Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8ece0f2b-9572-4705-b673-7583881b70d8.roa
File:                     8ece0f2b-9572-4705-b673-7583881b70d8.roa (raw, json)
Hash identifier:          l0AUog/BABmP6jJfAZz4Ssdtq+oWczlRaCQ/pUr4koM=
Subject key identifier:   56:65:48:61:10:26:95:EA:22:B3:C7:97:9A:43:64:43:C6:D5:0D:1C
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       A05E4F68B368D18C2CFBF9AE96DA7F75FF345D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8ece0f2b-9572-4705-b673-7583881b70d8.roa
Signing time:             Fri 18 Apr 2025 17:41:53 +0000
ROA not before:           Fri 18 Apr 2025 17:41:53 +0000
ROA not after:            Fri 23 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.250.120.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            a0:5e:4f:68:b3:68:d1:8c:2c:fb:f9:ae:96:da:7f:75:ff:34:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr 18 17:41:53 2025 GMT
            Not After : May 23 23:59:59 2025 GMT
        Subject: serialNumber=ed7c95fd7425dd15dec9e8cf86ff9a4b869ac8c3bfe33f0923157eb5dfb84c34, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:db:18:73:68:7e:5f:4f:72:91:a7:15:7a:5c:
                    27:0b:e4:26:eb:ee:95:e4:73:08:5a:a3:0f:04:2d:
                    64:c6:4c:92:7e:25:79:43:93:9c:c0:c7:a2:5e:9f:
                    84:f1:af:f0:87:9d:c9:c6:d2:2e:43:41:d8:c4:eb:
                    55:c5:9b:3c:03:d6:6c:14:4c:4b:de:2f:b4:0f:91:
                    76:8a:4d:74:59:fb:4a:5d:95:69:b4:37:74:d0:eb:
                    12:33:b1:fb:81:a0:14:bb:d2:6f:c0:b6:6d:b3:d0:
                    bb:09:43:78:c3:f6:80:99:0c:87:0a:b4:95:27:5c:
                    98:39:9a:b9:88:6c:5b:d3:c6:8e:31:13:54:bd:6b:
                    86:7b:fc:e0:90:a8:6d:71:11:bf:1f:e7:01:c1:90:
                    61:a4:9e:87:54:d0:0f:9c:18:d4:00:c1:fa:32:b6:
                    87:a1:ed:c6:15:4c:51:8a:da:57:e3:0f:b3:00:bc:
                    22:fb:71:a3:75:1e:07:e9:3a:ba:ad:84:9f:63:46:
                    23:aa:b3:56:84:aa:5d:64:49:9e:fc:60:07:43:b2:
                    a9:6a:8a:ef:c1:a7:4c:b9:80:4f:e5:4d:3b:ec:c4:
                    d1:81:3f:78:41:99:41:e8:22:3b:48:bc:50:d6:66:
                    e1:42:8f:c9:a9:64:80:ea:0d:fb:f0:63:d1:21:49:
                    b8:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:65:48:61:10:26:95:EA:22:B3:C7:97:9A:43:64:43:C6:D5:0D:1C
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8ece0f2b-9572-4705-b673-7583881b70d8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.250.120.0/21

    Signature Algorithm: sha256WithRSAEncryption
         2f:a2:12:71:23:12:5a:70:cd:1b:f0:fb:ed:f7:ad:da:7e:20:
         8c:a5:a2:e2:9b:08:75:e2:1a:05:57:73:ea:4e:b0:96:4a:6e:
         78:ff:91:d5:5d:ca:93:3f:28:81:e6:44:68:31:3e:3e:25:5f:
         a1:c4:2e:e8:1a:fc:17:46:6c:bc:d9:d4:36:b0:b2:7f:91:fa:
         1b:5c:8e:11:9c:61:81:18:9a:69:c9:96:88:74:25:e4:73:7c:
         f2:b1:2f:a3:cc:94:f3:43:33:7d:a1:40:4e:b0:b4:a1:1c:30:
         3c:cf:0d:65:4b:df:f3:06:bd:c5:a1:ea:9c:10:a5:ea:82:7d:
         5d:02:97:52:15:6f:f1:56:38:eb:a3:e7:0b:44:67:c6:04:f5:
         6c:ee:9a:01:1b:d1:fa:86:52:d1:c5:a8:1c:3d:8f:49:9a:6a:
         d3:c0:9f:d5:7c:2f:76:84:60:48:dd:01:36:e2:ca:9c:32:64:
         ca:57:53:e7:c3:ab:b1:e8:5b:87:a7:7f:ff:35:ac:5b:28:a1:
         71:28:73:55:bf:4c:23:41:95:61:f9:1f:2f:c4:70:0f:54:71:
         49:20:d3:93:52:18:05:23:3e:18:70:7c:5e:15:ad:76:6b:d8:
         9e:59:58:17:b9:b1:5c:e6:5e:63:13:46:da:3a:e1:56:e9:d5:
         d7:4f:5d:c4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAKBeT2izaNGMLPv5rpbaf3X/NF0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDE4MTc0MTUzWhcNMjUwNTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlZDdjOTVmZDc0MjVkZDE1ZGVjOWU4Y2Y4NmZmOWE0Yjg2
OWFjOGMzYmZlMzNmMDkyMzE1N2ViNWRmYjg0YzM0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCS2xhzaH5fT3KRpxV6XCcL5Cbr7pXkcwhaow8ELWTGTJJ+
JXlDk5zAx6Jen4Txr/CHncnG0i5DQdjE61XFmzwD1mwUTEveL7QPkXaKTXRZ+0pd
lWm0N3TQ6xIzsfuBoBS70m/Atm2z0LsJQ3jD9oCZDIcKtJUnXJg5mrmIbFvTxo4x
E1S9a4Z7/OCQqG1xEb8f5wHBkGGknodU0A+cGNQAwfoytoeh7cYVTFGK2lfjD7MA
vCL7caN1HgfpOrqthJ9jRiOqs1aEql1kSZ78YAdDsqlqiu/Bp0y5gE/lTTvsxNGB
P3hBmUHoIjtIvFDWZuFCj8mpZIDqDfvwY9EhSbi1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVmVIYRAmleois8eXmkNkQ8bVDRwwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzhlY2UwZjJiLTk1NzItNDcwNS1iNjczLTc1ODM4ODFiNzBkOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAM2+ngwDQYJKoZIhvcNAQELBQADggEBAC+iEnEjElpwzRvw++33rdp+IIyl
ouKbCHXiGgVXc+pOsJZKbnj/kdVdypM/KIHmRGgxPj4lX6HELuga/BdGbLzZ1Daw
sn+R+htcjhGcYYEYmmnJloh0JeRzfPKxL6PMlPNDM32hQE6wtKEcMDzPDWVL3/MG
vcWh6pwQpeqCfV0Cl1IVb/FWOOuj5wtEZ8YE9WzumgEb0fqGUtHFqBw9j0maatPA
n9V8L3aEYEjdATbiypwyZMpXU+fDq7HoW4enf/81rFsooXEoc1W/TCNBlWH5Hy/E
cA9UcUkg05NSGAUjPhhwfF4VrXZr2J5ZWBe5sVzmXmMTRto64Vbp1ddPXcQ=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:39:59 2025 by rpki-client