Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2d99d9ec-42c4-4861-afdc-51606b09cc48.roa
File:                     2d99d9ec-42c4-4861-afdc-51606b09cc48.roa (raw, json)
Hash identifier:          Ia3/naaqKWi2DqkxZfpcoOiiYg9SBucMe+2Mirb3S+k=
Subject key identifier:   2D:5D:22:EA:59:50:D1:36:D3:7A:F1:50:95:7F:2A:42:F1:35:67:E9
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       748BD713B0DFA863271AE703AE18B8124F55E4
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2d99d9ec-42c4-4861-afdc-51606b09cc48.roa
Signing time:             Wed 21 May 2025 00:41:20 +0000
ROA not before:           Wed 21 May 2025 00:41:20 +0000
ROA not after:            Wed 25 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.239.32.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 17 Jun 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:8b:d7:13:b0:df:a8:63:27:1a:e7:03:ae:18:b8:12:4f:55:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 21 00:41:20 2025 GMT
            Not After : Jun 25 23:59:59 2025 GMT
        Subject: serialNumber=e2e10c6f298fc049f37650c5bfc0da9b333170a2eb46f49d9bb40f9fb05a5ae1, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:df:7f:28:59:16:fc:7c:54:3b:bc:17:75:c3:
                    d1:5d:53:48:c5:16:2e:fd:e6:ba:d4:94:a4:c9:74:
                    fa:67:68:e6:5e:b2:39:a7:0e:ef:1a:45:37:40:8b:
                    f2:9e:28:2a:44:b3:3e:9b:6d:98:8a:3e:9e:f1:6b:
                    1e:24:24:38:45:7e:30:a4:9c:71:d8:5e:9c:15:39:
                    b7:ef:84:53:ed:96:f7:dc:0b:72:78:f4:c5:36:aa:
                    c1:1f:56:11:73:fa:15:ac:63:4a:a1:bc:38:61:9c:
                    af:48:b0:02:8e:67:15:42:10:b0:3c:db:e0:dd:4c:
                    64:30:bd:f5:61:40:40:e9:89:ea:21:fb:03:db:e3:
                    8a:50:7c:de:fb:32:a9:84:ca:80:7c:dc:61:e5:26:
                    59:c9:02:3e:c8:a6:52:90:8e:3e:41:f6:ee:9e:0d:
                    5d:7d:fd:78:20:04:28:74:82:e4:c5:18:e5:de:df:
                    f5:78:c7:d1:78:a0:f1:2d:04:25:c2:7a:f1:da:5f:
                    1f:15:8e:ff:5b:f6:c2:4e:40:69:ef:f4:f0:20:17:
                    4b:08:92:94:c4:cc:4a:b7:19:e3:71:df:0e:69:6c:
                    c5:9e:d7:ac:ba:1a:3c:bd:5b:5e:93:64:8a:d2:55:
                    bc:cc:de:12:b9:51:6c:1f:cf:8d:38:f0:cc:18:31:
                    ce:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:5D:22:EA:59:50:D1:36:D3:7A:F1:50:95:7F:2A:42:F1:35:67:E9
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2d99d9ec-42c4-4861-afdc-51606b09cc48.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.239.32.0/21

    Signature Algorithm: sha256WithRSAEncryption
         87:ea:46:f0:1f:d7:4c:c9:d1:4d:e9:f7:ad:0d:5a:86:eb:f6:
         37:5c:cd:87:79:63:12:dc:d7:3f:f9:11:db:76:c9:b6:70:75:
         f2:ba:e8:d7:a6:5c:b5:e2:0f:b7:45:38:70:87:43:55:0d:af:
         8d:62:80:43:d1:91:fb:dc:45:a5:01:71:9f:95:ad:c7:fb:08:
         3a:45:2e:df:0f:60:1d:4a:55:49:0d:2c:9f:4c:f8:70:89:53:
         cd:29:67:72:56:e2:52:be:0d:3b:16:67:0b:31:d2:b6:20:c5:
         0f:7c:b8:19:b3:03:fd:08:0d:e9:42:83:a0:d9:0e:4a:6f:b1:
         69:79:0b:ec:ff:09:10:a5:4d:a2:c5:b1:b2:ec:34:a3:fb:2a:
         bb:07:78:6d:4b:f4:db:92:e4:2e:cd:ef:85:49:a1:57:63:93:
         a7:f9:3c:90:9d:da:d4:ba:5f:5e:0f:7e:74:ff:59:7e:31:42:
         a8:6b:b2:d8:a7:cd:56:26:7e:16:7c:2b:8d:f1:96:af:04:db:
         b6:20:fb:b0:a0:f8:87:50:f5:ff:7d:5b:20:8e:54:02:b6:37:
         91:30:ba:59:24:3e:15:87:65:46:bd:6e:6c:30:02:a7:4b:02:
         33:76:01:53:a7:6f:29:d2:c7:6f:9d:7f:17:5f:ac:4d:08:d7:
         ce:e1:91:2e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITdIvXE7DfqGMnGucDrhi4Ek9V5DANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzJkZjZmM2IzYTM0YjYzODZkMWEzMmQ4ZjRmYTMxNzhlZjMx
ODg3ZDhiNDI4ZGZhYTQ3NjAeFw0yNTA1MjEwMDQxMjBaFw0yNTA2MjUyMzU5NTla
MHoxSTBHBgNVBAUTQGUyZTEwYzZmMjk4ZmMwNDlmMzc2NTBjNWJmYzBkYTliMzMz
MTcwYTJlYjQ2ZjQ5ZDliYjQwZjlmYjA1YTVhZTExLTArBgNVBAMTJDVmMjc2MDQ1
LTViOWYtNDVlZi05MjNkLWYzZmNlMjRhNjIyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ/ffyhZFvx8VDu8F3XD0V1TSMUWLv3mutSUpMl0+mdo5l6y
OacO7xpFN0CL8p4oKkSzPpttmIo+nvFrHiQkOEV+MKSccdhenBU5t++EU+2W99wL
cnj0xTaqwR9WEXP6FaxjSqG8OGGcr0iwAo5nFUIQsDzb4N1MZDC99WFAQOmJ6iH7
A9vjilB83vsyqYTKgHzcYeUmWckCPsimUpCOPkH27p4NXX39eCAEKHSC5MUY5d7f
9XjH0Xig8S0EJcJ68dpfHxWO/1v2wk5Aae/08CAXSwiSlMTMSrcZ43HfDmlsxZ7X
rLoaPL1bXpNkitJVvMzeErlRbB/PjTjwzBgxzhcCAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBQtXSLqWVDRNtN68VCVfypC8TVn6TAfBgNVHSMEGDAWgBQlrdNCsB63pY6t
GZAmiLVLP4H0uDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzg1MWNlZjE3LTEz
MmEtNDMzNy1iN2QxLWJmMTZhNTJmZmQwMy9kZjZmM2IzYTM0YjYzODZkMWEzMmQ4
ZjRmYTMxNzhlZjMxODg3ZDhiNDI4ZGZhYTQ3Ni5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9mNzAzNjk2ZS1lNDdiLTRjMjAtYmQ5My02Zjgw
OTA0ZTQyZDIvMmQ5OWQ5ZWMtNDJjNC00ODYxLWFmZGMtNTE2MDZiMDljYzQ4LnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMt
NmY4MDkwNGU0MmQyL3RqaHRHakxZOVBveGVPOHhpSDJMUW8zNnBIWS5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAzbvIDANBgkqhkiG9w0BAQsFAAOCAQEAh+pG8B/XTMnRTen3rQ1ahuv2N1zN
h3ljEtzXP/kR23bJtnB18rro16ZcteIPt0U4cIdDVQ2vjWKAQ9GR+9xFpQFxn5Wt
x/sIOkUu3w9gHUpVSQ0sn0z4cIlTzSlnclbiUr4NOxZnCzHStiDFD3y4GbMD/QgN
6UKDoNkOSm+xaXkL7P8JEKVNosWxsuw0o/squwd4bUv025LkLs3vhUmhV2OTp/k8
kJ3a1LpfXg9+dP9ZfjFCqGuy2KfNViZ+FnwrjfGWrwTbtiD7sKD4h1D1/31bII5U
ArY3kTC6WSQ+FYdlRr1ubDACp0sCM3YBU6dvKdLHb51/F1+sTQjXzuGRLg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:17:43 2025 by rpki-client