Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9dd61ff9-fe4a-41e9-b9cb-c1484aa5ce10.roa
File:                     9dd61ff9-fe4a-41e9-b9cb-c1484aa5ce10.roa (raw, json)
Hash identifier:          DlmfiO96gx9Cwg603vLHC8G+pj/tmKiRtWLHoHU1bVw=
Subject key identifier:   E9:5A:BB:C5:5A:D7:C3:74:33:CD:9A:46:32:09:16:2C:5B:13:15:0B
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5B22576B45E3BB3100FF195B8C984C4A382F81A0
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9dd61ff9-fe4a-41e9-b9cb-c1484aa5ce10.roa
Signing time:             Tue 03 Jun 2025 15:40:27 +0000
ROA not before:           Tue 03 Jun 2025 15:40:27 +0000
ROA not after:            Tue 08 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.64.0.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:22:57:6b:45:e3:bb:31:00:ff:19:5b:8c:98:4c:4a:38:2f:81:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun  3 15:40:27 2025 GMT
            Not After : Jul  8 23:59:59 2025 GMT
        Subject: serialNumber=fe98664cfb224b7242afd4932a6f61d9f4f7c30605f198bccd3cd19c44447583, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:09:ba:5a:af:b2:f4:f0:cb:ba:38:75:96:cf:
                    0a:e0:95:62:71:61:b8:ad:ea:7c:6a:49:74:a3:e9:
                    65:cd:f5:11:24:3e:c0:b7:6e:70:82:2b:5f:4f:c8:
                    19:6e:69:6e:29:7d:41:51:79:a5:21:a6:f9:2f:0b:
                    68:4b:92:6c:e0:3e:97:07:a9:74:e1:7a:1a:0d:e2:
                    97:f0:47:d6:ec:b8:d4:f6:d8:14:9c:da:bf:62:45:
                    54:71:8d:fe:ed:b0:3e:85:72:34:51:ee:59:8b:e7:
                    fd:4a:e8:d2:93:7f:2c:0d:ca:90:4d:83:76:05:a2:
                    ae:72:dd:44:82:fd:7f:5a:43:15:a2:37:26:ef:ec:
                    24:25:07:62:14:e3:50:68:e3:2e:06:c6:05:88:cc:
                    88:27:50:9b:69:1a:01:54:2e:bf:bc:ef:75:c1:5e:
                    71:8d:30:05:b4:c2:88:19:4b:97:9e:76:44:e9:b0:
                    b9:7f:7d:cf:5e:ed:55:2c:3a:40:87:cf:71:cb:20:
                    40:ce:db:db:d8:d2:4c:22:d4:dd:7d:2c:1f:f5:41:
                    7d:d6:7e:62:e3:20:7a:b8:fe:a4:6a:1f:a0:df:4d:
                    04:00:eb:47:85:00:e7:a9:c9:2e:a1:31:66:76:61:
                    4d:74:d2:98:1c:ec:fd:b1:61:21:6e:24:90:90:66:
                    a4:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:5A:BB:C5:5A:D7:C3:74:33:CD:9A:46:32:09:16:2C:5B:13:15:0B
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9dd61ff9-fe4a-41e9-b9cb-c1484aa5ce10.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.64.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         a2:02:02:d1:6b:3b:df:98:4c:46:1c:61:57:05:4d:c6:88:af:
         3e:33:a7:a2:bf:06:af:3f:72:69:d3:7d:52:01:08:bc:3e:e6:
         83:76:e6:37:56:3b:be:c1:74:f1:36:38:22:01:73:08:82:5c:
         7a:a3:23:2f:7b:67:ac:8a:38:3f:f6:3f:c6:a0:09:0b:0f:a2:
         3e:04:69:aa:e7:70:4c:a7:1c:d7:e8:b7:f4:69:ee:2d:34:ce:
         77:78:d8:64:f8:44:de:dc:06:75:25:fb:06:dd:33:af:36:68:
         25:f8:a5:6d:10:ba:a9:84:8a:86:4d:07:3b:6c:3b:c4:d9:40:
         06:8f:27:1c:0a:58:4e:f4:76:ca:90:eb:91:40:3d:d9:64:06:
         cb:7c:7c:2b:13:b2:d7:1e:94:a2:92:6e:a4:e6:d1:2f:64:7a:
         1f:7f:e8:bc:c5:a5:d0:9e:ed:50:04:d5:03:74:e7:81:d4:6d:
         be:bf:9e:0f:2a:ef:f5:e9:bc:4f:12:26:e8:7d:23:ba:fc:5f:
         48:28:5f:41:d2:34:d5:07:31:a4:05:78:c0:7c:5e:31:12:81:
         3f:6e:69:4e:e6:5d:3e:f3:0b:cc:d3:22:91:58:ce:b0:bf:db:
         c8:e5:95:8e:1b:0a:e6:f7:8b:87:d5:d5:c6:c9:6c:f8:58:92:
         79:b2:30:99
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWyJXa0XjuzEA/xlbjJhMSjgvgaAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNjAzMTU0MDI3WhcNMjUwNzA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BmZTk4NjY0Y2ZiMjI0YjcyNDJhZmQ0OTMyYTZmNjFkOWY0
ZjdjMzA2MDVmMTk4YmNjZDNjZDE5YzQ0NDQ3NTgzMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDbCbpar7L08Mu6OHWWzwrglWJxYbit6nxqSXSj6WXN9REk
PsC3bnCCK19PyBluaW4pfUFReaUhpvkvC2hLkmzgPpcHqXThehoN4pfwR9bsuNT2
2BSc2r9iRVRxjf7tsD6FcjRR7lmL5/1K6NKTfywNypBNg3YFoq5y3USC/X9aQxWi
Nybv7CQlB2IU41Bo4y4GxgWIzIgnUJtpGgFULr+873XBXnGNMAW0wogZS5eedkTp
sLl/fc9e7VUsOkCHz3HLIEDO29vY0kwi1N19LB/1QX3WfmLjIHq4/qRqH6DfTQQA
60eFAOepyS6hMWZ2YU100pgc7P2xYSFuJJCQZqQpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU6Vq7xVrXw3QzzZpGMgkWLFsTFQswHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzlkZDYxZmY5LWZlNGEtNDFlOS1iOWNiLWMxNDg0YWE1Y2UxMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAc0QAAwDQYJKoZIhvcNAQELBQADggEBAKICAtFrO9+YTEYcYVcFTcaIrz4z
p6K/Bq8/cmnTfVIBCLw+5oN25jdWO77BdPE2OCIBcwiCXHqjIy97Z6yKOD/2P8ag
CQsPoj4EaarncEynHNfot/Rp7i00znd42GT4RN7cBnUl+wbdM682aCX4pW0QuqmE
ioZNBztsO8TZQAaPJxwKWE70dsqQ65FAPdlkBst8fCsTstcelKKSbqTm0S9keh9/
6LzFpdCe7VAE1QN054HUbb6/ng8q7/XpvE8SJuh9I7r8X0goX0HSNNUHMaQFeMB8
XjESgT9uaU7mXT7zC8zTIpFYzrC/28jllY4bCub3i4fV1cbJbPhYknmyMJk=
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:56:05 2025 by rpki-client