Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5edb979c-9e4e-4ecc-8602-4f07e5e7b0bd.roa
File:                     5edb979c-9e4e-4ecc-8602-4f07e5e7b0bd.roa (raw, json)
Hash identifier:          u2nl9LhXVue9Rs2BduSI6NQ1k0h0A9JODr6RgXTRWRg=
Subject key identifier:   A3:03:8D:43:2E:94:7D:48:E2:5C:BB:F1:51:A0:03:D5:76:BE:8A:54
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2C898F83046CA37EBC1CFDB7C31939FB348C0A77
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5edb979c-9e4e-4ecc-8602-4f07e5e7b0bd.roa
Signing time:             Tue 29 Jul 2025 16:50:24 +0000
ROA not before:           Tue 29 Jul 2025 16:50:24 +0000
ROA not after:            Tue 02 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.239.192.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:89:8f:83:04:6c:a3:7e:bc:1c:fd:b7:c3:19:39:fb:34:8c:0a:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 29 16:50:24 2025 GMT
            Not After : Sep  2 23:59:59 2025 GMT
        Subject: serialNumber=527381b2ec70324bd7079a236e084d554bb9347e39b9118fcf49e531c89356db, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:f1:6d:23:99:72:39:aa:43:a4:4b:13:f6:e5:
                    70:17:79:bd:df:ec:1a:90:14:35:1b:f2:eb:6d:03:
                    c5:bc:92:fc:6b:57:25:89:ed:26:f5:7c:24:1e:8c:
                    59:36:55:e0:94:fc:3a:3b:a6:a6:26:4e:d1:cd:f8:
                    d4:dc:6e:aa:05:da:e9:20:75:8b:01:2a:6a:38:f5:
                    46:95:3c:68:af:f1:e8:c8:24:0e:1b:bf:b4:dd:8e:
                    25:ff:43:7d:96:dd:3c:80:d9:bf:62:77:49:d8:80:
                    d3:b1:3b:b0:6b:e1:91:7f:50:d8:16:d8:88:15:a3:
                    a4:d9:e4:68:75:65:a5:be:37:4f:fe:72:66:f9:ee:
                    4e:be:ff:79:37:97:c3:b9:82:73:90:df:db:9d:9b:
                    4d:e7:66:cc:d3:94:3d:c9:04:ad:46:7a:a9:3c:35:
                    ba:3b:9f:b9:93:a0:34:c9:85:3f:02:d3:5c:eb:fe:
                    bd:82:6b:67:24:52:7d:40:ca:63:11:6d:cd:c6:71:
                    b6:43:6b:c5:9f:47:6d:79:6a:8f:e1:70:cd:f0:7b:
                    a2:7b:ae:0b:89:ea:76:ab:cb:14:4c:19:67:c4:1a:
                    ed:27:c7:7f:f6:a3:fb:63:3c:14:c5:0e:63:68:08:
                    1c:d4:25:95:9a:e5:02:dd:bf:12:77:6d:92:cc:53:
                    f1:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:03:8D:43:2E:94:7D:48:E2:5C:BB:F1:51:A0:03:D5:76:BE:8A:54
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5edb979c-9e4e-4ecc-8602-4f07e5e7b0bd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.239.192.0/19

    Signature Algorithm: sha256WithRSAEncryption
         85:6a:64:5b:fb:59:0f:cb:2d:65:1b:7c:97:64:70:3b:83:23:
         fc:17:33:8c:f2:b8:3d:44:60:e2:fe:76:5d:14:c7:3f:27:70:
         73:42:85:2a:2a:4e:aa:c1:7f:9f:27:56:13:dd:ac:03:8f:f4:
         3c:5a:9e:ec:ab:20:37:cc:7e:08:19:d5:c8:5e:1c:26:33:f8:
         a3:f6:eb:c4:ae:f2:a0:bc:5a:4c:f0:73:57:13:ac:32:21:73:
         f9:4b:e5:17:1f:c7:1d:cb:21:de:f6:9f:8c:5f:23:41:5d:71:
         d7:32:a5:7d:03:f5:6b:a7:2c:48:cb:fd:4c:36:9c:38:d1:c3:
         ac:ee:9d:cc:fa:bf:b7:f1:bc:96:fb:7f:19:06:81:ad:4f:d7:
         34:ba:d3:01:4c:a6:32:da:91:3c:16:8b:97:0f:57:f5:4c:83:
         06:10:4f:18:24:97:38:ea:89:1d:b1:8c:cf:0d:ee:99:ef:b9:
         de:62:8b:a9:27:f5:7e:16:05:23:f5:f1:ae:a9:74:90:f2:cd:
         f8:67:77:34:d5:87:5f:76:cc:73:fe:22:99:89:1b:88:27:13:
         dd:ee:f1:c0:49:41:21:63:6a:5f:c9:cb:09:64:34:af:27:63:
         42:ee:93:6b:35:d5:a6:cc:40:d2:5c:21:b3:bf:4c:dc:fb:41:
         f7:03:79:e3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULImPgwRso368HP23wxk5+zSMCncwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI5MTY1MDI0WhcNMjUwOTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A1MjczODFiMmVjNzAzMjRiZDcwNzlhMjM2ZTA4NGQ1NTRi
YjkzNDdlMzliOTExOGZjZjQ5ZTUzMWM4OTM1NmRiMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDA8W0jmXI5qkOkSxP25XAXeb3f7BqQFDUb8uttA8W8kvxr
VyWJ7Sb1fCQejFk2VeCU/Do7pqYmTtHN+NTcbqoF2ukgdYsBKmo49UaVPGiv8ejI
JA4bv7TdjiX/Q32W3TyA2b9id0nYgNOxO7Br4ZF/UNgW2IgVo6TZ5Gh1ZaW+N0/+
cmb57k6+/3k3l8O5gnOQ39udm03nZszTlD3JBK1Geqk8Nbo7n7mToDTJhT8C01zr
/r2Ca2ckUn1AymMRbc3GcbZDa8WfR215ao/hcM3we6J7rguJ6naryxRMGWfEGu0n
x3/2o/tjPBTFDmNoCBzUJZWa5QLdvxJ3bZLMU/ERAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUowONQy6UfUjiXLvxUaAD1Xa+ilQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzVlZGI5NzljLTllNGUtNGVjYy04NjAyLTRmMDdlNWU3YjBiZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU278AwDQYJKoZIhvcNAQELBQADggEBAIVqZFv7WQ/LLWUbfJdkcDuDI/wX
M4zyuD1EYOL+dl0Uxz8ncHNChSoqTqrBf58nVhPdrAOP9DxanuyrIDfMfggZ1che
HCYz+KP268Su8qC8Wkzwc1cTrDIhc/lL5Rcfxx3LId72n4xfI0FdcdcypX0D9Wun
LEjL/Uw2nDjRw6zuncz6v7fxvJb7fxkGga1P1zS60wFMpjLakTwWi5cPV/VMgwYQ
TxgklzjqiR2xjM8N7pnvud5ii6kn9X4WBSP18a6pdJDyzfhndzTVh192zHP+IpmJ
G4gnE93u8cBJQSFjal/JywlkNK8nY0Luk2s11abMQNJcIbO/TNz7QfcDeeM=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:35:28 2025 by rpki-client