Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7d3f8440-e28a-449a-b9ef-778f39d106c6.roa
File:                     7d3f8440-e28a-449a-b9ef-778f39d106c6.roa (raw, json)
Hash identifier:          dMUEoLGVbHlOtk9/Lsp6Lls4gRh67I1gGY08A7kAHJs=
Subject key identifier:   29:6F:30:70:C9:FA:24:B7:20:88:9B:8A:39:65:E3:74:2D:ED:98:64
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5545FBC84D822812C68382D8DFA6870AB7C24DB4
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7d3f8440-e28a-449a-b9ef-778f39d106c6.roa
Signing time:             Fri 11 Jul 2025 17:10:13 +0000
ROA not before:           Fri 11 Jul 2025 17:10:13 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.94.146.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:45:fb:c8:4d:82:28:12:c6:83:82:d8:df:a6:87:0a:b7:c2:4d:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 11 17:10:13 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=0b96e37ec83696a293d2be465c0f43e1e574458ce94d99766e98f02b588e9d1a, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:b0:31:46:90:a1:a7:7c:0d:2b:ba:71:a3:da:
                    07:ad:af:10:25:0b:b3:69:34:e0:26:83:ee:4c:b2:
                    75:7e:5f:2a:d1:6d:3e:12:d9:b0:2b:12:aa:72:06:
                    2a:86:d1:46:bc:d3:ea:af:81:19:58:9f:8c:fd:b1:
                    21:cd:a7:9b:45:02:c1:6a:a3:e5:74:b2:94:ce:ec:
                    19:bc:20:4d:99:05:76:e8:cc:c9:6c:0b:32:f0:bc:
                    0d:8d:e0:c1:8f:cb:14:f7:72:24:22:d7:e7:67:2b:
                    b2:b3:fc:22:4b:49:fb:6d:29:01:17:e1:63:e0:d2:
                    8a:4e:4f:96:d4:8d:d2:f1:c9:37:b1:7e:bf:25:89:
                    c1:8e:8e:5f:35:f9:53:7c:7f:35:3c:a4:be:43:64:
                    04:24:01:64:c1:0a:5b:d7:b2:59:b2:c4:06:fd:7f:
                    75:30:b4:ec:71:66:ac:ea:54:e3:73:59:73:c2:c5:
                    65:c9:3b:03:60:85:aa:a7:a0:17:ee:b9:23:e1:66:
                    a8:a1:20:46:24:a6:8e:bd:25:d5:a1:a6:2b:b1:d0:
                    bb:9c:67:80:3d:b3:d3:d5:3c:01:66:2a:cb:83:0b:
                    59:f2:4b:c0:3f:8e:63:7c:38:a8:53:63:82:b8:82:
                    59:5e:50:3b:8f:d7:23:21:9a:fa:91:31:e5:9b:83:
                    19:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:6F:30:70:C9:FA:24:B7:20:88:9B:8A:39:65:E3:74:2D:ED:98:64
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7d3f8440-e28a-449a-b9ef-778f39d106c6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.94.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:20:25:da:a6:8f:51:40:ee:0e:b7:ec:b7:ba:9f:3b:47:94:
         3e:3d:13:bb:f9:6e:55:fc:7d:5f:4a:60:37:a8:7a:87:56:c2:
         fb:69:00:d4:72:0f:ab:46:e7:36:d2:22:74:1d:9d:30:7e:73:
         7d:20:3b:71:ad:60:76:72:1d:9f:8b:58:59:e1:4e:34:d4:bb:
         a4:07:58:bf:b2:1a:de:ea:55:73:ae:b8:c6:97:bf:82:b3:bb:
         b0:9b:7d:06:0c:eb:ca:1f:3b:7b:5c:e6:2d:88:79:00:42:9a:
         01:5a:0c:5e:cb:99:bf:77:e2:d2:bd:85:c3:a0:50:65:72:f0:
         ff:f2:4b:33:22:35:da:49:0f:b4:89:d1:3d:a9:fe:2e:f3:92:
         3d:3d:62:b4:18:ea:5d:d5:f1:d6:a8:fa:62:2e:80:de:c5:41:
         d6:b7:95:d3:5f:06:1e:5c:33:29:9f:ec:86:0d:55:29:89:eb:
         37:6c:f0:29:74:7e:95:c0:0b:41:1c:07:1b:f9:25:53:9e:88:
         5a:1b:5d:91:03:4a:b8:d6:d1:08:dc:58:9c:fd:f7:ae:e3:c6:
         17:8c:80:17:49:a7:98:dd:a7:b2:e6:eb:4a:47:5e:e7:cf:ef:
         6d:f3:f9:4d:3a:ca:46:2d:8b:89:08:0e:3c:ef:1d:9f:30:ce:
         94:84:9e:9d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVUX7yE2CKBLGg4LY36aHCrfCTbQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzExMTcxMDEzWhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0AwYjk2ZTM3ZWM4MzY5NmEyOTNkMmJlNDY1YzBmNDNlMWU1
NzQ0NThjZTk0ZDk5NzY2ZTk4ZjAyYjU4OGU5ZDFhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzsDFGkKGnfA0runGj2getrxAlC7NpNOAmg+5MsnV+XyrR
bT4S2bArEqpyBiqG0Ua80+qvgRlYn4z9sSHNp5tFAsFqo+V0spTO7Bm8IE2ZBXbo
zMlsCzLwvA2N4MGPyxT3ciQi1+dnK7Kz/CJLSfttKQEX4WPg0opOT5bUjdLxyTex
fr8licGOjl81+VN8fzU8pL5DZAQkAWTBClvXslmyxAb9f3UwtOxxZqzqVONzWXPC
xWXJOwNghaqnoBfuuSPhZqihIEYkpo69JdWhpiux0LucZ4A9s9PVPAFmKsuDC1ny
S8A/jmN8OKhTY4K4glleUDuP1yMhmvqRMeWbgxnhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUKW8wcMn6JLcgiJuKOWXjdC3tmGQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzdkM2Y4NDQwLWUyOGEtNDQ5YS1iOWVmLTc3OGYzOWQxMDZjNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA0XpIwDQYJKoZIhvcNAQELBQADggEBAEMgJdqmj1FA7g637Le6nztHlD49
E7v5blX8fV9KYDeoeodWwvtpANRyD6tG5zbSInQdnTB+c30gO3GtYHZyHZ+LWFnh
TjTUu6QHWL+yGt7qVXOuuMaXv4Kzu7CbfQYM68ofO3tc5i2IeQBCmgFaDF7Lmb93
4tK9hcOgUGVy8P/ySzMiNdpJD7SJ0T2p/i7zkj09YrQY6l3V8dao+mIugN7FQda3
ldNfBh5cMymf7IYNVSmJ6zds8Cl0fpXAC0EcBxv5JVOeiFobXZEDSrjW0QjcWJz9
967jxheMgBdJp5jdp7Lm60pHXufP723z+U06ykYti4kIDjzvHZ8wzpSEnp0=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:44:28 2025 by rpki-client