Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a092f82c-3055-4fdd-916a-baf2fcb56fd3.roa
File:                     a092f82c-3055-4fdd-916a-baf2fcb56fd3.roa (raw, json)
Hash identifier:          q8/9XIQgF3EVDaNy0VmVcz+dv04+h/5z+5HcHw1mrR0=
Subject key identifier:   D2:4D:4F:7D:02:DA:C4:2C:6C:9D:BC:4C:6F:FE:28:98:6C:19:BB:AC
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7DF082308EFB9DA99231C897F05EDF0DEB44A1EB
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a092f82c-3055-4fdd-916a-baf2fcb56fd3.roa
Signing time:             Mon 09 Jun 2025 18:51:24 +0000
ROA not before:           Mon 09 Jun 2025 18:51:24 +0000
ROA not after:            Mon 14 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.245.80.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 17 Jun 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:f0:82:30:8e:fb:9d:a9:92:31:c8:97:f0:5e:df:0d:eb:44:a1:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun  9 18:51:24 2025 GMT
            Not After : Jul 14 23:59:59 2025 GMT
        Subject: serialNumber=4f1be0bb6847fe6e3a60c67c63c35aaa28aa9f191a755a8c7d19273ddf71994d, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:a8:bf:77:ad:ce:2d:bf:44:25:1b:4a:78:f1:
                    2f:a5:31:6e:fb:6b:92:8f:31:4d:a4:0e:41:a5:8a:
                    70:27:28:c1:69:f1:99:1c:c2:0e:9f:06:79:a3:6b:
                    a5:cc:ca:ce:e5:86:96:b3:20:7f:9b:71:de:49:50:
                    01:25:b7:4a:01:67:77:53:50:14:d9:a8:2c:f7:2f:
                    c2:2f:73:3e:7b:6c:b1:6b:30:33:53:53:2e:76:91:
                    14:41:f2:e0:c8:9b:25:13:01:66:8f:eb:ab:88:1e:
                    62:1a:c7:bf:f0:4b:57:3e:03:83:a0:c4:b7:0f:31:
                    e9:b2:56:ea:07:d5:fb:c9:89:79:e5:88:68:f1:ca:
                    05:25:44:62:aa:9e:af:4d:ee:d5:a5:a4:e8:60:8a:
                    d7:bb:46:f7:d5:93:3b:ae:2b:15:9e:c9:2e:5d:52:
                    e2:10:29:0f:71:cc:a2:f8:c7:e2:3f:85:bc:ae:cc:
                    9b:8b:19:a1:08:12:3d:6d:50:a3:7a:cd:82:c9:5b:
                    5c:ef:00:47:03:22:4c:8e:c0:e3:4e:37:3a:71:bf:
                    97:5a:f1:dc:1f:73:86:4d:d0:48:59:39:33:0e:98:
                    ed:57:35:c2:5f:ae:c1:58:6d:94:a3:40:08:6c:23:
                    08:d1:fc:d2:b5:72:ed:57:ae:aa:01:65:14:f2:09:
                    6d:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:4D:4F:7D:02:DA:C4:2C:6C:9D:BC:4C:6F:FE:28:98:6C:19:BB:AC
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a092f82c-3055-4fdd-916a-baf2fcb56fd3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.245.80.0/20

    Signature Algorithm: sha256WithRSAEncryption
         15:34:10:88:9f:21:61:c7:90:08:89:c7:11:f2:dc:08:30:1a:
         34:e0:21:08:7b:c6:27:14:59:f0:77:03:15:c4:b7:26:c5:d1:
         9a:1b:26:81:8b:dd:93:7c:f2:00:c8:c6:c8:98:06:44:9a:35:
         9e:35:eb:92:47:c4:c3:c3:42:2b:c8:87:9a:47:3d:63:68:da:
         69:41:c2:84:da:d4:73:64:58:89:a6:86:c1:6a:3d:95:3e:3f:
         6d:0e:45:f5:c3:a5:74:85:77:f8:e6:de:d6:3e:00:15:f8:cc:
         f7:c7:e2:39:a6:48:2c:d3:12:da:fc:a7:bf:6f:7f:0d:98:77:
         8c:e8:18:a9:b4:c8:d3:60:db:4f:05:bc:b2:d7:14:14:c8:79:
         07:85:d4:f3:31:63:55:fd:a8:3b:f2:31:6c:7d:98:20:a8:24:
         62:e8:75:8e:fb:06:f7:87:fe:74:71:7b:1d:34:08:23:02:c5:
         5c:3b:b3:ff:19:bc:32:e5:76:e7:dd:19:b9:08:bf:7e:d6:b3:
         1c:1e:41:4c:c4:fb:a0:cf:03:b1:9b:13:0c:a2:f7:ee:cd:90:
         d7:08:d0:4c:e0:ec:7e:3b:05:bd:f9:89:ec:8b:5a:a8:a4:60:
         64:a4:9f:14:f8:5b:d1:ad:d4:9e:71:6c:15:43:b3:d6:00:1b:
         54:3d:b8:e1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUffCCMI77namSMciX8F7fDetEoeswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNjA5MTg1MTI0WhcNMjUwNzE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZjFiZTBiYjY4NDdmZTZlM2E2MGM2N2M2M2MzNWFhYTI4
YWE5ZjE5MWE3NTVhOGM3ZDE5MjczZGRmNzE5OTRkMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzqL93rc4tv0QlG0p48S+lMW77a5KPMU2kDkGlinAnKMFp
8Zkcwg6fBnmja6XMys7lhpazIH+bcd5JUAElt0oBZ3dTUBTZqCz3L8Ivcz57bLFr
MDNTUy52kRRB8uDImyUTAWaP66uIHmIax7/wS1c+A4OgxLcPMemyVuoH1fvJiXnl
iGjxygUlRGKqnq9N7tWlpOhgite7RvfVkzuuKxWeyS5dUuIQKQ9xzKL4x+I/hbyu
zJuLGaEIEj1tUKN6zYLJW1zvAEcDIkyOwONONzpxv5da8dwfc4ZN0EhZOTMOmO1X
NcJfrsFYbZSjQAhsIwjR/NK1cu1XrqoBZRTyCW07AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU0k1PfQLaxCxsnbxMb/4omGwZu6wwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2EwOTJmODJjLTMwNTUtNGZkZC05MTZhLWJhZjJmY2I1NmZkMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQ29VAwDQYJKoZIhvcNAQELBQADggEBABU0EIifIWHHkAiJxxHy3AgwGjTg
IQh7xicUWfB3AxXEtybF0ZobJoGL3ZN88gDIxsiYBkSaNZ4165JHxMPDQivIh5pH
PWNo2mlBwoTa1HNkWImmhsFqPZU+P20ORfXDpXSFd/jm3tY+ABX4zPfH4jmmSCzT
Etr8p79vfw2Yd4zoGKm0yNNg208FvLLXFBTIeQeF1PMxY1X9qDvyMWx9mCCoJGLo
dY77BveH/nRxex00CCMCxVw7s/8ZvDLldufdGbkIv37WsxweQUzE+6DPA7GbEwyi
9+7NkNcI0Ezg7H47Bb35ieyLWqikYGSknxT4W9Gt1J5xbBVDs9YAG1Q9uOE=
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:17:44 2025 by rpki-client