Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/87c185ae-9dbb-4e48-818e-6a611c8874e1.roa
File:                     87c185ae-9dbb-4e48-818e-6a611c8874e1.roa (raw, json)
Hash identifier:          kC9CbO88ezQau2/u4mYQxsCxGvYiLJMQOAX1W/TY2lM=
Subject key identifier:   1C:8F:81:EB:C5:51:03:65:DF:04:B5:72:92:5B:55:8D:8B:F3:B5:DA
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       109D16113C45CC80A6AD246844CDCEB3B2F97890
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/87c185ae-9dbb-4e48-818e-6a611c8874e1.roa
Signing time:             Sat 26 Apr 2025 00:50:11 +0000
ROA not before:           Sat 26 Apr 2025 00:50:11 +0000
ROA not after:            Sat 31 May 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        54.240.64.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:9d:16:11:3c:45:cc:80:a6:ad:24:68:44:cd:ce:b3:b2:f9:78:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr 26 00:50:11 2025 GMT
            Not After : May 31 23:59:59 2025 GMT
        Subject: serialNumber=be93ea65181b3863639f56b21d9c3789e18c66b4edf1a92398f37cb3814df470, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:47:b0:69:f7:9f:86:b4:16:2c:29:b3:67:5a:
                    de:e0:9e:4e:3f:83:21:e0:53:67:04:b6:d9:43:04:
                    54:a2:82:d1:16:6f:17:4c:3e:44:4d:d2:e5:2c:16:
                    af:5b:ed:d9:30:67:c7:43:24:2a:a7:a4:5e:ea:fa:
                    37:51:d5:f6:3e:36:0b:ef:39:ac:d0:23:f3:3d:3d:
                    5c:eb:2b:c4:fc:b2:e9:4f:30:86:f7:27:50:2e:8d:
                    b1:44:cd:88:e7:73:7c:70:6b:66:2c:55:08:17:1a:
                    f4:f9:b9:7e:dc:57:b3:90:58:2d:61:14:29:80:da:
                    eb:dc:ea:fe:ff:42:ad:02:f9:d3:90:4a:1a:77:ea:
                    5a:bf:75:09:2a:ef:c6:7e:43:89:bf:b1:61:e3:f1:
                    f3:9e:84:a3:d1:12:d4:de:91:a2:1c:72:0d:8f:62:
                    6e:89:f4:e3:a0:e3:e6:58:f6:9a:cd:03:4c:6d:c9:
                    8f:0e:ba:77:3e:a9:91:39:8a:d3:54:2c:42:fc:fc:
                    7a:95:68:72:33:26:02:6f:22:aa:d3:97:7c:42:ed:
                    bc:ff:18:a8:11:e7:13:f3:83:d9:1e:c2:36:e7:95:
                    cf:57:f7:d5:c8:ae:f5:1a:34:ca:c3:82:e6:0e:c5:
                    c9:b5:bf:0f:c7:e4:5d:8c:c6:44:a0:08:c9:cf:8b:
                    e1:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:8F:81:EB:C5:51:03:65:DF:04:B5:72:92:5B:55:8D:8B:F3:B5:DA
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/87c185ae-9dbb-4e48-818e-6a611c8874e1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.240.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         22:22:16:2b:94:bd:bc:23:06:bc:f8:15:8a:a0:3b:b4:ec:16:
         dd:2c:dc:17:06:9f:bd:d9:59:1a:fa:32:d0:5e:5b:89:c2:99:
         47:e0:98:40:86:0d:f8:2c:3c:45:6b:e8:e2:f0:d7:63:df:55:
         d8:c3:fe:81:74:f0:6d:f0:ec:79:61:4b:34:cd:91:d0:06:91:
         22:d3:03:dc:14:f2:5a:da:b7:f5:e2:64:18:14:05:5f:50:9b:
         e2:74:3e:c2:a2:c7:9a:eb:3c:e1:bf:34:15:22:be:ca:34:c5:
         5f:df:4e:ad:4c:c6:60:75:81:ce:be:3e:32:51:d3:6a:8e:dd:
         20:a0:ce:15:c3:8e:c1:4f:61:7b:5d:f2:af:bb:ea:44:03:56:
         cf:35:9a:48:6b:e6:c3:98:90:a2:32:94:3b:5e:6b:22:64:e5:
         52:f1:22:a9:b6:98:cb:f7:aa:69:3d:a5:6e:84:01:82:d4:24:
         c3:0c:fc:8f:51:ee:fb:43:bc:9d:67:30:c6:56:9a:dc:31:70:
         86:45:9c:4c:f0:6a:67:7d:1d:a9:b6:a9:a7:39:27:f1:75:7c:
         8c:c6:d6:0a:b7:0f:35:fd:a4:28:26:ee:eb:8c:bc:e7:08:6f:
         5c:ef:28:8f:49:b2:bb:24:8b:db:b9:a8:78:63:0d:99:62:1c:
         e5:50:85:db
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEJ0WETxFzICmrSRoRM3Os7L5eJAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDI2MDA1MDExWhcNMjUwNTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiZTkzZWE2NTE4MWIzODYzNjM5ZjU2YjIxZDljMzc4OWUx
OGM2NmI0ZWRmMWE5MjM5OGYzN2NiMzgxNGRmNDcwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbR7Bp95+GtBYsKbNnWt7gnk4/gyHgU2cEttlDBFSigtEW
bxdMPkRN0uUsFq9b7dkwZ8dDJCqnpF7q+jdR1fY+NgvvOazQI/M9PVzrK8T8sulP
MIb3J1AujbFEzYjnc3xwa2YsVQgXGvT5uX7cV7OQWC1hFCmA2uvc6v7/Qq0C+dOQ
Shp36lq/dQkq78Z+Q4m/sWHj8fOehKPREtTekaIccg2PYm6J9OOg4+ZY9prNA0xt
yY8Ounc+qZE5itNULEL8/HqVaHIzJgJvIqrTl3xC7bz/GKgR5xPzg9kewjbnlc9X
99XIrvUaNMrDguYOxcm1vw/H5F2MxkSgCMnPi+ETAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUHI+B68VRA2XfBLVykltVjYvztdowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzg3YzE4NWFlLTlkYmItNGU0OC04MThlLTZhNjExYzg4NzRlMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQ28EAwDQYJKoZIhvcNAQELBQADggEBACIiFiuUvbwjBrz4FYqgO7TsFt0s
3BcGn73ZWRr6MtBeW4nCmUfgmECGDfgsPEVr6OLw12PfVdjD/oF08G3w7HlhSzTN
kdAGkSLTA9wU8lrat/XiZBgUBV9Qm+J0PsKix5rrPOG/NBUivso0xV/fTq1MxmB1
gc6+PjJR02qO3SCgzhXDjsFPYXtd8q+76kQDVs81mkhr5sOYkKIylDteayJk5VLx
Iqm2mMv3qmk9pW6EAYLUJMMM/I9R7vtDvJ1nMMZWmtwxcIZFnEzwamd9Ham2qac5
J/F1fIzG1gq3DzX9pCgm7uuMvOcIb1zvKI9Jsrski9u5qHhjDZliHOVQhds=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:52:12 2025 by rpki-client