Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/485009d1-d135-4106-a876-5dd2f923a157.roa
File:                     485009d1-d135-4106-a876-5dd2f923a157.roa (raw, json)
Hash identifier:          OZ8u7NjTBEGa1WXciNn16AzvXqjNRFd6RGdY1Dmkako=
Subject key identifier:   17:7D:5B:41:2D:99:39:80:94:FB:43:86:B3:9E:79:B8:3B:FC:06:C6
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       31A35A0F39F1AE156C5563D8ADB23320121657DE
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/485009d1-d135-4106-a876-5dd2f923a157.roa
Signing time:             Sat 12 Apr 2025 00:51:58 +0000
ROA not before:           Sat 12 Apr 2025 00:51:58 +0000
ROA not after:            Sat 17 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.210.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:a3:5a:0f:39:f1:ae:15:6c:55:63:d8:ad:b2:33:20:12:16:57:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr 12 00:51:58 2025 GMT
            Not After : May 17 23:59:59 2025 GMT
        Subject: serialNumber=44cf32dc1bf6708f9e24f152b399be0960fa0be5487317941ede06dc0eb44e81, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:14:a4:b7:14:03:29:25:d2:2b:87:1b:40:fd:
                    2b:d2:bc:71:86:ac:2e:88:51:7e:81:45:50:54:a5:
                    75:f3:59:53:7f:74:77:a9:04:04:b5:be:be:a1:3e:
                    49:c3:87:78:37:63:d9:a3:e0:c4:30:19:b9:20:52:
                    e2:2e:43:f5:95:57:48:b7:e3:5b:c4:df:61:38:ae:
                    60:1b:ba:f0:1b:04:c4:b4:46:01:5f:7d:b7:c4:29:
                    c3:f9:33:53:92:86:8d:7b:b6:30:e3:05:29:4e:a8:
                    e7:64:6b:a2:8a:1f:8a:58:01:80:9b:18:21:8b:44:
                    99:44:08:2a:66:c4:32:c5:b9:c1:17:22:9f:36:27:
                    2d:28:29:24:51:50:ad:66:d0:fe:c0:ef:4e:e3:66:
                    67:95:e3:24:d0:ff:9d:3d:44:d0:a3:b3:cc:ce:d2:
                    7d:c8:c6:6c:8f:4c:4a:d7:97:e4:cd:f6:97:df:4d:
                    b5:1c:d0:82:5d:8e:3b:9f:dc:8e:05:4c:82:12:06:
                    9f:cb:9d:45:7f:c1:37:68:62:53:4b:78:5c:2d:5a:
                    c8:84:71:3c:97:d7:7d:fa:79:ac:3c:f3:e7:f5:f1:
                    07:a6:0f:4d:0e:5d:0e:95:a7:ff:55:a4:44:82:36:
                    66:0c:8f:26:5f:2f:62:03:d2:53:ba:a9:99:8e:c7:
                    49:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:7D:5B:41:2D:99:39:80:94:FB:43:86:B3:9E:79:B8:3B:FC:06:C6
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/485009d1-d135-4106-a876-5dd2f923a157.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.210.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         83:7e:24:a3:6c:3a:26:6e:60:d6:13:1f:a7:4c:2f:cf:45:95:
         cc:cc:08:43:a9:51:da:0e:99:4f:2e:6c:bf:01:12:67:61:72:
         e6:bd:a0:89:64:bd:be:a7:ec:16:0b:f1:7e:cd:a6:e9:8e:bf:
         20:8c:2d:a3:2f:45:7c:24:99:f3:a4:85:c4:26:d7:d2:02:90:
         36:f0:ca:fd:04:7f:03:10:cd:60:7a:ac:72:0e:50:eb:61:6f:
         8c:87:9e:fd:30:e1:af:46:c2:69:a3:97:e2:97:1f:82:94:4b:
         9d:4f:4e:9b:f4:02:53:2c:33:24:33:60:9a:d1:c2:ea:5e:54:
         53:ec:05:65:cb:cf:10:ed:8c:0e:87:12:21:c2:a8:73:a7:77:
         9d:74:23:18:0f:fb:e9:39:f7:c3:1a:8d:12:19:59:e0:5e:9b:
         2b:9d:02:ff:77:95:7c:1a:38:e2:2a:15:69:54:8f:39:28:5b:
         76:49:df:a8:4a:41:26:52:e3:af:85:a5:6b:50:bf:79:ec:74:
         b5:7e:1b:34:8d:67:aa:ed:8c:de:c0:05:91:33:f7:e1:c3:62:
         0f:c5:d9:13:49:96:42:c1:3a:de:43:4b:ab:a5:b6:fc:86:81:
         a3:f2:4a:48:4e:78:81:85:22:e8:f9:73:d0:40:01:c9:4f:82:
         c9:26:16:95
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUMaNaDznxrhVsVWPYrbIzIBIWV94wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDEyMDA1MTU4WhcNMjUwNTE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NGNmMzJkYzFiZjY3MDhmOWUyNGYxNTJiMzk5YmUwOTYw
ZmEwYmU1NDg3MzE3OTQxZWRlMDZkYzBlYjQ0ZTgxMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDcFKS3FAMpJdIrhxtA/SvSvHGGrC6IUX6BRVBUpXXzWVN/
dHepBAS1vr6hPknDh3g3Y9mj4MQwGbkgUuIuQ/WVV0i341vE32E4rmAbuvAbBMS0
RgFffbfEKcP5M1OSho17tjDjBSlOqOdka6KKH4pYAYCbGCGLRJlECCpmxDLFucEX
Ip82Jy0oKSRRUK1m0P7A707jZmeV4yTQ/509RNCjs8zO0n3IxmyPTErXl+TN9pff
TbUc0IJdjjuf3I4FTIISBp/LnUV/wTdoYlNLeFwtWsiEcTyX1336eaw88+f18Qem
D00OXQ6Vp/9VpESCNmYMjyZfL2ID0lO6qZmOx0nFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUF31bQS2ZOYCU+0OGs555uDv8BsYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzQ4NTAwOWQxLWQxMzUtNDEwNi1hODc2LTVkZDJmOTIzYTE1Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEN0jANBgkqhkiG9w0BAQsFAAOCAQEAg34ko2w6Jm5g1hMfp0wvz0WVzMwI
Q6lR2g6ZTy5svwESZ2Fy5r2giWS9vqfsFgvxfs2m6Y6/IIwtoy9FfCSZ86SFxCbX
0gKQNvDK/QR/AxDNYHqscg5Q62FvjIee/TDhr0bCaaOX4pcfgpRLnU9Om/QCUywz
JDNgmtHC6l5UU+wFZcvPEO2MDocSIcKoc6d3nXQjGA/76Tn3wxqNEhlZ4F6bK50C
/3eVfBo44ioVaVSPOShbdknfqEpBJlLjr4Wla1C/eex0tX4bNI1nqu2M3sAFkTP3
4cNiD8XZE0mWQsE63kNLq6W2/IaBo/JKSE54gYUi6Plz0EAByU+CySYWlQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:42:53 2025 by rpki-client