Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/02dc2f5f-44f1-4648-a904-b68814e0e633.roa
File:                     02dc2f5f-44f1-4648-a904-b68814e0e633.roa (raw, json)
Hash identifier:          GRE7CSW4XYAR4Sej+29HSX4ild5n50VxVKyxRuYaNIg=
Subject key identifier:   6B:90:98:77:B3:73:C0:42:8F:6D:EF:C5:D1:A8:9F:96:5D:E1:C0:86
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       504683A7399B462508B48D9E80B047344D3C24BC
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/02dc2f5f-44f1-4648-a904-b68814e0e633.roa
Signing time:             Mon 14 Apr 2025 17:20:14 +0000
ROA not before:           Mon 14 Apr 2025 17:20:14 +0000
ROA not after:            Mon 19 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.211.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:46:83:a7:39:9b:46:25:08:b4:8d:9e:80:b0:47:34:4d:3c:24:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr 14 17:20:14 2025 GMT
            Not After : May 19 23:59:59 2025 GMT
        Subject: serialNumber=e6b1371674cfc03b8825f91cafc91923a3413b677637b277dbc24f0283420569, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:46:1a:ca:50:52:b7:5f:cd:e2:8d:52:56:f8:
                    ac:45:7d:ee:69:f9:9a:79:9d:16:bb:1c:14:b0:70:
                    a8:50:ca:73:e8:3d:55:72:7f:33:8f:be:c6:ab:ec:
                    c7:5f:bf:c5:4e:ef:98:ef:87:b1:94:9d:fb:8b:de:
                    e9:6f:f6:48:14:36:4f:df:7b:ff:4c:11:52:d3:9b:
                    ff:18:1d:9a:d6:cb:c4:0c:d9:75:e8:c0:5b:c4:8b:
                    14:f4:1d:87:70:3e:cd:cf:2d:d9:b0:6d:c6:e0:d8:
                    9e:8f:29:41:4c:62:c6:53:a6:09:47:6e:18:c0:bd:
                    80:69:7d:7a:91:f9:e9:68:36:18:ab:9f:f2:5b:2f:
                    84:1e:62:24:cd:5e:70:3a:4d:60:90:ef:6e:a8:44:
                    82:79:8d:74:15:1d:30:01:e8:0b:45:4e:77:a1:23:
                    6e:7c:fe:33:fe:f2:5c:f5:14:26:d9:b3:87:d6:cd:
                    be:3a:87:c7:09:a5:0f:1f:3f:89:04:6b:ce:57:72:
                    a4:2d:2a:46:f3:df:97:ab:34:e6:cb:0f:08:1a:77:
                    6d:bc:2d:09:c9:6f:0d:e8:5e:bc:ad:99:63:ca:3f:
                    6c:bd:bc:a2:f4:da:d6:93:6d:8e:f6:65:f9:a1:b5:
                    48:7f:31:f5:27:a4:eb:3f:cc:2a:a8:0d:d5:3c:be:
                    24:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:90:98:77:B3:73:C0:42:8F:6D:EF:C5:D1:A8:9F:96:5D:E1:C0:86
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/02dc2f5f-44f1-4648-a904-b68814e0e633.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.211.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         76:95:eb:79:ca:3c:32:cc:c2:4b:ea:59:ab:3f:38:7a:83:70:
         b5:8d:95:b3:e1:e5:dc:be:c2:1b:43:6f:71:b4:5e:d4:d8:98:
         1c:f7:7e:c3:58:20:ad:3d:56:db:aa:f4:44:89:75:3b:2f:1a:
         d7:74:57:0d:16:43:b7:1a:ed:29:86:26:65:be:cf:c5:d6:dc:
         30:80:50:e4:54:90:49:d6:96:fb:7d:6e:ea:28:95:f2:41:77:
         b0:d6:6c:63:69:30:b2:d5:75:9b:d4:4a:06:9e:42:c2:e7:07:
         76:a5:f5:a5:ed:98:14:85:b6:95:29:b5:44:b9:db:ad:64:6e:
         13:96:1b:06:8a:da:14:d3:31:47:49:49:7e:06:73:b9:c5:aa:
         56:69:d3:fe:78:65:6b:83:97:23:a0:f6:34:ea:c7:c9:b3:77:
         a0:3c:1b:9e:7a:91:9c:39:85:62:73:39:ad:9b:fc:5a:df:42:
         81:a0:52:27:f5:3e:3b:ca:66:8d:db:ef:a9:f8:83:52:46:0f:
         ef:c7:28:39:96:78:67:d4:3d:44:6d:e6:1b:01:44:a4:a8:a7:
         38:91:54:56:0d:5d:dc:8b:3c:1b:a6:f6:a2:eb:6a:7f:82:b1:
         66:42:66:7e:bf:2f:68:65:95:76:91:df:cb:41:f6:3e:76:6a:
         f0:39:47:28
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUUEaDpzmbRiUItI2egLBHNE08JLwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDE0MTcyMDE0WhcNMjUwNTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlNmIxMzcxNjc0Y2ZjMDNiODgyNWY5MWNhZmM5MTkyM2Ez
NDEzYjY3NzYzN2IyNzdkYmMyNGYwMjgzNDIwNTY5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3RhrKUFK3X83ijVJW+KxFfe5p+Zp5nRa7HBSwcKhQynPo
PVVyfzOPvsar7Mdfv8VO75jvh7GUnfuL3ulv9kgUNk/fe/9MEVLTm/8YHZrWy8QM
2XXowFvEixT0HYdwPs3PLdmwbcbg2J6PKUFMYsZTpglHbhjAvYBpfXqR+eloNhir
n/JbL4QeYiTNXnA6TWCQ726oRIJ5jXQVHTAB6AtFTnehI258/jP+8lz1FCbZs4fW
zb46h8cJpQ8fP4kEa85XcqQtKkbz35erNObLDwgad228LQnJbw3oXrytmWPKP2y9
vKL02taTbY72ZfmhtUh/MfUnpOs/zCqoDdU8viStAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUa5CYd7NzwEKPbe/F0aifll3hwIYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzAyZGMyZjVmLTQ0ZjEtNDY0OC1hOTA0LWI2ODgxNGUwZTYzMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA20zANBgkqhkiG9w0BAQsFAAOCAQEAdpXreco8MszCS+pZqz84eoNwtY2V
s+Hl3L7CG0NvcbRe1NiYHPd+w1ggrT1W26r0RIl1Oy8a13RXDRZDtxrtKYYmZb7P
xdbcMIBQ5FSQSdaW+31u6iiV8kF3sNZsY2kwstV1m9RKBp5CwucHdqX1pe2YFIW2
lSm1RLnbrWRuE5YbBoraFNMxR0lJfgZzucWqVmnT/nhla4OXI6D2NOrHybN3oDwb
nnqRnDmFYnM5rZv8Wt9CgaBSJ/U+O8pmjdvvqfiDUkYP78coOZZ4Z9Q9RG3mGwFE
pKinOJFUVg1d3Is8G6b2outqf4KxZkJmfr8vaGWVdpHfy0H2PnZq8DlHKA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:45:55 2025 by rpki-client