Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/43c88db7-77d5-4925-b7f7-5eb88c4b8820.roa
File:                     43c88db7-77d5-4925-b7f7-5eb88c4b8820.roa (raw, json)
Hash identifier:          9SVHxYvxZ1p3ErynCyA3JWLNiNoWx84xgR20uxBCxZI=
Subject key identifier:   B1:60:95:50:FA:57:F5:1D:D1:BC:79:CE:91:13:58:59:AC:3B:3F:54
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       22D5A0223063E75B50D67F1F42647A7F66E9011E
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/43c88db7-77d5-4925-b7f7-5eb88c4b8820.roa
Signing time:             Fri 25 Jul 2025 15:41:42 +0000
ROA not before:           Fri 25 Jul 2025 15:41:42 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.0.0.0/11 maxlen: 11
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:d5:a0:22:30:63:e7:5b:50:d6:7f:1f:42:64:7a:7f:66:e9:01:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 25 15:41:42 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=55c890bbeebc37f0a597009ea92472796a0d3a40d65baa9796a4e08b21d2e9b8, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:37:60:eb:d6:a0:47:bc:40:49:a9:47:2f:8b:
                    22:62:41:b5:d3:1e:e6:80:77:b9:75:19:ca:a4:db:
                    7b:56:a7:86:33:4f:82:06:ae:4b:0e:63:29:96:31:
                    63:49:3b:4c:5f:25:f0:43:65:a0:f9:71:03:ff:c2:
                    9a:9f:dc:cb:46:12:48:7d:1d:e4:b4:da:15:30:63:
                    e5:fa:ba:7b:6f:89:ee:af:d0:04:4c:72:20:c2:58:
                    14:1c:05:1e:8d:9e:0a:ca:cf:27:28:cf:55:1b:a9:
                    41:a5:42:c4:fe:9c:04:17:33:4b:b9:a6:a1:b2:67:
                    3e:89:4c:10:5e:07:dd:8b:28:75:42:c6:6c:ed:e6:
                    51:af:c1:d6:e7:b8:61:bb:fa:df:74:17:af:6d:a1:
                    57:f0:ee:ce:5b:4b:59:04:e6:34:a2:bc:c8:48:8e:
                    30:47:8a:06:fd:e3:2e:50:35:05:04:b7:b1:f2:83:
                    6f:75:e5:ca:63:e9:50:0e:9e:89:ec:5d:38:07:9f:
                    c6:64:1f:de:44:94:50:5c:51:2c:37:e1:8c:d6:93:
                    5e:f4:fb:47:10:f6:12:06:96:26:d1:d0:c6:89:25:
                    f7:ca:ae:44:9c:0c:00:41:47:90:21:df:23:3e:15:
                    ab:dd:5d:71:24:e7:4c:69:94:6b:3f:cf:83:b5:1e:
                    0c:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:60:95:50:FA:57:F5:1D:D1:BC:79:CE:91:13:58:59:AC:3B:3F:54
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/43c88db7-77d5-4925-b7f7-5eb88c4b8820.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.0.0.0/11

    Signature Algorithm: sha256WithRSAEncryption
         65:4c:e2:7c:7e:99:60:49:a8:75:81:32:29:47:91:4e:f9:1e:
         5b:3f:e6:3e:77:34:55:29:4f:cc:b9:e1:10:9b:57:3f:a2:7c:
         7f:4f:56:bc:04:5a:a0:26:49:fe:a6:2c:a2:05:2a:6b:15:2e:
         32:42:79:06:b3:2d:90:6b:fb:c2:2d:59:86:ce:c3:c0:70:18:
         ce:5b:d8:e3:00:1f:e3:3e:ef:82:41:4a:47:9e:d0:a7:1c:49:
         ca:8a:ac:6c:71:18:26:a8:94:24:89:0b:b8:24:c3:6e:2b:10:
         5d:31:f9:1e:0d:8e:78:17:6c:63:7a:52:1a:b5:be:13:14:da:
         3c:8e:1f:11:7b:ea:69:5a:79:e1:16:fc:80:ca:6d:ef:ea:7a:
         c1:2f:66:f1:93:f9:e9:62:7c:27:63:87:69:d1:12:58:ff:a5:
         d0:d5:6f:5c:f1:ec:a3:b9:4c:ea:84:7e:31:1d:c1:36:b8:dc:
         69:51:24:8a:3b:0d:a2:6b:10:99:87:a3:a6:66:c3:73:c7:78:
         56:eb:f8:6d:12:c9:8d:4f:b2:94:26:d8:8b:ad:c3:cb:45:92:
         e1:78:b2:df:97:af:f3:3e:b8:f7:e8:75:94:4c:ca:c9:65:e0:
         4e:4f:18:1d:b6:dc:e5:20:f4:8c:1b:ab:cb:54:a7:99:99:d6:
         76:63:5d:b5
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUItWgIjBj51tQ1n8fQmR6f2bpAR4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI1MTU0MTQyWhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NWM4OTBiYmVlYmMzN2YwYTU5NzAwOWVhOTI0NzI3OTZh
MGQzYTQwZDY1YmFhOTc5NmE0ZTA4YjIxZDJlOWI4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDmN2Dr1qBHvEBJqUcviyJiQbXTHuaAd7l1Gcqk23tWp4Yz
T4IGrksOYymWMWNJO0xfJfBDZaD5cQP/wpqf3MtGEkh9HeS02hUwY+X6untvie6v
0ARMciDCWBQcBR6NngrKzycoz1UbqUGlQsT+nAQXM0u5pqGyZz6JTBBeB92LKHVC
xmzt5lGvwdbnuGG7+t90F69toVfw7s5bS1kE5jSivMhIjjBHigb94y5QNQUEt7Hy
g2915cpj6VAOnonsXTgHn8ZkH95ElFBcUSw34YzWk170+0cQ9hIGlibR0MaJJffK
rkScDABBR5Ah3yM+FavdXXEk50xplGs/z4O1HgyvAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUsWCVUPpX9R3RvHnOkRNYWaw7P1QwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzQzYzg4ZGI3LTc3ZDUtNDkyNS1iN2Y3LTVlYjg4YzRiODgyMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwU0ADANBgkqhkiG9w0BAQsFAAOCAQEAZUzifH6ZYEmodYEyKUeRTvkeWz/m
Pnc0VSlPzLnhEJtXP6J8f09WvARaoCZJ/qYsogUqaxUuMkJ5BrMtkGv7wi1Zhs7D
wHAYzlvY4wAf4z7vgkFKR57QpxxJyoqsbHEYJqiUJIkLuCTDbisQXTH5Hg2OeBds
Y3pSGrW+ExTaPI4fEXvqaVp54Rb8gMpt7+p6wS9m8ZP56WJ8J2OHadESWP+l0NVv
XPHso7lM6oR+MR3BNrjcaVEkijsNomsQmYejpmbDc8d4Vuv4bRLJjU+ylCbYi63D
y0WS4Xiy35ev8z649+h1lEzKyWXgTk8YHbbc5SD0jBury1SnmZnWdmNdtQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:52:16 2025 by rpki-client