Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c3ed2fe9-6233-424b-a8a5-2b3a76206a02.roa
File:                     c3ed2fe9-6233-424b-a8a5-2b3a76206a02.roa (raw, json)
Hash identifier:          3+ITg9yy0TovEVADBBCbR+F1HxiX3Kq4qJ74sU+ge4Y=
Subject key identifier:   4C:5E:52:F9:AD:3E:C9:0B:34:3F:33:88:EF:59:04:95:5F:EB:0C:54
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5E78DB830E9BCD52F4DDECBFCABA6112E6AEDD54
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c3ed2fe9-6233-424b-a8a5-2b3a76206a02.roa
Signing time:             Tue 20 May 2025 16:10:12 +0000
ROA not before:           Tue 20 May 2025 16:10:12 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.248.99.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:78:db:83:0e:9b:cd:52:f4:dd:ec:bf:ca:ba:61:12:e6:ae:dd:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 20 16:10:12 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=b58c1d0b747df7fd5521989d993446acacff8cbe88abf40f08cd026d651d33a4, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:2d:ea:c8:5a:a8:2e:43:09:f1:fa:a5:65:8c:
                    70:69:f1:80:ba:69:61:31:c2:56:5a:4a:bd:1d:f5:
                    46:ed:76:61:42:b2:14:0d:04:04:94:5c:e2:d6:9f:
                    91:e7:93:01:3a:23:3b:9e:8b:d1:5d:da:dc:c1:bd:
                    9a:ba:66:ec:b5:36:9f:98:10:cf:b9:28:7d:61:1f:
                    c5:c3:8f:b8:2f:c6:11:9b:7d:f4:de:f9:73:00:ac:
                    8f:db:dc:dd:65:6c:7e:75:03:a2:e2:1a:1a:e6:e4:
                    5e:fc:a1:d7:88:ee:f6:6c:8b:09:40:f6:61:d7:ce:
                    7c:04:52:75:ac:d2:6f:08:e6:e7:37:d5:7c:73:38:
                    ed:38:d9:19:47:da:3b:19:2b:fb:14:35:31:40:a5:
                    38:5a:bb:43:9d:09:ef:14:e1:80:9d:f4:1a:6a:7f:
                    e9:1c:fe:20:25:fc:0f:b2:1c:bf:0f:ab:81:ad:b8:
                    ef:64:69:ab:84:9a:bd:a1:54:fe:c4:e8:9e:bb:c1:
                    1a:84:4d:dd:4a:07:72:2b:8f:3a:be:c2:35:ca:59:
                    12:a1:61:72:cd:c3:41:19:3b:ea:35:fe:87:f6:40:
                    ae:98:e2:ef:d3:2c:f4:1b:2d:c2:dc:65:70:fe:bd:
                    88:e0:7e:c0:bf:e2:3b:38:70:75:87:d1:b1:e0:30:
                    bb:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:5E:52:F9:AD:3E:C9:0B:34:3F:33:88:EF:59:04:95:5F:EB:0C:54
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c3ed2fe9-6233-424b-a8a5-2b3a76206a02.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.248.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:03:8b:67:6d:eb:18:19:ba:9d:7b:27:89:da:e1:eb:d9:e4:
         de:32:ee:a4:e6:e5:ba:98:f9:86:8b:f7:a0:5f:cb:5d:c6:8b:
         74:e4:87:47:9c:be:d7:af:f5:4a:c3:08:65:ef:f2:69:93:2f:
         76:55:67:c0:31:fc:c5:9b:9f:39:b0:f2:24:23:9d:9f:53:86:
         80:c5:bb:12:a5:3d:71:ec:28:74:71:8d:1e:a3:fb:b4:9c:1e:
         50:09:88:fb:ae:ee:33:dc:01:24:5d:0c:94:77:2e:73:cc:e9:
         d4:49:5a:00:2a:d2:28:87:77:9a:63:74:d7:63:ac:ce:ba:7f:
         58:01:58:19:58:8c:0c:b7:0c:bb:0f:c8:7c:0b:3c:f4:4c:c3:
         e5:7d:15:e2:6a:95:82:cb:79:8f:b7:65:dc:dd:4d:2b:d4:7c:
         93:f1:96:1d:d1:13:d7:69:53:13:b9:55:2c:94:55:fb:c6:09:
         96:82:e1:42:95:58:f0:ef:51:ca:01:89:62:1d:52:d9:05:03:
         81:6e:e9:68:c4:ea:5d:b5:9b:f6:36:0f:79:fe:8e:ce:30:f7:
         3a:20:08:8b:28:c3:fd:de:d2:7e:09:05:71:aa:3e:aa:ef:bd:
         d8:14:ca:8d:d3:64:bd:fe:0f:1a:a4:23:42:6a:44:6f:02:24:
         f1:58:e3:4c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXnjbgw6bzVL03ey/yrphEuau3VQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNTIwMTYxMDEyWhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNThjMWQwYjc0N2RmN2ZkNTUyMTk4OWQ5OTM0NDZhY2Fj
ZmY4Y2JlODhhYmY0MGYwOGNkMDI2ZDY1MWQzM2E0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrLerIWqguQwnx+qVljHBp8YC6aWExwlZaSr0d9UbtdmFC
shQNBASUXOLWn5HnkwE6Izuei9Fd2tzBvZq6Zuy1Np+YEM+5KH1hH8XDj7gvxhGb
ffTe+XMArI/b3N1lbH51A6LiGhrm5F78odeI7vZsiwlA9mHXznwEUnWs0m8I5uc3
1XxzOO042RlH2jsZK/sUNTFApThau0OdCe8U4YCd9Bpqf+kc/iAl/A+yHL8Pq4Gt
uO9kaauEmr2hVP7E6J67wRqETd1KB3Irjzq+wjXKWRKhYXLNw0EZO+o1/of2QK6Y
4u/TLPQbLcLcZXD+vYjgfsC/4js4cHWH0bHgMLvvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTF5S+a0+yQs0PzOI71kElV/rDFQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2MzZWQyZmU5LTYyMzMtNDI0Yi1hOGE1LTJiM2E3NjIwNmEwMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAP+GMwDQYJKoZIhvcNAQELBQADggEBADMDi2dt6xgZup17J4na4evZ5N4y
7qTm5bqY+YaL96Bfy13Gi3Tkh0ecvtev9UrDCGXv8mmTL3ZVZ8Ax/MWbnzmw8iQj
nZ9ThoDFuxKlPXHsKHRxjR6j+7ScHlAJiPuu7jPcASRdDJR3LnPM6dRJWgAq0iiH
d5pjdNdjrM66f1gBWBlYjAy3DLsPyHwLPPRMw+V9FeJqlYLLeY+3ZdzdTSvUfJPx
lh3RE9dpUxO5VSyUVfvGCZaC4UKVWPDvUcoBiWIdUtkFA4Fu6WjE6l21m/Y2D3n+
js4w9zogCIsow/3e0n4JBXGqPqrvvdgUyo3TZL3+DxqkI0JqRG8CJPFY40w=
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:51:38 2025 by rpki-client