Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/b78ad018-6881-4671-9a78-0dc8f34501ca.roa
File:                     b78ad018-6881-4671-9a78-0dc8f34501ca.roa (raw, json)
Hash identifier:          4kGm2zehKvRudmu2Hpchoc4JKqoeBXz4IpeCAyEB93g=
Subject key identifier:   A2:6D:62:43:51:D3:48:C9:37:17:CF:D7:7A:EB:F6:DD:6B:71:8D:6C
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       2949DED3438569F9DE141792FA492D3EF538F344
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/b78ad018-6881-4671-9a78-0dc8f34501ca.roa
Signing time:             Wed 04 Jun 2025 00:50:10 +0000
ROA not before:           Wed 04 Jun 2025 00:50:10 +0000
ROA not after:            Wed 09 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        173.82.66.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:49:de:d3:43:85:69:f9:de:14:17:92:fa:49:2d:3e:f5:38:f3:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jun  4 00:50:10 2025 GMT
            Not After : Jul  9 23:59:59 2025 GMT
        Subject: serialNumber=cfa5f7e88a2c81fc6289a158d5bbe3bc30ccd195baf1a5b30856de2010fe32cc, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:9c:45:39:59:7a:b4:16:7f:8b:a3:b7:9f:c4:
                    50:6e:73:b4:51:6d:ed:37:ae:af:49:cf:58:88:9b:
                    08:3f:cb:8c:20:1f:01:b8:83:4f:0b:1d:c3:80:bb:
                    d0:94:24:f7:e6:02:0b:a1:ff:45:c1:86:41:50:f1:
                    82:a5:1d:b1:35:ff:84:1c:67:16:09:a0:17:b0:19:
                    35:7c:d5:b1:19:9d:09:7f:27:bb:d6:e5:2a:a5:71:
                    25:e5:6d:6c:e0:f2:bc:90:2d:4c:37:59:c2:f5:a9:
                    2f:9a:78:cf:c7:3a:48:95:35:ce:18:94:cc:03:f9:
                    7b:76:a5:95:2b:39:31:5a:97:c5:7c:03:e7:08:33:
                    46:5c:f2:5e:97:a3:4e:24:40:46:30:e6:46:9b:7b:
                    5e:38:d5:37:6a:33:0b:bd:c3:99:f4:2f:3d:e7:97:
                    8b:96:18:d6:04:7a:ab:d3:aa:07:38:f2:b0:67:9e:
                    00:07:af:1e:05:ce:da:0b:43:78:d2:3a:81:80:98:
                    bf:bf:d2:fc:ce:86:f2:d3:98:c0:d5:ce:f1:c1:d7:
                    36:bd:2b:d4:ef:07:70:ee:af:14:ce:27:bd:63:31:
                    92:0d:b1:fb:97:af:99:49:b6:5e:19:f4:4c:0b:43:
                    ab:60:98:19:76:6f:4d:24:50:27:75:04:6c:02:f3:
                    65:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:6D:62:43:51:D3:48:C9:37:17:CF:D7:7A:EB:F6:DD:6B:71:8D:6C
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/b78ad018-6881-4671-9a78-0dc8f34501ca.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.82.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:0c:6f:63:93:f7:8d:dd:e6:72:8a:e3:b8:35:0a:fb:14:2c:
         f7:aa:ad:4f:52:ba:a7:3b:14:69:20:d2:35:66:be:af:a0:18:
         d8:38:68:8d:80:2d:40:68:e5:45:32:f4:ab:51:1c:12:90:a9:
         ed:60:fb:15:75:a5:16:a7:94:36:aa:6c:83:44:9e:dd:f3:f9:
         98:e5:bb:82:93:55:1c:07:c1:ad:c6:8f:13:06:15:26:9d:9b:
         0b:2a:e1:6a:96:33:c1:61:25:93:60:bc:c9:62:d0:3f:70:0b:
         6f:cc:ed:3a:15:c0:fe:26:fa:99:94:9d:25:ed:1b:51:00:12:
         98:56:ac:0f:71:d8:b9:c5:cb:05:e0:70:4f:dd:17:1e:86:eb:
         79:c0:38:f2:88:a3:52:94:2e:5a:ad:1e:3c:8c:c2:f7:7e:80:
         aa:b1:4f:ae:1c:1f:f6:17:88:c7:4e:b3:66:9c:1d:4e:bc:1f:
         1b:a3:b6:e8:89:a2:cb:2c:aa:3c:c4:dd:84:8e:4e:d7:de:5b:
         d5:86:c2:99:4a:82:1c:40:b8:c6:6c:be:31:75:0f:a1:89:98:
         d4:5e:f5:b8:a1:95:4b:18:66:b4:a2:11:3a:76:92:4e:02:d9:
         11:a9:5d:e7:52:f6:5f:a9:00:59:af:04:fc:b0:b0:27:38:2d:
         f8:be:6a:3e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKUne00OFafneFBeS+kktPvU480QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNjA0MDA1MDEwWhcNMjUwNzA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BjZmE1ZjdlODhhMmM4MWZjNjI4OWExNThkNWJiZTNiYzMw
Y2NkMTk1YmFmMWE1YjMwODU2ZGUyMDEwZmUzMmNjMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCYnEU5WXq0Fn+Lo7efxFBuc7RRbe03rq9Jz1iImwg/y4wg
HwG4g08LHcOAu9CUJPfmAguh/0XBhkFQ8YKlHbE1/4QcZxYJoBewGTV81bEZnQl/
J7vW5SqlcSXlbWzg8ryQLUw3WcL1qS+aeM/HOkiVNc4YlMwD+Xt2pZUrOTFal8V8
A+cIM0Zc8l6Xo04kQEYw5kabe1441TdqMwu9w5n0Lz3nl4uWGNYEeqvTqgc48rBn
ngAHrx4FztoLQ3jSOoGAmL+/0vzOhvLTmMDVzvHB1za9K9TvB3DurxTOJ71jMZIN
sfuXr5lJtl4Z9EwLQ6tgmBl2b00kUCd1BGwC82XnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUom1iQ1HTSMk3F8/Xeuv23WtxjWwwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2I3OGFkMDE4LTY4ODEtNDY3MS05YTc4LTBkYzhmMzQ1MDFjYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACtUkIwDQYJKoZIhvcNAQELBQADggEBAE0Mb2OT943d5nKK47g1CvsULPeq
rU9Suqc7FGkg0jVmvq+gGNg4aI2ALUBo5UUy9KtRHBKQqe1g+xV1pRanlDaqbINE
nt3z+Zjlu4KTVRwHwa3GjxMGFSadmwsq4WqWM8FhJZNgvMli0D9wC2/M7ToVwP4m
+pmUnSXtG1EAEphWrA9x2LnFywXgcE/dFx6G63nAOPKIo1KULlqtHjyMwvd+gKqx
T64cH/YXiMdOs2acHU68HxujtuiJosssqjzE3YSOTtfeW9WGwplKghxAuMZsvjF1
D6GJmNRe9bihlUsYZrSiETp2kk4C2RGpXedS9l+pAFmvBPywsCc4Lfi+aj4=
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:26:14 2025 by rpki-client