Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0b375cfb-c594-4719-8ced-254505eae482.roa
File:                     0b375cfb-c594-4719-8ced-254505eae482.roa (raw, json)
Hash identifier:          qKaJ+e3GIO/DYlGAKDRODZjc/PHu/V+U5hx3c7Ki+pw=
Subject key identifier:   47:54:61:1B:71:69:2D:0D:D1:24:38:3F:67:BC:96:55:AD:28:41:4B
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       1BC1D19E68219DD4515A66E14D17733579A95273
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0b375cfb-c594-4719-8ced-254505eae482.roa
Signing time:             Fri 04 Apr 2025 00:20:57 +0000
ROA not before:           Fri 04 Apr 2025 00:20:57 +0000
ROA not after:            Fri 09 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        161.188.150.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:c1:d1:9e:68:21:9d:d4:51:5a:66:e1:4d:17:73:35:79:a9:52:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr  4 00:20:57 2025 GMT
            Not After : May  9 23:59:59 2025 GMT
        Subject: serialNumber=c9aa4ac6dd8040cf668e8ed8c5738f2aefb8f310d170ca4747860708967800b7, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:21:10:f5:53:d4:b1:df:10:de:b9:ff:6d:74:
                    3a:35:35:5e:b1:fd:2e:fa:3a:70:c7:35:5b:38:71:
                    96:eb:dd:83:17:4a:87:7f:6e:a0:36:fc:93:b1:36:
                    44:6f:0c:dd:6c:12:e4:e4:e2:23:1e:25:17:7f:ca:
                    ec:35:53:2d:47:fb:8f:cc:49:26:6c:0e:90:b5:6e:
                    77:23:82:e7:cb:9c:ec:01:40:bf:69:a1:d6:50:c6:
                    f2:be:bd:fe:48:88:b5:e8:46:f1:59:f4:be:87:bf:
                    41:f5:71:da:6f:c7:f4:b1:33:35:d0:9e:d7:7a:18:
                    7d:ba:b6:81:f6:59:80:b2:d4:f0:d8:b1:c1:a9:17:
                    2a:7b:55:7f:3f:9f:3b:59:49:da:16:7e:40:94:f5:
                    b4:ab:61:c4:d4:1f:86:01:9f:95:e9:65:fd:00:b2:
                    f2:c2:71:9f:33:cb:de:98:c2:5c:fc:33:c4:97:4e:
                    a8:a6:2f:8a:d7:7e:7a:80:ff:b0:66:e9:26:65:a7:
                    1e:b2:c1:78:e7:ea:67:dd:53:7b:9e:bc:6d:e7:b8:
                    98:ce:fe:b1:c9:17:51:46:50:d1:a0:0a:e1:d9:41:
                    1d:d8:9e:af:9e:8f:a0:72:4b:6c:02:43:da:de:7b:
                    65:eb:05:bf:31:50:d7:f4:92:37:42:cc:73:88:c5:
                    3f:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:54:61:1B:71:69:2D:0D:D1:24:38:3F:67:BC:96:55:AD:28:41:4B
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0b375cfb-c594-4719-8ced-254505eae482.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.188.150.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b2:5c:4a:ed:77:db:fa:3d:9c:f3:fe:13:24:52:c9:16:4a:4a:
         2d:bf:03:6a:c1:9a:b3:c0:73:9a:61:05:d9:d5:51:79:64:86:
         fd:81:6a:6b:82:d2:5c:ae:46:eb:28:43:e5:6c:46:48:4d:06:
         a0:d0:b3:20:f0:0b:ef:87:5d:f4:93:71:61:ca:88:d2:c6:38:
         f6:69:3b:6a:90:3a:7c:63:15:20:48:15:33:b9:cd:e7:50:ba:
         10:70:3a:94:df:e4:9b:51:b6:c8:ad:69:57:af:d3:bd:91:be:
         00:08:8f:72:38:d9:51:a5:20:61:26:c6:51:8f:6e:93:71:05:
         5c:e9:28:62:93:80:3f:8e:38:49:44:ec:85:bc:9a:8c:77:90:
         df:b2:90:ad:64:ba:8a:45:08:1f:4e:23:d2:ee:15:59:47:d3:
         d1:f8:34:63:4b:ba:8b:18:44:20:df:37:da:db:fe:ed:f2:f0:
         97:f5:45:d7:61:31:0d:4f:72:b0:95:fb:02:9c:a1:4a:df:97:
         a1:e4:3b:0e:8d:be:7c:6b:1a:cd:2d:9f:a3:ad:8d:c2:07:e9:
         42:48:62:a0:85:75:9e:a6:9d:0f:27:4e:ef:85:0c:fd:81:de:
         b9:0c:03:e5:b7:95:15:15:24:e5:9f:a9:dc:fa:14:94:97:58:
         0b:fd:b9:fb
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUG8HRnmghndRRWmbhTRdzNXmpUnMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDA0MDAyMDU3WhcNMjUwNTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BjOWFhNGFjNmRkODA0MGNmNjY4ZThlZDhjNTczOGYyYWVm
YjhmMzEwZDE3MGNhNDc0Nzg2MDcwODk2NzgwMGI3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWIRD1U9Sx3xDeuf9tdDo1NV6x/S76OnDHNVs4cZbr3YMX
Sod/bqA2/JOxNkRvDN1sEuTk4iMeJRd/yuw1Uy1H+4/MSSZsDpC1bncjgufLnOwB
QL9podZQxvK+vf5IiLXoRvFZ9L6Hv0H1cdpvx/SxMzXQntd6GH26toH2WYCy1PDY
scGpFyp7VX8/nztZSdoWfkCU9bSrYcTUH4YBn5XpZf0AsvLCcZ8zy96Ywlz8M8SX
TqimL4rXfnqA/7Bm6SZlpx6ywXjn6mfdU3uevG3nuJjO/rHJF1FGUNGgCuHZQR3Y
nq+ej6ByS2wCQ9ree2XrBb8xUNf0kjdCzHOIxT+VAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUR1RhG3FpLQ3RJDg/Z7yWVa0oQUswHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzBiMzc1Y2ZiLWM1OTQtNDcxOS04Y2VkLTI1NDUwNWVhZTQ4Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAGhvJYwDQYJKoZIhvcNAQELBQADggEBALJcSu132/o9nPP+EyRSyRZKSi2/
A2rBmrPAc5phBdnVUXlkhv2BamuC0lyuRusoQ+VsRkhNBqDQsyDwC++HXfSTcWHK
iNLGOPZpO2qQOnxjFSBIFTO5zedQuhBwOpTf5JtRtsitaVev072RvgAIj3I42VGl
IGEmxlGPbpNxBVzpKGKTgD+OOElE7IW8mox3kN+ykK1kuopFCB9OI9LuFVlH09H4
NGNLuosYRCDfN9rb/u3y8Jf1RddhMQ1PcrCV+wKcoUrfl6HkOw6NvnxrGs0tn6Ot
jcIH6UJIYqCFdZ6mnQ8nTu+FDP2B3rkMA+W3lRUVJOWfqdz6FJSXWAv9ufs=
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:54:35 2025 by rpki-client