Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/02dc2f5f-44f1-4648-a904-b68814e0e633.roa
File:                     02dc2f5f-44f1-4648-a904-b68814e0e633.roa (raw, json)
Hash identifier:          XRF3gsRISNidcZkmzTkLITyyvcj7GXT8DnFkScFZgP0=
Subject key identifier:   7F:2D:82:0E:1A:5E:F7:57:AE:55:9A:86:18:CB:6C:70:50:2D:E1:2B
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       43603E7CCF36F79A9D8B713126CDA22992BD8708
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/02dc2f5f-44f1-4648-a904-b68814e0e633.roa
Signing time:             Fri 25 Jul 2025 16:30:14 +0000
ROA not before:           Fri 25 Jul 2025 16:30:14 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.211.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:60:3e:7c:cf:36:f7:9a:9d:8b:71:31:26:cd:a2:29:92:bd:87:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 25 16:30:14 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=ab78930c040b362fcda88281bed64a4f8260370f1a0df934fab7cf91e0df5b8a, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:53:08:4a:8e:f3:cb:85:e4:32:8b:85:26:33:
                    fb:44:cf:e8:24:a3:df:94:26:b5:21:4d:a1:3b:fe:
                    6c:ae:0b:fe:f3:0c:43:04:7c:87:9c:31:8c:e5:c2:
                    50:38:09:aa:81:d4:d6:f5:c7:f5:a8:5a:a2:7e:65:
                    85:b0:43:c8:b1:0a:ab:76:18:4f:87:a5:59:1a:76:
                    0e:e6:7c:2b:89:08:ce:30:35:4e:66:f4:31:4f:6a:
                    d1:2c:18:ef:d4:92:fa:9f:ae:b7:c2:3f:b4:14:a7:
                    f3:4b:b5:0a:ed:b0:5c:d0:01:f6:27:f0:cb:35:76:
                    fd:d8:55:e7:a3:30:2d:c0:10:00:50:72:12:6d:62:
                    dd:10:36:63:23:3c:8f:a4:21:7d:63:91:8b:35:ee:
                    a4:e4:f3:e5:c7:b1:3f:1b:ab:69:2b:8b:9f:29:89:
                    65:8f:50:43:2f:cd:e4:05:71:af:07:3e:12:e7:04:
                    8f:2e:fb:60:16:bf:3d:81:4f:26:5f:4b:66:48:f1:
                    21:0a:7e:a1:f2:e2:23:81:64:07:f2:1b:12:36:c6:
                    23:22:33:db:b2:8b:a4:f9:70:ee:2b:d4:61:b9:78:
                    5c:28:7b:aa:22:9d:a1:56:ec:55:47:b9:4a:62:f0:
                    34:69:5e:ad:6e:df:33:c5:cd:87:33:2e:4f:08:15:
                    b5:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:2D:82:0E:1A:5E:F7:57:AE:55:9A:86:18:CB:6C:70:50:2D:E1:2B
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/02dc2f5f-44f1-4648-a904-b68814e0e633.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.211.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1b:a8:23:da:fc:e6:f0:92:40:ac:00:cf:c4:55:5e:1e:28:d7:
         bf:4e:8b:29:c4:55:02:33:45:b5:d6:fd:81:94:bd:0c:66:90:
         29:bc:eb:17:be:5e:65:b9:c9:9b:fc:71:fb:93:6d:11:1d:9b:
         7c:6c:44:13:97:28:79:a3:47:00:a3:75:ac:b2:b7:a4:0a:c9:
         f8:dd:61:6c:ed:fa:d4:08:ab:76:01:99:53:c1:e0:ca:cf:7f:
         91:e4:ec:a2:fa:70:60:a8:6c:1f:36:87:42:69:f0:61:96:fd:
         df:5a:90:81:c6:47:1e:39:5c:0c:bb:d1:d6:55:2d:cc:e7:7a:
         5e:e2:8b:77:ab:00:90:3d:6b:cc:40:7a:df:21:2d:37:e5:15:
         02:60:df:df:49:d4:ed:ee:fd:3b:a6:ad:28:53:58:7c:3d:0f:
         1e:e7:a4:c1:6d:58:b0:b8:2a:16:a5:81:d0:15:5f:73:52:48:
         7f:12:06:b2:b5:fe:84:24:de:71:bc:44:51:83:c3:ff:f5:75:
         34:b7:42:82:89:f1:10:09:c8:a3:1f:4a:95:eb:88:b1:ef:97:
         73:23:86:3f:e2:9d:fa:b4:18:6d:ab:6a:d5:9c:b4:20:2f:48:
         f2:1c:fd:69:3c:50:9a:4a:d8:57:00:08:35:f6:ea:1e:3a:3f:
         42:95:72:5e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUQ2A+fM8295qdi3ExJs2iKZK9hwgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI1MTYzMDE0WhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYjc4OTMwYzA0MGIzNjJmY2RhODgyODFiZWQ2NGE0Zjgy
NjAzNzBmMWEwZGY5MzRmYWI3Y2Y5MWUwZGY1YjhhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDmUwhKjvPLheQyi4UmM/tEz+gko9+UJrUhTaE7/myuC/7z
DEMEfIecMYzlwlA4CaqB1Nb1x/WoWqJ+ZYWwQ8ixCqt2GE+HpVkadg7mfCuJCM4w
NU5m9DFPatEsGO/UkvqfrrfCP7QUp/NLtQrtsFzQAfYn8Ms1dv3YVeejMC3AEABQ
chJtYt0QNmMjPI+kIX1jkYs17qTk8+XHsT8bq2kri58piWWPUEMvzeQFca8HPhLn
BI8u+2AWvz2BTyZfS2ZI8SEKfqHy4iOBZAfyGxI2xiMiM9uyi6T5cO4r1GG5eFwo
e6oinaFW7FVHuUpi8DRpXq1u3zPFzYczLk8IFbX9AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUfy2CDhpe91euVZqGGMtscFAt4SswHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzAyZGMyZjVmLTQ0ZjEtNDY0OC1hOTA0LWI2ODgxNGUwZTYzMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA20zANBgkqhkiG9w0BAQsFAAOCAQEAG6gj2vzm8JJArADPxFVeHijXv06L
KcRVAjNFtdb9gZS9DGaQKbzrF75eZbnJm/xx+5NtER2bfGxEE5coeaNHAKN1rLK3
pArJ+N1hbO361AirdgGZU8Hgys9/keTsovpwYKhsHzaHQmnwYZb931qQgcZHHjlc
DLvR1lUtzOd6XuKLd6sAkD1rzEB63yEtN+UVAmDf30nU7e79O6atKFNYfD0PHuek
wW1YsLgqFqWB0BVfc1JIfxIGsrX+hCTecbxEUYPD//V1NLdCgonxEAnIox9KleuI
se+XcyOGP+Kd+rQYbatq1Zy0IC9I8hz9aTxQmkrYVwAINfbqHjo/QpVyXg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:44:17 2025 by rpki-client