNjMThmMTM0YmMxMDEwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9Suc66uJkWAqVzdf4Gk/U5/Zq8b+Zf6Zcq9KrZpeB/WeI
Pu2nPk1wdnqvEIPufJsQ7lMbnHw42kwF0u/ClDMCce8bs/nYwyIAdDs4rEYwy8cj
33NJG9b8Hmk0OYfK3/f8UNXWFtArz/U9JlR9XwWUyuVgxQvX8G/GKyssym/u532h
ztLaVYEQey87flCCEo2RtwIwVpGwaL9T4aijXhYShZlRxWQ7n9m8AUZDOsg/UMbJ
/vH64iXZTVoAXe16XQeOyS9rDe4TGLMXYhwRCMg+B+eSht8GhUXbpLmFlerWdEXd
9OrBZNNAPCC+Yf2jOYwfulA+P+ky69OLvjp5AEvVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXMM/4r5himcTXFHPXenSrZcpfqAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2JmYzExZjBkLTc2MGItNDAyNS04NTFiLTgzMmQyZDUyMDgzMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA25lQwDQYJKoZIhvcNAQELBQADggEBAKKqlJ35dNlpygTcRJqc/vlmkaIQ
ksrSlR0RgS8tdFe5YYwLI537A5qaDqHvAyJoZpSVv3Yjdpw75JU3+pr04N4TC6Xs
B1GmSb6iXvcwuGObEzlvMBsvcLLohtkHbdzTiCl5PSiPDANSjrvQWdqdqFOfSL33
sLz8w9hH6v7eKJTDL+rraz7SfDBVJywvJa+g3w1vxINH8SyzXd2phuGhNrFfem4L
o2wBpUZwWWTF05IHUzkUA6LUs3Q6CLdVS4KTiE5oNxh6Qt+3HT6tA5NAaXFDsqKp
RMyKVA96DNapcBj+sOmPCDctReoJUQJ3E9Fqis3gratTXnA8IgyY/S9NMSI=
-----END CERTIFICATE-----