Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/529b9429-a63e-4015-896f-d45cfa5e90b2.roa
File:                     529b9429-a63e-4015-896f-d45cfa5e90b2.roa (raw, json)
Hash identifier:          YWfPdzXmV3WGTdpEMpWrug/9jhTIr3qjnaRU6rmAb9c=
Subject key identifier:   12:E9:65:C8:09:A8:13:2C:FC:34:F4:57:29:A7:20:6D:6D:C7:22:47
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       671DD73751D0A235A80A924B1548F934A01C16F0
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/529b9429-a63e-4015-896f-d45cfa5e90b2.roa
Signing time:             Tue 29 Jul 2025 00:50:42 +0000
ROA not before:           Tue 29 Jul 2025 00:50:42 +0000
ROA not after:            Tue 02 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.94.116.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:1d:d7:37:51:d0:a2:35:a8:0a:92:4b:15:48:f9:34:a0:1c:16:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 29 00:50:42 2025 GMT
            Not After : Sep  2 23:59:59 2025 GMT
        Subject: serialNumber=675a98ae2b5a8e84ecbe0b7af2c000a1fc75a8c677c21ed75068d000aae6ea86, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:3f:58:5b:db:3d:0a:2c:1f:c4:e4:d3:d6:96:
                    cd:96:05:89:cf:51:af:ca:d0:66:b3:23:e6:ba:3e:
                    c7:1e:89:9c:e4:61:67:93:e6:f0:b1:7e:1f:00:a2:
                    1a:57:ca:af:f7:09:22:65:84:19:d3:2c:dc:f6:16:
                    91:69:bf:41:37:59:9f:2e:b2:20:e6:0b:c0:2f:ad:
                    f9:cd:b1:dd:1b:c2:58:0d:3b:6c:e6:3d:f6:39:8b:
                    4c:d5:8a:23:a0:9b:16:43:e1:e1:05:72:40:91:1f:
                    db:d0:ef:67:cc:a8:f9:41:41:22:90:e2:4f:59:f5:
                    14:d9:53:84:40:84:ee:55:fe:90:be:3b:0b:54:fe:
                    0d:65:9b:3f:1a:e3:46:de:da:ad:7a:85:3d:04:c3:
                    13:e7:12:ef:ac:42:5e:0a:5a:20:e1:db:7f:c7:f4:
                    64:c9:1f:db:87:43:dc:c0:15:6d:86:dc:d2:d2:56:
                    04:03:95:65:38:ce:12:34:4e:05:1f:1b:41:ff:0a:
                    f7:f4:00:c9:59:4d:f6:63:41:2c:49:e9:fc:f3:ea:
                    07:9a:e1:d1:77:38:46:f4:1f:5d:54:6f:a1:9e:5f:
                    d3:66:74:85:8a:db:2a:49:3b:d8:55:52:da:30:b0:
                    b1:af:e2:00:09:cb:b5:31:5e:63:7a:67:3c:c3:97:
                    9a:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:E9:65:C8:09:A8:13:2C:FC:34:F4:57:29:A7:20:6D:6D:C7:22:47
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/529b9429-a63e-4015-896f-d45cfa5e90b2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.94.116.0/23

    Signature Algorithm: sha256WithRSAEncryption
         55:52:5b:55:b1:67:7a:68:5c:f8:6a:86:fa:7b:dd:5d:92:c8:
         45:00:d1:3b:0f:71:2e:67:d7:5d:61:71:13:ee:c3:9a:09:f1:
         ed:f8:81:25:ca:9e:68:57:b4:44:24:e1:68:2b:75:1e:62:17:
         9b:a1:e4:9c:32:e5:43:ff:d8:19:e8:78:53:40:95:8b:e9:4c:
         72:19:ce:18:93:55:26:f6:1f:70:fd:5b:ab:38:ec:12:6e:40:
         f1:23:40:fe:6d:01:88:a1:b8:f1:d1:93:53:5d:c2:ca:8d:65:
         4f:66:fc:bb:db:c6:5c:20:ab:bc:ae:d6:ea:05:dd:19:d3:7d:
         f1:6b:f3:19:ba:a7:03:d7:dd:73:73:7e:9a:bd:4f:25:2e:98:
         85:cb:16:6b:ce:15:1b:0d:1f:97:3d:bc:cb:6e:33:88:b9:8a:
         c3:c9:7f:d0:9f:2e:86:20:52:67:82:49:08:92:7b:14:8b:da:
         89:ac:b5:64:40:06:f5:72:08:37:35:55:3f:c9:6b:f0:52:d8:
         ce:3b:54:63:75:08:39:97:01:7b:a5:d3:4d:9b:23:aa:b4:ba:
         7b:ce:fe:93:2b:6b:cd:87:db:01:99:c4:4b:3a:f1:7b:2b:55:
         31:e9:cd:f2:cf:c2:6f:59:3d:3b:e5:82:20:ba:bc:57:1e:01:
         f8:0f:94:bc
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZx3XN1HQojWoCpJLFUj5NKAcFvAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI5MDA1MDQyWhcNMjUwOTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A2NzVhOThhZTJiNWE4ZTg0ZWNiZTBiN2FmMmMwMDBhMWZj
NzVhOGM2NzdjMjFlZDc1MDY4ZDAwMGFhZTZlYTg2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgP1hb2z0KLB/E5NPWls2WBYnPUa/K0GazI+a6PsceiZzk
YWeT5vCxfh8AohpXyq/3CSJlhBnTLNz2FpFpv0E3WZ8usiDmC8AvrfnNsd0bwlgN
O2zmPfY5i0zViiOgmxZD4eEFckCRH9vQ72fMqPlBQSKQ4k9Z9RTZU4RAhO5V/pC+
OwtU/g1lmz8a40be2q16hT0EwxPnEu+sQl4KWiDh23/H9GTJH9uHQ9zAFW2G3NLS
VgQDlWU4zhI0TgUfG0H/Cvf0AMlZTfZjQSxJ6fzz6gea4dF3OEb0H11Ub6GeX9Nm
dIWK2ypJO9hVUtowsLGv4gAJy7UxXmN6ZzzDl5pJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUEullyAmoEyz8NPRXKacgbW3HIkcwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzUyOWI5NDI5LWE2M2UtNDAxNS04OTZmLWQ0NWNmYTVlOTBiMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAE0XnQwDQYJKoZIhvcNAQELBQADggEBAFVSW1WxZ3poXPhqhvp73V2SyEUA
0TsPcS5n111hcRPuw5oJ8e34gSXKnmhXtEQk4WgrdR5iF5uh5Jwy5UP/2BnoeFNA
lYvpTHIZzhiTVSb2H3D9W6s47BJuQPEjQP5tAYihuPHRk1NdwsqNZU9m/Lvbxlwg
q7yu1uoF3RnTffFr8xm6pwPX3XNzfpq9TyUumIXLFmvOFRsNH5c9vMtuM4i5isPJ
f9CfLoYgUmeCSQiSexSL2omstWRABvVyCDc1VT/Ja/BS2M47VGN1CDmXAXul002b
I6q0unvO/pMra82H2wGZxEs68XsrVTHpzfLPwm9ZPTvlgiC6vFceAfgPlLw=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:34:56 2025 by rpki-client