Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c72bf97b-4056-4db5-a228-f41620fca20a.roa
File:                     c72bf97b-4056-4db5-a228-f41620fca20a.roa (raw, json)
Hash identifier:          VMKReUzIADSnN6tuXN538DMX3cf7GIZLtDSCBjPgol4=
Subject key identifier:   D6:66:9E:1C:03:B0:94:D4:FF:E0:29:64:06:20:5E:EC:1E:8B:C3:F2
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       20E090FE70C52B933EFA5D56B56FAE63F6BC878E
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c72bf97b-4056-4db5-a228-f41620fca20a.roa
Signing time:             Fri 18 Apr 2025 15:31:21 +0000
ROA not before:           Fri 18 Apr 2025 15:31:21 +0000
ROA not after:            Fri 23 May 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        54.197.222.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:e0:90:fe:70:c5:2b:93:3e:fa:5d:56:b5:6f:ae:63:f6:bc:87:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr 18 15:31:21 2025 GMT
            Not After : May 23 23:59:59 2025 GMT
        Subject: serialNumber=71fc830902cbbc9d0f040885d30150b71a46d47e0031b4ee908dbb7da0bc4b7d, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:f4:5d:41:28:da:18:05:ca:4d:d6:a7:6d:fd:
                    78:b5:6f:81:ae:c6:bc:e5:b1:b4:cd:b5:c8:fc:76:
                    d5:cf:4f:82:dd:09:19:64:64:b8:5f:05:d3:04:0e:
                    c1:2e:94:f6:b4:1f:30:e5:6f:62:91:2c:19:17:3b:
                    e0:69:6f:e8:30:8f:d8:85:da:8b:f3:bb:bb:fa:8f:
                    94:cf:db:5d:7a:17:aa:9f:15:c5:78:5a:26:56:9c:
                    38:3b:6f:32:93:b8:33:0b:6e:5f:bd:91:03:c6:ea:
                    30:12:b0:35:25:df:d9:59:42:1d:13:e2:26:2a:b3:
                    06:d9:6d:c9:11:5b:a2:e0:2d:bf:cb:77:1d:61:49:
                    97:48:6a:26:1f:9e:22:bc:53:68:81:7b:d7:1d:69:
                    22:0d:b7:5a:12:00:3d:26:99:28:1d:b3:f4:7d:8f:
                    06:66:64:04:cd:b1:21:ae:6f:c2:16:6f:32:40:9b:
                    64:a8:8e:c0:62:12:9e:00:17:54:be:71:21:ba:75:
                    67:ae:8a:28:f3:3a:25:21:c2:1b:92:ad:01:fc:f2:
                    d7:c5:1b:7e:30:f9:aa:9a:ea:c2:91:0c:64:42:60:
                    1f:d4:63:73:31:f5:17:aa:4e:9f:65:aa:fa:6e:91:
                    ff:f3:32:50:ab:28:be:20:b7:2f:7e:6c:06:ff:15:
                    cd:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:66:9E:1C:03:B0:94:D4:FF:E0:29:64:06:20:5E:EC:1E:8B:C3:F2
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c72bf97b-4056-4db5-a228-f41620fca20a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.197.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:f7:c5:d8:74:7c:44:41:fe:dc:9a:18:5e:88:19:b8:e2:78:
         31:7a:ee:bc:70:53:db:e8:e3:4c:36:34:fb:6d:86:69:92:1c:
         a5:ba:ef:fc:25:76:65:01:09:f0:41:8a:fd:65:47:09:38:1c:
         a9:42:27:e4:e5:f7:6e:d5:91:14:76:c8:c9:55:ae:24:81:ea:
         60:e6:0d:c0:49:f2:d2:82:81:4e:63:30:b6:a4:b1:f4:92:99:
         8d:65:6f:76:fb:ed:a8:e1:a4:2a:63:8d:31:2e:64:98:09:07:
         ce:a9:5f:b6:f7:fd:ff:d8:4f:0f:a3:49:8f:a3:6e:8a:ab:7d:
         35:bf:65:28:65:65:c8:b2:69:59:3a:62:54:d2:a4:b5:73:4b:
         99:e3:7e:cd:34:60:54:81:c0:de:43:a4:4e:0c:c5:f2:2b:59:
         2f:5e:f5:55:a3:1e:da:d1:36:32:17:14:2e:54:f8:df:ff:c1:
         1d:38:3f:f6:65:04:f8:57:c0:79:f0:c4:e6:b8:15:a2:6f:4f:
         95:94:65:cf:ee:53:0f:44:fe:c7:ad:f5:49:22:d4:fd:09:90:
         d1:b7:5f:e8:aa:fe:9d:34:8f:a9:50:49:a4:a9:34:e5:d4:2b:
         95:7a:6a:61:56:f5:09:ec:9b:47:61:5e:32:0d:35:f8:4d:c4:
         9a:88:0e:82
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIOCQ/nDFK5M++l1WtW+uY/a8h44wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDE4MTUzMTIxWhcNMjUwNTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3MWZjODMwOTAyY2JiYzlkMGYwNDA4ODVkMzAxNTBiNzFh
NDZkNDdlMDAzMWI0ZWU5MDhkYmI3ZGEwYmM0YjdkMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCv9F1BKNoYBcpN1qdt/Xi1b4GuxrzlsbTNtcj8dtXPT4Ld
CRlkZLhfBdMEDsEulPa0HzDlb2KRLBkXO+Bpb+gwj9iF2ovzu7v6j5TP2116F6qf
FcV4WiZWnDg7bzKTuDMLbl+9kQPG6jASsDUl39lZQh0T4iYqswbZbckRW6LgLb/L
dx1hSZdIaiYfniK8U2iBe9cdaSINt1oSAD0mmSgds/R9jwZmZATNsSGub8IWbzJA
m2SojsBiEp4AF1S+cSG6dWeuiijzOiUhwhuSrQH88tfFG34w+aqa6sKRDGRCYB/U
Y3Mx9ReqTp9lqvpukf/zMlCrKL4gty9+bAb/Fc2xAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU1maeHAOwlNT/4ClkBiBe7B6Lw/IwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2M3MmJmOTdiLTQwNTYtNGRiNS1hMjI4LWY0MTYyMGZjYTIwYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA2xd4wDQYJKoZIhvcNAQELBQADggEBAAH3xdh0fERB/tyaGF6IGbjieDF6
7rxwU9vo40w2NPtthmmSHKW67/wldmUBCfBBiv1lRwk4HKlCJ+Tl927VkRR2yMlV
riSB6mDmDcBJ8tKCgU5jMLaksfSSmY1lb3b77ajhpCpjjTEuZJgJB86pX7b3/f/Y
Tw+jSY+jboqrfTW/ZShlZciyaVk6YlTSpLVzS5njfs00YFSBwN5DpE4MxfIrWS9e
9VWjHtrRNjIXFC5U+N//wR04P/ZlBPhXwHnwxOa4FaJvT5WUZc/uUw9E/set9Uki
1P0JkNG3X+iq/p00j6lQSaSpNOXUK5V6amFW9Qnsm0dhXjINNfhNxJqIDoI=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:49:00 2025 by rpki-client