Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/76a36ab9-ada7-4025-9224-bcf99f3e1a8c.roa
File:                     76a36ab9-ada7-4025-9224-bcf99f3e1a8c.roa (raw, json)
Hash identifier:          xeVomu4UiLWtDNOENXLBcxz5hbkIHj6/7jgvkH3scqo=
Subject key identifier:   6E:AD:0A:FE:F6:5C:B8:3B:36:F0:E7:95:24:41:9C:33:4E:2F:75:AD
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       19912402578CC7A554AA33E5B2CF94912F4E25C5
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/76a36ab9-ada7-4025-9224-bcf99f3e1a8c.roa
Signing time:             Wed 21 May 2025 00:20:19 +0000
ROA not before:           Wed 21 May 2025 00:20:19 +0000
ROA not after:            Wed 25 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        152.137.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:91:24:02:57:8c:c7:a5:54:aa:33:e5:b2:cf:94:91:2f:4e:25:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 21 00:20:19 2025 GMT
            Not After : Jun 25 23:59:59 2025 GMT
        Subject: serialNumber=1a7c8560f41287c405254223baa4d0e89df2291fd34fbd506a48c003cd56f680, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:94:9d:31:d4:a8:ff:3c:55:23:de:d4:92:bb:
                    9e:03:77:31:d1:9b:34:8f:ac:91:29:bf:24:d8:35:
                    e0:91:da:22:52:ba:a8:76:50:ce:ab:bd:7c:4b:41:
                    e3:10:e0:56:ff:9c:bd:76:35:5a:c6:11:b2:e9:16:
                    66:d2:ce:cd:27:6e:2e:2d:d6:18:73:c2:10:2f:15:
                    80:e5:d0:b7:63:f1:89:d2:9d:aa:c0:74:78:44:ab:
                    62:f5:b3:80:f3:36:0b:a6:c1:69:7c:f6:29:cb:2d:
                    92:99:af:74:93:56:1a:34:64:58:89:19:01:44:9f:
                    fd:d1:a9:f8:6b:90:09:c6:3d:56:1b:e4:cd:28:f7:
                    d6:64:2e:03:3b:8a:99:8e:96:7d:98:b2:2c:3b:46:
                    0a:2a:17:85:61:7e:3f:4d:09:63:6d:d1:7a:73:26:
                    00:71:3f:0d:57:78:4d:86:75:b4:d5:12:ad:64:27:
                    2e:26:8d:b2:fd:a5:f7:a4:f3:48:a7:6a:b4:db:85:
                    aa:f6:d4:a9:2a:a6:4c:05:60:c0:a9:f9:53:30:93:
                    41:a1:83:bc:0c:d8:fb:3c:ad:0e:3b:fc:81:02:5b:
                    d4:be:7d:e1:30:ca:09:ac:a1:86:c4:d1:f6:b7:ad:
                    89:72:67:4e:5f:62:bf:54:62:30:c4:0c:30:d6:7e:
                    10:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:AD:0A:FE:F6:5C:B8:3B:36:F0:E7:95:24:41:9C:33:4E:2F:75:AD
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/76a36ab9-ada7-4025-9224-bcf99f3e1a8c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.137.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1a:5b:30:d1:7a:85:43:e7:5b:52:8e:2f:c3:30:1c:d0:ea:6a:
         f3:bf:25:7f:5c:c5:a9:b1:79:e8:11:c8:21:8e:61:f2:6c:80:
         ea:be:16:76:67:f0:ab:37:50:36:64:6d:e2:22:4c:44:9f:2a:
         a6:b3:ff:d1:3e:a6:c9:0c:37:5b:be:37:eb:cb:07:bf:2e:2f:
         43:eb:5b:bb:3b:56:e9:93:b0:d2:b9:05:07:10:ee:e1:e0:df:
         46:06:84:40:f4:99:c7:3a:f8:c9:63:d0:e3:42:df:2f:9f:ee:
         b9:cb:89:3c:dd:54:b6:9d:6d:9b:82:68:96:3b:66:6c:75:e4:
         c4:1a:9c:ee:29:28:dd:ad:70:91:ec:c0:59:b7:45:78:bd:79:
         55:d6:a2:0c:2d:68:2a:50:05:b0:4c:bb:34:34:68:27:e1:e8:
         bb:0a:1c:b6:c1:fd:68:4c:72:d6:63:72:a8:15:1c:ca:59:a7:
         4d:4b:7a:83:3d:18:f2:c1:91:6c:1a:e0:05:91:23:6e:31:ab:
         38:e3:7c:ab:1c:ba:49:f5:52:5d:c7:aa:b2:9b:c9:bf:b2:ba:
         01:d4:5a:43:31:f3:b4:2e:89:ae:2c:48:a9:32:90:b4:39:82:
         08:f9:6d:9f:2b:31:12:11:b6:48:6e:dd:9c:6a:ff:83:b4:02:
         91:59:fa:61
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUGZEkAleMx6VUqjPlss+UkS9OJcUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNTIxMDAyMDE5WhcNMjUwNjI1MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYTdjODU2MGY0MTI4N2M0MDUyNTQyMjNiYWE0ZDBlODlk
ZjIyOTFmZDM0ZmJkNTA2YTQ4YzAwM2NkNTZmNjgwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDplJ0x1Kj/PFUj3tSSu54DdzHRmzSPrJEpvyTYNeCR2iJS
uqh2UM6rvXxLQeMQ4Fb/nL12NVrGEbLpFmbSzs0nbi4t1hhzwhAvFYDl0Ldj8YnS
narAdHhEq2L1s4DzNgumwWl89inLLZKZr3STVho0ZFiJGQFEn/3RqfhrkAnGPVYb
5M0o99ZkLgM7ipmOln2Ysiw7RgoqF4Vhfj9NCWNt0XpzJgBxPw1XeE2GdbTVEq1k
Jy4mjbL9pfek80inarTbhar21KkqpkwFYMCp+VMwk0Ghg7wM2Ps8rQ47/IECW9S+
feEwygmsoYbE0fa3rYlyZ05fYr9UYjDEDDDWfhDhAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUbq0K/vZcuDs28OeVJEGcM04vda0wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzc2YTM2YWI5LWFkYTctNDAyNS05MjI0LWJjZjk5ZjNlMWE4Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCYiTANBgkqhkiG9w0BAQsFAAOCAQEAGlsw0XqFQ+dbUo4vwzAc0Opq878l
f1zFqbF56BHIIY5h8myA6r4WdmfwqzdQNmRt4iJMRJ8qprP/0T6myQw3W74368sH
vy4vQ+tbuztW6ZOw0rkFBxDu4eDfRgaEQPSZxzr4yWPQ40LfL5/uucuJPN1Utp1t
m4JoljtmbHXkxBqc7iko3a1wkezAWbdFeL15VdaiDC1oKlAFsEy7NDRoJ+Houwoc
tsH9aExy1mNyqBUcylmnTUt6gz0Y8sGRbBrgBZEjbjGrOON8qxy6SfVSXceqspvJ
v7K6AdRaQzHztC6JrixIqTKQtDmCCPltnysxEhG2SG7dnGr/g7QCkVn6YQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:46:37 2025 by rpki-client