Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3698a28a-faab-459c-8417-ccc4e03ad257.roa
File:                     3698a28a-faab-459c-8417-ccc4e03ad257.roa (raw, json)
Hash identifier:          x8HoAvm2+uuNcAs5Ay/fHdsKKqgPcFI0KepSr0J/ad8=
Subject key identifier:   FC:C1:3B:02:F8:8E:69:6E:E2:23:98:21:99:E3:7E:A2:A4:B0:EA:EC
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       799AF582ECA8178033DDC3C5396923AD527CAB3A
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3698a28a-faab-459c-8417-ccc4e03ad257.roa
Signing time:             Fri 11 Jul 2025 15:51:42 +0000
ROA not before:           Fri 11 Jul 2025 15:51:42 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        156.7.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:9a:f5:82:ec:a8:17:80:33:dd:c3:c5:39:69:23:ad:52:7c:ab:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 11 15:51:42 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=c329a12baff3c1891e643ed7f90a69ed29b5e782a2a31633f730988cfa5d2abe, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:34:c5:9f:e4:fc:35:d8:67:b2:44:cf:03:e8:
                    9a:dd:5a:17:d8:7a:2f:0c:a2:ae:b8:50:35:eb:b0:
                    73:07:f6:10:56:08:0a:d2:e0:e8:ca:2d:72:4d:62:
                    41:cc:0f:2d:19:ea:6f:80:b5:41:0f:75:3c:c4:d2:
                    20:05:6d:bc:71:33:b7:4c:10:c4:5f:1a:ed:f7:73:
                    1f:c2:d9:30:2c:dd:4f:b0:07:33:e9:c1:95:6e:43:
                    b0:b3:f2:95:64:df:b1:72:af:a5:91:54:33:33:6a:
                    73:d0:c1:ce:31:52:ec:94:12:c0:8c:8f:a4:de:8a:
                    e5:e0:b3:4a:38:74:03:cb:4b:ea:32:03:32:b1:7c:
                    72:fa:7a:8b:9d:85:5c:bd:3d:22:46:fa:14:85:c4:
                    24:30:06:ee:c4:33:68:94:d7:15:f9:9f:56:88:3a:
                    99:00:ad:2d:c6:3b:6f:11:f0:84:07:ae:21:d7:3d:
                    d2:b5:a2:25:b4:a5:13:74:61:12:f4:74:a1:77:42:
                    42:d4:eb:ff:97:19:3c:6a:70:ee:e7:83:52:f1:e7:
                    8e:2b:fb:2e:8e:f1:06:93:2d:cc:81:05:c8:c4:61:
                    2e:78:0a:57:5c:cf:68:17:41:d8:21:c2:47:bf:a3:
                    d9:f0:c6:c2:f7:8b:f0:75:41:65:e9:2f:9d:3f:ae:
                    ad:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:C1:3B:02:F8:8E:69:6E:E2:23:98:21:99:E3:7E:A2:A4:B0:EA:EC
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3698a28a-faab-459c-8417-ccc4e03ad257.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.7.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         0d:a4:2c:3c:5d:6c:75:b3:08:ea:6a:1e:41:5d:e7:11:aa:ab:
         df:5b:d7:9c:a4:d6:85:89:5f:a9:df:53:47:f8:ad:7c:32:35:
         36:72:8d:bb:eb:f4:84:5c:28:70:6f:15:85:3c:02:a4:fa:53:
         70:aa:89:cb:f9:02:c4:4b:da:38:80:90:d2:89:00:fa:7b:c1:
         95:ad:d4:54:09:52:e4:04:c3:5d:a1:f4:b3:a6:d8:ab:a7:1c:
         ad:7f:09:30:ea:a7:d5:3b:f3:f5:57:84:99:c0:6c:3b:a4:e1:
         18:e6:71:43:37:9e:03:7e:7d:ec:b4:7a:a6:a0:41:d2:f0:33:
         94:82:c3:e6:d1:9f:f4:5e:5c:ff:a2:48:df:64:9c:72:29:50:
         db:c6:f4:2f:87:c6:86:9b:17:4c:95:b7:d8:47:f4:4d:d7:3c:
         90:18:dd:62:50:2b:d5:e8:d1:7f:11:8c:87:28:02:49:d8:2e:
         38:c9:6b:ae:26:9b:f0:ec:cb:7d:e4:cb:eb:dd:5f:50:f2:37:
         8a:97:8e:a9:89:71:c3:8c:51:51:b9:cd:a1:02:8a:16:57:23:
         98:05:16:02:0d:a9:82:57:f6:31:26:3f:92:fa:bc:53:3d:75:
         a1:5c:d7:bb:4d:46:42:e7:cf:cb:cd:cf:77:e8:c9:c4:f8:8a:
         da:41:fe:9d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUeZr1guyoF4Az3cPFOWkjrVJ8qzowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzExMTU1MTQyWhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BjMzI5YTEyYmFmZjNjMTg5MWU2NDNlZDdmOTBhNjllZDI5
YjVlNzgyYTJhMzE2MzNmNzMwOTg4Y2ZhNWQyYWJlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBNMWf5Pw12GeyRM8D6JrdWhfYei8Moq64UDXrsHMH9hBW
CArS4OjKLXJNYkHMDy0Z6m+AtUEPdTzE0iAFbbxxM7dMEMRfGu33cx/C2TAs3U+w
BzPpwZVuQ7Cz8pVk37Fyr6WRVDMzanPQwc4xUuyUEsCMj6TeiuXgs0o4dAPLS+oy
AzKxfHL6eoudhVy9PSJG+hSFxCQwBu7EM2iU1xX5n1aIOpkArS3GO28R8IQHriHX
PdK1oiW0pRN0YRL0dKF3QkLU6/+XGTxqcO7ng1Lx544r+y6O8QaTLcyBBcjEYS54
Cldcz2gXQdghwke/o9nwxsL3i/B1QWXpL50/rq0dAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU/ME7AviOaW7iI5ghmeN+oqSw6uwwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzM2OThhMjhhLWZhYWItNDU5Yy04NDE3LWNjYzRlMDNhZDI1Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCcBzANBgkqhkiG9w0BAQsFAAOCAQEADaQsPF1sdbMI6moeQV3nEaqr31vX
nKTWhYlfqd9TR/itfDI1NnKNu+v0hFwocG8VhTwCpPpTcKqJy/kCxEvaOICQ0okA
+nvBla3UVAlS5ATDXaH0s6bYq6ccrX8JMOqn1Tvz9VeEmcBsO6ThGOZxQzeeA359
7LR6pqBB0vAzlILD5tGf9F5c/6JI32SccilQ28b0L4fGhpsXTJW32Ef0Tdc8kBjd
YlAr1ejRfxGMhygCSdguOMlrriab8OzLfeTL691fUPI3ipeOqYlxw4xRUbnNoQKK
FlcjmAUWAg2pglf2MSY/kvq8Uz11oVzXu01GQufPy83Pd+jJxPiK2kH+nQ==
-----END CERTIFICATE-----
Generated at Tue Aug 5 08:16:32 2025 by rpki-client