Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b97fe0cb-4337-4657-a74b-fdfda6db45b2.roa
File:                     b97fe0cb-4337-4657-a74b-fdfda6db45b2.roa (raw, json)
Hash identifier:          lJr1269y/d4bVXeoU799uOQgyG6oE7G/VVoYB5sHRsk=
Subject key identifier:   0D:A0:FE:18:1C:C3:C7:47:E2:D2:0E:29:9B:A1:99:1A:10:33:CD:07
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       32CF2DBB9DFB5237EB8B7510DAA8CCDA82F2A308
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b97fe0cb-4337-4657-a74b-fdfda6db45b2.roa
Signing time:             Tue 29 Jul 2025 17:20:21 +0000
ROA not before:           Tue 29 Jul 2025 17:20:21 +0000
ROA not after:            Tue 02 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.240.58.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:cf:2d:bb:9d:fb:52:37:eb:8b:75:10:da:a8:cc:da:82:f2:a3:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 29 17:20:21 2025 GMT
            Not After : Sep  2 23:59:59 2025 GMT
        Subject: serialNumber=2d0202e4b0fbc976f97304510321e6ff3e2bb5ebf889c35949af1de8a2ed6328, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:e4:41:cd:72:21:24:be:37:21:b2:07:29:b3:
                    20:84:31:eb:07:74:b8:81:9d:70:18:60:e3:72:0f:
                    72:91:43:13:43:5a:3b:07:80:80:7c:2b:fe:d9:1f:
                    03:36:1f:bf:b0:b8:c5:a9:e2:5a:01:f3:77:9e:38:
                    dc:15:26:c8:17:b7:3a:bd:06:0a:e9:e3:b2:04:61:
                    72:6c:c0:f9:36:92:36:c4:c7:bb:b0:5f:64:f3:37:
                    dd:8e:6a:1b:c1:3c:6f:8b:47:2f:2c:56:d0:4d:db:
                    45:35:d9:14:14:88:5d:57:0a:69:af:f9:cd:b6:a3:
                    49:28:36:80:4b:97:95:44:de:16:b9:e4:78:3d:2d:
                    19:c4:13:54:2d:4b:38:36:28:f7:35:6a:81:e2:e3:
                    1e:98:58:f8:0a:04:86:87:d1:9e:9c:8e:b6:e0:29:
                    bc:9a:cc:e5:a0:8b:1e:e8:6a:b8:b6:41:fb:e8:57:
                    6b:ca:3b:88:5a:c1:01:b8:9d:9b:59:08:99:c7:22:
                    74:58:a8:9b:68:d8:7d:d0:b1:a8:be:5d:8d:e2:b1:
                    b8:16:05:cf:26:a1:f1:08:12:4f:1f:ca:80:f0:ce:
                    92:a2:09:14:a4:83:77:92:02:00:df:34:6e:45:4e:
                    a5:b1:81:52:07:a5:df:e2:22:64:e4:8f:34:42:62:
                    1a:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:A0:FE:18:1C:C3:C7:47:E2:D2:0E:29:9B:A1:99:1A:10:33:CD:07
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b97fe0cb-4337-4657-a74b-fdfda6db45b2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.240.58.0/23

    Signature Algorithm: sha256WithRSAEncryption
         22:4d:10:dc:50:90:8c:b4:a1:a5:a7:67:40:a1:fc:97:55:a9:
         8b:97:79:5a:0c:18:fa:b2:a9:b3:64:cc:c2:d4:08:b0:b0:94:
         02:6f:7a:bb:3b:b0:ae:8d:93:2a:7f:47:9e:5a:84:ca:a9:16:
         55:2a:6d:5a:0b:50:a3:bd:4f:c7:7c:e8:54:06:c1:57:a3:dd:
         0f:a7:ee:bc:5b:ec:ff:cd:8b:43:69:db:51:66:58:d6:55:e9:
         92:dd:e9:4e:fb:c8:1b:89:bf:f1:9f:73:61:f9:4e:43:b3:69:
         01:9c:68:e4:4c:a6:74:08:bb:39:a1:75:9a:8f:5d:0f:d4:1f:
         98:7e:3d:30:f8:2a:10:c2:1e:c3:7b:d1:a3:c0:3b:12:5f:78:
         e9:6a:ae:7c:ac:bd:d7:a2:48:fd:32:80:1d:24:50:e4:27:00:
         7a:86:9e:85:fb:59:54:b8:5f:d9:e8:d1:d4:c3:cb:3f:5b:3e:
         90:00:dd:ed:07:61:81:1e:62:19:9f:33:84:04:d6:f0:86:83:
         7a:f1:12:e9:0e:f7:21:ca:66:b8:53:4f:43:c7:cf:5a:bd:31:
         87:e4:65:71:af:26:25:56:a5:7d:b8:90:0e:78:33:2c:4b:1c:
         de:0e:07:34:71:32:fb:03:16:d7:0f:6f:3d:d9:ec:ba:42:3c:
         bc:a4:36:43
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMs8tu537Ujfri3UQ2qjM2oLyowgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI5MTcyMDIxWhcNMjUwOTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0AyZDAyMDJlNGIwZmJjOTc2Zjk3MzA0NTEwMzIxZTZmZjNl
MmJiNWViZjg4OWMzNTk0OWFmMWRlOGEyZWQ2MzI4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCY5EHNciEkvjchsgcpsyCEMesHdLiBnXAYYONyD3KRQxND
WjsHgIB8K/7ZHwM2H7+wuMWp4loB83eeONwVJsgXtzq9Bgrp47IEYXJswPk2kjbE
x7uwX2TzN92OahvBPG+LRy8sVtBN20U12RQUiF1XCmmv+c22o0koNoBLl5VE3ha5
5Hg9LRnEE1QtSzg2KPc1aoHi4x6YWPgKBIaH0Z6cjrbgKbyazOWgix7oari2Qfvo
V2vKO4hawQG4nZtZCJnHInRYqJto2H3Qsai+XY3isbgWBc8mofEIEk8fyoDwzpKi
CRSkg3eSAgDfNG5FTqWxgVIHpd/iImTkjzRCYhrNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUDaD+GBzDx0fi0g4pm6GZGhAzzQcwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2I5N2ZlMGNiLTQzMzctNDY1Ny1hNzRiLWZkZmRhNmRiNDViMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAE28DowDQYJKoZIhvcNAQELBQADggEBACJNENxQkIy0oaWnZ0Ch/JdVqYuX
eVoMGPqyqbNkzMLUCLCwlAJvers7sK6Nkyp/R55ahMqpFlUqbVoLUKO9T8d86FQG
wVej3Q+n7rxb7P/Ni0Np21FmWNZV6ZLd6U77yBuJv/Gfc2H5TkOzaQGcaORMpnQI
uzmhdZqPXQ/UH5h+PTD4KhDCHsN70aPAOxJfeOlqrnysvdeiSP0ygB0kUOQnAHqG
noX7WVS4X9no0dTDyz9bPpAA3e0HYYEeYhmfM4QE1vCGg3rxEukO9yHKZrhTT0PH
z1q9MYfkZXGvJiVWpX24kA54MyxLHN4OBzRxMvsDFtcPbz3Z7LpCPLykNkM=
-----END CERTIFICATE-----
Generated at Tue Aug 5 16:35:38 2025 by rpki-client