Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/73bc1116-9ced-4e7f-8ea8-4d0dc8847fca.roa
File:                     73bc1116-9ced-4e7f-8ea8-4d0dc8847fca.roa (raw, json)
Hash identifier:          svKNA/p+AGaWfGIulLD5giypLoNRcHA/j461mqcXqOs=
Subject key identifier:   B2:93:8F:F5:5C:53:3B:41:0C:91:59:08:0B:D3:3D:BD:C0:C6:9D:A2
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       1398F551E0D738E53850D2AF1D0313F814F38168
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/73bc1116-9ced-4e7f-8ea8-4d0dc8847fca.roa
Signing time:             Tue 20 May 2025 16:32:05 +0000
ROA not before:           Tue 20 May 2025 16:32:05 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.162.1.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:98:f5:51:e0:d7:38:e5:38:50:d2:af:1d:03:13:f8:14:f3:81:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 20 16:32:05 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=8b597a94c4ae5bab83e92b04a52182a3093621700f1488c929861f6645b2de59, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:03:e6:ab:46:5c:0a:c8:61:33:e5:40:4d:65:
                    c2:9e:ae:ee:b5:48:20:9a:af:5c:d0:42:d0:52:1b:
                    66:79:ee:48:69:e9:8a:d2:f2:e4:31:ba:bd:2e:cf:
                    82:54:b9:70:82:ce:06:fc:b5:c8:99:df:2d:57:67:
                    64:2a:16:ab:0b:21:a4:e9:e8:63:92:d3:c4:bd:92:
                    fe:d4:4c:21:9d:6b:eb:15:d5:8a:b1:3a:c5:92:df:
                    6a:36:32:09:01:0b:37:af:0f:c8:5b:2a:47:97:82:
                    40:e1:93:c9:ed:5d:92:26:06:e4:6b:bf:de:06:dc:
                    a0:80:40:8d:74:19:54:2d:ba:75:c6:03:b5:5a:b5:
                    74:f7:5f:5f:a4:60:e8:6d:0e:56:8d:a9:d3:bb:b0:
                    0f:18:bc:9d:23:f7:1b:ff:0b:f3:5a:ed:4a:b0:4b:
                    00:90:63:8d:59:8c:16:e5:60:b5:d5:60:40:d0:e6:
                    75:bb:b0:9a:33:1d:8e:ac:84:9c:34:05:a9:6b:33:
                    79:ba:d8:cd:08:97:fd:32:ce:d4:57:83:db:66:f6:
                    6d:46:72:b0:27:7d:78:d5:73:ad:20:9b:39:5c:03:
                    85:de:23:ac:6a:99:4f:12:b4:2b:14:5b:91:c7:b3:
                    06:59:44:c6:4c:7a:f0:b0:ee:2c:88:4f:bb:2a:d3:
                    0d:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:93:8F:F5:5C:53:3B:41:0C:91:59:08:0B:D3:3D:BD:C0:C6:9D:A2
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/73bc1116-9ced-4e7f-8ea8-4d0dc8847fca.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.162.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:3e:76:d8:5a:f3:1e:1d:a8:d4:be:42:62:bf:ca:15:a9:39:
         76:b4:12:29:29:1c:e5:2b:5d:a0:f4:ac:31:a6:46:cf:35:fa:
         2d:ba:da:bc:2f:de:73:bf:07:9c:b3:31:d5:32:40:0a:c3:4f:
         d0:8b:b4:4f:2e:a7:b4:f2:9e:4b:d4:94:81:e7:c7:1c:a0:97:
         50:63:16:9d:75:da:f0:77:78:e4:29:fb:72:88:8a:40:f0:1b:
         5f:10:0f:9e:1f:10:5a:1f:e6:ea:74:58:36:52:af:c8:26:4d:
         6b:b3:cb:a9:5a:8d:29:b4:08:28:36:e2:8f:27:8a:1d:2c:66:
         95:96:94:49:3d:8d:c2:93:4c:32:c6:e4:74:17:fc:eb:11:8f:
         3f:b0:ce:f3:80:b7:fd:73:4f:a0:09:cb:d8:7e:66:21:63:48:
         ca:c8:bd:49:04:26:5a:53:c7:81:54:dc:7a:5b:b0:2c:15:ee:
         9f:9f:71:07:49:d6:61:cd:cb:0a:2f:9b:63:cc:82:e7:fe:ad:
         ba:09:60:31:ec:d9:e4:03:8e:93:11:6b:41:ac:f4:8e:2f:c9:
         d2:cf:a2:e9:66:db:28:4f:08:ed:d8:3f:1a:33:68:2b:dd:5a:
         27:29:b3:c1:38:2a:b6:c5:69:94:26:f5:de:43:c5:cf:7a:09:
         da:b5:ff:77
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUE5j1UeDXOOU4UNKvHQMT+BTzgWgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNTIwMTYzMjA1WhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A4YjU5N2E5NGM0YWU1YmFiODNlOTJiMDRhNTIxODJhMzA5
MzYyMTcwMGYxNDg4YzkyOTg2MWY2NjQ1YjJkZTU5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDCA+arRlwKyGEz5UBNZcKeru61SCCar1zQQtBSG2Z57khp
6YrS8uQxur0uz4JUuXCCzgb8tciZ3y1XZ2QqFqsLIaTp6GOS08S9kv7UTCGda+sV
1YqxOsWS32o2MgkBCzevD8hbKkeXgkDhk8ntXZImBuRrv94G3KCAQI10GVQtunXG
A7VatXT3X1+kYOhtDlaNqdO7sA8YvJ0j9xv/C/Na7UqwSwCQY41ZjBblYLXVYEDQ
5nW7sJozHY6shJw0BalrM3m62M0Il/0yztRXg9tm9m1GcrAnfXjVc60gmzlcA4Xe
I6xqmU8StCsUW5HHswZZRMZMevCw7iyIT7sq0w0LAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUspOP9VxTO0EMkVkIC9M9vcDGnaIwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzczYmMxMTE2LTljZWQtNGU3Zi04ZWE4LTRkMGRjODg0N2ZjYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAASogEwDQYJKoZIhvcNAQELBQADggEBACE+dtha8x4dqNS+QmK/yhWpOXa0
EikpHOUrXaD0rDGmRs81+i262rwv3nO/B5yzMdUyQArDT9CLtE8up7TynkvUlIHn
xxygl1BjFp112vB3eOQp+3KIikDwG18QD54fEFof5up0WDZSr8gmTWuzy6lajSm0
CCg24o8nih0sZpWWlEk9jcKTTDLG5HQX/OsRjz+wzvOAt/1zT6AJy9h+ZiFjSMrI
vUkEJlpTx4FU3HpbsCwV7p+fcQdJ1mHNywovm2PMguf+rboJYDHs2eQDjpMRa0Gs
9I4vydLPoulm2yhPCO3YPxozaCvdWicps8E4KrbFaZQm9d5Dxc96Cdq1/3c=
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:13:01 2025 by rpki-client