Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bbb2c05d-a62f-48bf-92eb-7334e4a7e202.roa
File:                     bbb2c05d-a62f-48bf-92eb-7334e4a7e202.roa (raw, json)
Hash identifier:          NCNEbk4bOmyGq+bGTdPwbkqdIj/jQDaxycOZQZWDv20=
Subject key identifier:   65:AF:11:3D:A4:7B:CB:C9:AB:88:75:4B:B5:AD:F0:13:55:49:A3:B4
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       1F1B4DEC7B4288AD0B31D3A57181336E1F874574
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bbb2c05d-a62f-48bf-92eb-7334e4a7e202.roa
Signing time:             Tue 03 Jun 2025 15:30:14 +0000
ROA not before:           Tue 03 Jun 2025 15:30:14 +0000
ROA not after:            Tue 08 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.18.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:1b:4d:ec:7b:42:88:ad:0b:31:d3:a5:71:81:33:6e:1f:87:45:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun  3 15:30:14 2025 GMT
            Not After : Jul  8 23:59:59 2025 GMT
        Subject: serialNumber=54800816ba18f7bc23878d08f0f5e080c8c11f99fc586be3341755bcd4eb9e5e, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:5d:59:04:ac:69:7c:08:43:5a:76:83:c1:f0:
                    c9:91:e2:92:09:0f:d8:fb:10:ac:6a:4f:e9:bd:77:
                    45:d2:c8:df:d5:8c:b2:97:5d:e7:95:5a:eb:67:0e:
                    3e:af:57:30:24:91:41:d6:0a:30:f9:ef:c6:f2:c2:
                    39:22:74:24:96:92:10:b4:c1:59:d3:4d:19:0a:f5:
                    2c:93:12:0d:ee:7b:3a:dc:bf:b7:b0:21:b7:37:53:
                    fb:c4:e2:11:20:75:ed:ec:05:e4:53:ed:75:6c:f3:
                    e1:a0:b0:4c:27:0e:53:df:dd:83:c2:85:c9:e0:2c:
                    d0:d9:9f:67:91:59:d8:ea:77:10:9b:45:d7:fe:7f:
                    94:35:89:65:6b:21:56:86:15:84:24:10:0d:2b:42:
                    2c:4a:d5:95:99:82:89:39:77:6f:a5:34:e2:2a:83:
                    34:e2:88:40:89:c7:2f:9c:4c:74:98:9e:9c:78:a1:
                    c5:b8:0b:8b:4a:1c:82:c7:d9:b0:62:67:9d:47:7e:
                    40:9c:b5:c8:02:36:f4:0e:3e:4a:c6:ad:2f:2c:a1:
                    94:21:43:3a:a6:b1:aa:eb:fe:3d:0c:51:fe:8a:94:
                    0a:7b:83:6e:34:96:f4:fc:09:3b:13:fa:1a:2d:fd:
                    d2:06:9f:13:44:db:15:1e:b9:dd:6e:a2:90:9a:fd:
                    f3:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:AF:11:3D:A4:7B:CB:C9:AB:88:75:4B:B5:AD:F0:13:55:49:A3:B4
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bbb2c05d-a62f-48bf-92eb-7334e4a7e202.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.18.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         34:d7:7f:a5:59:bb:9f:49:4e:79:03:45:42:31:78:fb:55:a3:
         b0:cb:e0:36:c2:01:b3:ce:8a:66:8f:2c:4b:fb:b4:2f:b5:da:
         ab:86:1d:cf:07:cf:bd:9e:ca:10:55:94:e0:50:53:d4:8a:1d:
         92:dc:fb:99:49:6a:8d:c0:c5:74:5f:d2:61:1f:92:84:33:a3:
         94:fa:97:d1:7d:8a:b5:44:9e:f4:d9:2f:67:e0:c1:b9:95:17:
         4a:4d:c3:7a:23:91:f5:b0:6d:94:16:81:91:b3:ff:b0:81:f3:
         18:95:b3:94:8f:da:63:e2:49:1b:b4:dd:f7:76:ed:64:4a:78:
         91:20:85:55:6f:bb:8c:b7:57:18:36:d8:0b:5d:f1:98:e0:09:
         6d:4a:b8:c8:a6:49:be:39:f8:d8:f7:5d:7c:8d:2d:b5:64:75:
         cf:e3:6a:aa:42:0c:4a:d3:79:b8:49:b8:44:fa:74:c7:91:bb:
         74:86:72:9c:35:5c:df:0f:12:9d:af:f4:c9:01:b0:b8:78:0b:
         2c:d1:a0:8d:cd:11:05:4f:a3:6e:06:05:d2:dc:ca:12:0c:76:
         cb:62:c6:8c:df:97:bc:09:b3:e9:db:2b:f5:80:e2:aa:e7:2a:
         9a:37:30:04:d0:20:bb:62:7d:88:cf:c5:24:87:4e:77:04:6c:
         12:dd:ab:db
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUHxtN7HtCiK0LMdOlcYEzbh+HRXQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNjAzMTUzMDE0WhcNMjUwNzA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NDgwMDgxNmJhMThmN2JjMjM4NzhkMDhmMGY1ZTA4MGM4
YzExZjk5ZmM1ODZiZTMzNDE3NTViY2Q0ZWI5ZTVlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDUXVkErGl8CENadoPB8MmR4pIJD9j7EKxqT+m9d0XSyN/V
jLKXXeeVWutnDj6vVzAkkUHWCjD578bywjkidCSWkhC0wVnTTRkK9SyTEg3uezrc
v7ewIbc3U/vE4hEgde3sBeRT7XVs8+GgsEwnDlPf3YPChcngLNDZn2eRWdjqdxCb
Rdf+f5Q1iWVrIVaGFYQkEA0rQixK1ZWZgok5d2+lNOIqgzTiiECJxy+cTHSYnpx4
ocW4C4tKHILH2bBiZ51HfkCctcgCNvQOPkrGrS8soZQhQzqmsarr/j0MUf6KlAp7
g240lvT8CTsT+hot/dIGnxNE2xUeud1uopCa/fOrAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUZa8RPaR7y8mriHVLta3wE1VJo7QwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2JiYjJjMDVkLWE2MmYtNDhiZi05MmViLTczMzRlNGE3ZTIwMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA0EjANBgkqhkiG9w0BAQsFAAOCAQEANNd/pVm7n0lOeQNFQjF4+1WjsMvg
NsIBs86KZo8sS/u0L7Xaq4YdzwfPvZ7KEFWU4FBT1Iodktz7mUlqjcDFdF/SYR+S
hDOjlPqX0X2KtUSe9NkvZ+DBuZUXSk3DeiOR9bBtlBaBkbP/sIHzGJWzlI/aY+JJ
G7Td93btZEp4kSCFVW+7jLdXGDbYC13xmOAJbUq4yKZJvjn42PddfI0ttWR1z+Nq
qkIMStN5uEm4RPp0x5G7dIZynDVc3w8Sna/0yQGwuHgLLNGgjc0RBU+jbgYF0tzK
Egx2y2LGjN+XvAmz6dsr9YDiqucqmjcwBNAgu2J9iM/FJIdOdwRsEt2r2w==
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:06:30 2025 by rpki-client