Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/63982151-fe23-4ff2-a258-ba97c1ecd12a.roa
File:                     63982151-fe23-4ff2-a258-ba97c1ecd12a.roa (raw, json)
Hash identifier:          QdSavXScmt25rE19UYj7O8rWFRoK9fpbObqQ6kGd6sA=
Subject key identifier:   5C:B9:96:63:C9:92:85:7D:74:DB:A4:49:94:5A:4B:95:38:17:12:01
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       39CA9C0B2E896FD98E3B5AC2C253773DD469AEAE
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/63982151-fe23-4ff2-a258-ba97c1ecd12a.roa
Signing time:             Tue 29 Jul 2025 18:20:12 +0000
ROA not before:           Tue 29 Jul 2025 18:20:12 +0000
ROA not after:            Tue 02 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.82.129.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:ca:9c:0b:2e:89:6f:d9:8e:3b:5a:c2:c2:53:77:3d:d4:69:ae:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 29 18:20:12 2025 GMT
            Not After : Sep  2 23:59:59 2025 GMT
        Subject: serialNumber=61b179cbf4c4e92e4e429da289cd3a19108b25dfb9c24f04b24e408bcf03d13e, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:0e:23:d8:fd:c3:f9:df:53:6b:d3:3d:80:cc:
                    59:36:11:72:79:c2:4d:e0:6f:5f:09:d9:ac:d5:9b:
                    a4:57:37:e4:6f:bb:63:0d:31:0f:45:a9:1e:68:71:
                    fd:f7:5a:de:8e:3d:02:69:9b:5c:34:54:7f:65:59:
                    f6:c5:cb:6e:98:78:12:da:3f:33:eb:d8:58:ac:93:
                    e5:22:d8:ac:2f:2c:d5:fb:07:5a:d4:40:99:a0:56:
                    3f:08:f1:9f:68:f1:cf:a9:e1:17:e1:a2:f4:b6:3c:
                    1e:22:3d:99:a7:52:36:7f:f0:06:c2:01:80:86:e4:
                    c2:04:95:c7:d9:1e:55:6b:89:8a:3e:94:4a:7c:bb:
                    e3:32:75:97:c5:a4:03:f2:d4:10:94:27:92:f2:d5:
                    1e:13:4d:77:90:97:b6:dd:07:ff:9b:f9:23:0d:ce:
                    47:e7:ea:94:51:a8:49:78:d5:24:99:67:f5:ef:24:
                    b7:1e:c7:4b:27:e3:87:70:5f:63:80:2b:3e:96:9d:
                    90:e2:eb:9d:3e:53:02:61:5f:58:f7:9a:c6:b7:4c:
                    19:24:b2:3c:e2:a7:d6:fd:bc:b3:52:24:f2:c5:f9:
                    a6:ae:02:f8:46:9f:40:66:f4:ad:9d:12:05:a5:07:
                    34:3e:df:a1:6f:b8:40:ab:9e:c1:49:76:4b:6f:ed:
                    62:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:B9:96:63:C9:92:85:7D:74:DB:A4:49:94:5A:4B:95:38:17:12:01
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/63982151-fe23-4ff2-a258-ba97c1ecd12a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.82.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:ea:30:d2:7a:68:61:bb:10:06:3b:b5:34:17:e9:33:b3:56:
         6b:ec:cc:bf:f5:9c:64:52:96:14:6d:4f:ad:ce:5a:cb:6f:17:
         5a:39:f2:7e:76:96:8a:89:69:b4:2c:1b:f2:08:68:1a:5b:c2:
         e0:98:7c:aa:4c:d1:61:9c:64:fe:15:5f:7c:26:ab:06:1e:75:
         10:47:65:5d:ae:f5:2d:90:96:23:e2:4c:e8:3d:48:4e:18:67:
         5f:d1:de:23:45:7b:63:88:1e:2f:03:88:d7:a3:34:52:4e:31:
         5e:22:d4:68:7f:38:89:f4:e3:2a:df:47:5f:42:a7:b6:3c:68:
         38:aa:29:c0:38:8e:92:b3:fc:1f:0d:d1:b7:71:d1:70:51:16:
         ba:64:cf:40:28:b7:22:a9:22:66:6e:2b:ef:8a:cf:c9:6e:f9:
         90:65:9e:a4:e6:b0:a1:9e:f6:ac:41:ae:1b:d8:05:81:40:30:
         46:e8:6f:6f:b6:57:ba:9b:c1:cf:32:b6:55:5c:d2:01:87:dd:
         85:30:1a:e6:db:cf:26:d3:da:e1:91:e0:8f:34:97:7b:39:89:
         d7:79:3c:35:8d:e3:11:82:d0:c5:2d:4c:23:05:6e:02:f6:c4:
         4c:2b:7a:d0:69:64:d7:76:ca:7e:43:3d:4d:2c:4d:79:17:2f:
         36:23:d0:5e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOcqcCy6Jb9mOO1rCwlN3PdRprq4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI5MTgyMDEyWhcNMjUwOTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A2MWIxNzljYmY0YzRlOTJlNGU0MjlkYTI4OWNkM2ExOTEw
OGIyNWRmYjljMjRmMDRiMjRlNDA4YmNmMDNkMTNlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDDiPY/cP531Nr0z2AzFk2EXJ5wk3gb18J2azVm6RXN+Rv
u2MNMQ9FqR5ocf33Wt6OPQJpm1w0VH9lWfbFy26YeBLaPzPr2Fisk+Ui2KwvLNX7
B1rUQJmgVj8I8Z9o8c+p4RfhovS2PB4iPZmnUjZ/8AbCAYCG5MIElcfZHlVriYo+
lEp8u+MydZfFpAPy1BCUJ5Ly1R4TTXeQl7bdB/+b+SMNzkfn6pRRqEl41SSZZ/Xv
JLcex0sn44dwX2OAKz6WnZDi650+UwJhX1j3msa3TBkksjzip9b9vLNSJPLF+aau
AvhGn0Bm9K2dEgWlBzQ+36FvuECrnsFJdktv7WJLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXLmWY8mShX1026RJlFpLlTgXEgEwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzYzOTgyMTUxLWZlMjMtNGZmMi1hMjU4LWJhOTdjMWVjZDEyYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA2UoEwDQYJKoZIhvcNAQELBQADggEBAJbqMNJ6aGG7EAY7tTQX6TOzVmvs
zL/1nGRSlhRtT63OWstvF1o58n52loqJabQsG/IIaBpbwuCYfKpM0WGcZP4VX3wm
qwYedRBHZV2u9S2QliPiTOg9SE4YZ1/R3iNFe2OIHi8DiNejNFJOMV4i1Gh/OIn0
4yrfR19Cp7Y8aDiqKcA4jpKz/B8N0bdx0XBRFrpkz0AotyKpImZuK++Kz8lu+ZBl
nqTmsKGe9qxBrhvYBYFAMEbob2+2V7qbwc8ytlVc0gGH3YUwGubbzybT2uGR4I80
l3s5idd5PDWN4xGC0MUtTCMFbgL2xEwretBpZNd2yn5DPU0sTXkXLzYj0F4=
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:10:24 2025 by rpki-client