Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/592229fc-0992-48a6-b4d6-3aa5c5bede73.roa
File:                     592229fc-0992-48a6-b4d6-3aa5c5bede73.roa (raw, json)
Hash identifier:          3heOe1yWJWYXLDDwkf8s5u31RccGI0McJQZuTO+94lo=
Subject key identifier:   1F:6A:B6:1A:76:BF:BF:2E:86:43:47:84:0B:61:23:A8:51:73:34:25
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       652162F298FF1320AA99AF579021757BE278CE06
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/592229fc-0992-48a6-b4d6-3aa5c5bede73.roa
Signing time:             Tue 20 May 2025 17:40:23 +0000
ROA not before:           Tue 20 May 2025 17:40:23 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.89.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:21:62:f2:98:ff:13:20:aa:99:af:57:90:21:75:7b:e2:78:ce:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 20 17:40:23 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=f1c8230d173ea7288057c66875007b30a0c7f45f18e70eaa78dde0d3bb4a9a82, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:d3:6b:a6:56:d3:e1:8e:9b:3b:d3:27:19:01:
                    7c:e2:2a:25:ee:28:9f:e3:5f:10:95:04:4c:52:71:
                    0a:24:cc:db:d2:63:3f:33:59:16:a4:48:57:89:e4:
                    b7:3a:04:df:c1:9e:81:08:ed:07:1e:8c:ee:a5:67:
                    64:4b:27:81:73:22:e6:d2:14:fd:f6:a4:5f:91:1b:
                    46:df:3a:55:87:92:89:c4:60:dc:59:34:fb:8b:f4:
                    f0:74:a3:99:52:eb:b8:2d:2b:a3:f9:d2:c2:18:15:
                    a7:b6:13:c3:f4:53:6a:51:e8:f3:08:23:78:06:f7:
                    5e:09:63:28:a4:02:7b:af:f3:25:2e:b5:8d:4f:8b:
                    0c:b7:81:98:94:22:44:b6:b5:07:5b:8f:96:22:da:
                    e7:0d:9d:40:d8:c4:3c:05:3b:17:1a:a1:17:59:d2:
                    38:a6:49:73:5d:65:a1:83:13:17:43:e7:c8:ae:b8:
                    d5:e9:43:a7:8e:69:70:3b:06:51:d2:d7:60:f0:06:
                    67:ba:37:8a:cc:00:ff:a9:b1:de:0a:7d:18:de:36:
                    41:9e:87:13:77:6f:85:e8:4c:ed:7c:05:12:00:90:
                    fc:46:76:23:86:5e:95:7f:8c:11:fd:cb:5c:de:0b:
                    e8:a1:cd:84:71:88:c1:80:1f:9d:1b:d1:03:d2:1b:
                    ca:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:6A:B6:1A:76:BF:BF:2E:86:43:47:84:0B:61:23:A8:51:73:34:25
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/592229fc-0992-48a6-b4d6-3aa5c5bede73.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.89.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1c:aa:3f:12:e9:d6:6d:98:d1:5c:d1:d7:80:91:f2:03:14:00:
         ec:e9:22:77:a2:5e:39:d5:e7:19:84:4e:de:07:c1:ce:71:2d:
         f1:ec:03:e9:4d:89:67:2f:49:76:f3:89:18:a6:63:10:17:d9:
         78:b4:4d:46:ea:fb:c6:72:52:b0:80:c4:44:a7:f4:8f:6f:3e:
         f4:59:2e:a5:66:be:cc:61:0e:a6:c0:99:77:b4:e4:ac:a0:ea:
         9f:8a:2f:7d:22:21:f5:89:f4:e2:4d:aa:82:c9:af:84:22:c6:
         a0:5a:4e:95:b2:de:39:e5:d5:c3:d4:1d:23:a5:7b:ff:2a:4c:
         fc:76:e6:d2:6a:1d:d9:8d:b3:7d:e8:bb:cd:3a:9c:a6:11:61:
         dd:5b:f8:76:f9:f2:9b:7e:07:e6:82:11:42:30:27:70:65:21:
         43:cb:cf:e0:c5:a4:75:ab:57:e6:bd:81:6b:35:c8:d4:df:b1:
         d4:6f:34:b5:4d:b6:a9:21:db:35:87:4f:6c:3d:13:f8:90:9b:
         30:a5:f7:25:64:cd:3c:e7:c4:55:98:e3:a6:df:18:7b:99:f8:
         80:96:87:cc:8a:32:c3:1e:e9:2b:f9:66:76:fa:66:31:d9:c8:
         63:6d:23:25:19:35:30:90:05:74:d3:a5:14:86:c6:e8:81:70:
         a7:46:59:73
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUZSFi8pj/EyCqma9XkCF1e+J4zgYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNTIwMTc0MDIzWhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMWM4MjMwZDE3M2VhNzI4ODA1N2M2Njg3NTAwN2IzMGEw
YzdmNDVmMThlNzBlYWE3OGRkZTBkM2JiNGE5YTgyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCi02umVtPhjps70ycZAXziKiXuKJ/jXxCVBExScQokzNvS
Yz8zWRakSFeJ5Lc6BN/BnoEI7QcejO6lZ2RLJ4FzIubSFP32pF+RG0bfOlWHkonE
YNxZNPuL9PB0o5lS67gtK6P50sIYFae2E8P0U2pR6PMII3gG914JYyikAnuv8yUu
tY1Piwy3gZiUIkS2tQdbj5Yi2ucNnUDYxDwFOxcaoRdZ0jimSXNdZaGDExdD58iu
uNXpQ6eOaXA7BlHS12DwBme6N4rMAP+psd4KfRjeNkGehxN3b4XoTO18BRIAkPxG
diOGXpV/jBH9y1zeC+ihzYRxiMGAH50b0QPSG8pjAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUH2q2Gna/vy6GQ0eEC2EjqFFzNCUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzU5MjIyOWZjLTA5OTItNDhhNi1iNGQ2LTNhYTVjNWJlZGU3My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2WTANBgkqhkiG9w0BAQsFAAOCAQEAHKo/EunWbZjRXNHXgJHyAxQA7Oki
d6JeOdXnGYRO3gfBznEt8ewD6U2JZy9JdvOJGKZjEBfZeLRNRur7xnJSsIDERKf0
j28+9FkupWa+zGEOpsCZd7TkrKDqn4ovfSIh9Yn04k2qgsmvhCLGoFpOlbLeOeXV
w9QdI6V7/ypM/Hbm0mod2Y2zfei7zTqcphFh3Vv4dvnym34H5oIRQjAncGUhQ8vP
4MWkdatX5r2BazXI1N+x1G80tU22qSHbNYdPbD0T+JCbMKX3JWTNPOfEVZjjpt8Y
e5n4gJaHzIoywx7pK/lmdvpmMdnIY20jJRk1MJAFdNOlFIbG6IFwp0ZZcw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:18:18 2025 by rpki-client