Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/163289b6-2323-49cb-af8d-5b5a9ee9f0fe.roa
File:                     163289b6-2323-49cb-af8d-5b5a9ee9f0fe.roa (raw, json)
Hash identifier:          wbN59/cT/NTDNln+9qll4RoNyapV8SUBNx16Bvjrbms=
Subject key identifier:   40:EC:DA:8D:26:04:00:E2:DF:33:52:1D:93:87:2D:9C:E4:3B:CD:6E
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5CF6ECDBC09901A443CD8BD3B0548589A7A81ADA
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/163289b6-2323-49cb-af8d-5b5a9ee9f0fe.roa
Signing time:             Fri 25 Apr 2025 17:00:19 +0000
ROA not before:           Fri 25 Apr 2025 17:00:19 +0000
ROA not after:            Fri 30 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.95.80.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:f6:ec:db:c0:99:01:a4:43:cd:8b:d3:b0:54:85:89:a7:a8:1a:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr 25 17:00:19 2025 GMT
            Not After : May 30 23:59:59 2025 GMT
        Subject: serialNumber=01dd8ebc891c73242d893b2d0550b7d7e0a1f03accc86dcf2e7ad6306237dacd, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:75:b7:a4:d1:c5:1e:53:ce:04:2e:5d:86:7c:
                    1c:18:fb:0b:68:61:3d:c8:5e:49:9e:59:fd:9f:ed:
                    24:8a:49:b6:b2:bc:a2:42:ab:92:af:8d:7c:7b:e6:
                    f1:71:07:13:0d:74:d6:a0:f6:10:b4:46:89:82:7f:
                    f3:aa:77:25:a5:c0:c1:e1:18:49:06:55:db:cd:20:
                    12:94:3d:0a:d6:c1:27:1d:62:ea:ab:50:9b:11:e2:
                    29:d3:0d:ab:ae:80:12:6f:eb:e8:89:95:e5:6e:df:
                    f1:e9:a6:4e:4d:64:9c:91:1a:88:ca:7a:ec:44:f4:
                    12:74:c4:28:9f:1a:11:2a:4d:79:43:8b:9b:57:c5:
                    2f:68:db:a4:c2:b9:60:a8:5c:2e:c8:3a:a4:98:12:
                    77:5a:1f:19:6e:ce:e3:a2:bd:fe:b1:d1:12:a8:c7:
                    ce:30:86:c3:15:06:d4:56:bc:85:26:e9:99:65:38:
                    9e:71:b1:14:90:88:36:86:23:69:0b:6e:45:de:23:
                    47:bf:fe:3d:5c:6e:81:a6:ed:ee:77:1b:35:a2:c2:
                    5d:6d:56:e0:73:01:50:45:4a:83:6a:99:f7:53:e9:
                    bc:2d:ef:87:6f:52:63:7b:2f:cb:ee:e5:11:2e:7e:
                    85:cf:9e:cd:7b:b5:0e:ea:3d:bd:44:40:b3:5f:90:
                    09:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:EC:DA:8D:26:04:00:E2:DF:33:52:1D:93:87:2D:9C:E4:3B:CD:6E
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/163289b6-2323-49cb-af8d-5b5a9ee9f0fe.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.95.80.0/20

    Signature Algorithm: sha256WithRSAEncryption
         10:02:7c:49:fa:35:a6:0c:b5:82:a8:ee:cf:66:2b:37:e8:6d:
         d6:c2:e7:9a:33:33:db:12:8e:09:ca:9f:3f:e8:d4:d9:c0:68:
         9b:ad:1f:5a:57:08:d0:e3:bb:6d:6b:90:0d:62:1b:dc:2c:5f:
         59:c0:ad:c9:44:2c:52:5d:e8:93:24:85:ab:ca:43:80:6b:f0:
         81:3a:fa:a0:41:01:26:44:d3:8b:81:1f:f3:3b:4f:38:51:ef:
         ac:8e:58:24:6a:42:4f:cd:27:62:fe:c6:57:84:1d:69:27:9a:
         9d:f4:54:9b:12:fe:c8:c2:00:e8:4a:5b:8e:b4:9b:c6:eb:24:
         6e:88:ae:19:a1:81:73:8c:fb:f1:aa:f6:43:71:55:79:65:ff:
         c7:95:c7:92:99:ed:4b:2d:8c:45:a8:ea:b3:9d:4c:c3:02:a4:
         c0:e4:1a:ff:a4:fd:7c:05:d1:46:c7:8d:a9:9c:02:17:14:75:
         f6:a8:82:1f:f7:a6:f8:43:37:78:fd:3b:31:20:03:66:34:2a:
         d4:24:c2:1c:5f:0f:de:2a:a1:de:ba:00:d6:f2:c9:1c:0e:3e:
         58:32:7e:de:55:f9:99:77:85:98:9e:77:bf:9a:8e:8c:8e:f3:
         03:21:3f:06:98:c4:3f:8e:51:fc:7c:9b:3f:48:f0:08:0a:04:
         8d:b8:32:2e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXPbs28CZAaRDzYvTsFSFiaeoGtowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDI1MTcwMDE5WhcNMjUwNTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0AwMWRkOGViYzg5MWM3MzI0MmQ4OTNiMmQwNTUwYjdkN2Uw
YTFmMDNhY2NjODZkY2YyZTdhZDYzMDYyMzdkYWNkMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6dbek0cUeU84ELl2GfBwY+wtoYT3IXkmeWf2f7SSKSbay
vKJCq5KvjXx75vFxBxMNdNag9hC0RomCf/OqdyWlwMHhGEkGVdvNIBKUPQrWwScd
YuqrUJsR4inTDauugBJv6+iJleVu3/Hppk5NZJyRGojKeuxE9BJ0xCifGhEqTXlD
i5tXxS9o26TCuWCoXC7IOqSYEndaHxluzuOivf6x0RKox84whsMVBtRWvIUm6Zll
OJ5xsRSQiDaGI2kLbkXeI0e//j1cboGm7e53GzWiwl1tVuBzAVBFSoNqmfdT6bwt
74dvUmN7L8vu5REufoXPns17tQ7qPb1EQLNfkAn/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUQOzajSYEAOLfM1Idk4ctnOQ7zW4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzE2MzI4OWI2LTIzMjMtNDljYi1hZjhkLTViNWE5ZWU5ZjBmZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQ0X1AwDQYJKoZIhvcNAQELBQADggEBABACfEn6NaYMtYKo7s9mKzfobdbC
55ozM9sSjgnKnz/o1NnAaJutH1pXCNDju21rkA1iG9wsX1nArclELFJd6JMkhavK
Q4Br8IE6+qBBASZE04uBH/M7TzhR76yOWCRqQk/NJ2L+xleEHWknmp30VJsS/sjC
AOhKW460m8brJG6IrhmhgXOM+/Gq9kNxVXll/8eVx5KZ7UstjEWo6rOdTMMCpMDk
Gv+k/XwF0UbHjamcAhcUdfaogh/3pvhDN3j9OzEgA2Y0KtQkwhxfD94qod66ANby
yRwOPlgyft5V+Zl3hZied7+ajoyO8wMhPwaYxD+OUfx8mz9I8AgKBI24Mi4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:50:08 2025 by rpki-client