Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/caf9f241-1f2b-4a2e-92c3-717ec41ecfcd.roa
File:                     caf9f241-1f2b-4a2e-92c3-717ec41ecfcd.roa (raw, json)
Hash identifier:          GKqnOxBQE6PRmW08ztvAXFuBaD9GiySKtsJedVQcLVQ=
Subject key identifier:   09:0B:42:56:7E:B3:1A:24:88:4A:A9:E8:28:4A:80:DC:30:04:E9:31
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2EA08C03CE3F40B4569125BBFC15FF3CB95C314B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/caf9f241-1f2b-4a2e-92c3-717ec41ecfcd.roa
Signing time:             Fri 11 Jul 2025 16:51:25 +0000
ROA not before:           Fri 11 Jul 2025 16:51:25 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        35.71.128.0/17 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:a0:8c:03:ce:3f:40:b4:56:91:25:bb:fc:15:ff:3c:b9:5c:31:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 11 16:51:25 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=258f78b4ac934f4f827ddec00600ea754f01612cee5efbd1c5bd5946a5c170b1, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:ea:1a:22:d6:49:40:8a:aa:26:b9:17:1e:00:
                    85:fd:67:96:fd:f2:5a:dd:2c:f7:07:cd:9d:16:7f:
                    6c:f2:d1:53:d2:d3:f1:d2:cf:6e:24:d0:ef:a9:d2:
                    2a:42:0b:e2:1c:95:a3:ff:d7:f9:fd:b0:ed:c3:39:
                    a7:96:fa:b8:53:00:ee:5c:de:91:63:e2:84:ac:7b:
                    e6:49:db:b3:1d:74:06:a3:4e:74:7c:1e:0b:58:57:
                    23:1f:85:0f:cc:df:dc:54:06:04:7a:04:c8:01:4a:
                    03:8e:41:df:1f:b1:95:fc:8d:24:64:12:ad:54:cb:
                    7a:f5:8c:2f:6a:81:1e:41:0f:6c:60:2a:e5:15:d1:
                    9d:a8:a7:f1:30:2c:ac:b1:1a:91:77:a3:80:78:92:
                    62:62:d2:2e:ae:64:1e:da:12:b6:eb:79:19:ef:cf:
                    a1:c3:7e:37:57:5b:80:db:a8:f2:d6:1a:4b:fc:8d:
                    e5:99:c3:6e:5b:34:c4:3a:c9:ba:5d:cc:4c:df:9f:
                    af:5b:46:10:12:a4:d6:e2:c2:b2:4e:f4:48:37:e0:
                    13:cd:3a:9f:e6:78:9d:d9:42:a1:64:71:7c:a9:32:
                    f7:ca:f7:12:6d:d5:bb:62:0a:f1:c8:f0:0d:73:ac:
                    b0:a3:42:79:7a:60:0c:96:44:1f:7c:55:cd:7a:3a:
                    c4:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:0B:42:56:7E:B3:1A:24:88:4A:A9:E8:28:4A:80:DC:30:04:E9:31
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/caf9f241-1f2b-4a2e-92c3-717ec41ecfcd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.71.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         30:5d:cc:0c:e2:b7:d4:cb:44:c4:39:33:e9:ee:2b:3b:65:7a:
         5b:c0:8f:12:65:ae:b4:7e:98:69:6e:34:fc:e0:92:6f:8d:ea:
         b6:94:64:6c:9f:2f:63:f2:ca:ac:8e:7b:e4:10:22:c5:30:79:
         31:14:a0:91:8e:79:5c:47:a5:2a:da:27:65:7b:cf:1e:9d:45:
         d9:dc:ee:fb:69:df:f9:36:5c:28:16:3d:2f:c8:b5:d6:eb:fb:
         b1:40:d2:5f:21:93:23:38:33:5d:40:ea:26:08:12:63:11:4b:
         9f:9d:7a:0a:9b:8b:0d:dc:9d:3a:f3:f2:c0:11:01:c4:1e:25:
         ec:1b:c9:28:97:71:38:1d:ac:6f:b5:cd:00:e9:0a:85:b6:f7:
         2d:06:cb:9b:df:da:f9:94:9d:7c:b1:eb:72:31:73:99:33:5b:
         07:29:51:ea:66:48:bd:27:28:f7:78:3b:63:07:72:68:f7:df:
         b1:f8:fd:c2:24:94:0f:e4:8c:f5:e1:25:a8:9b:a0:58:ac:91:
         26:0c:07:4c:dc:91:25:ef:b7:22:07:14:1f:0a:e8:c6:5d:ca:
         a5:78:c2:72:c7:c9:47:3a:f6:05:e6:d9:23:f3:da:eb:7e:25:
         fc:34:82:24:1c:e6:47:6c:61:b4:2d:18:f1:17:44:57:9d:62:
         c7:f3:45:19
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULqCMA84/QLRWkSW7/BX/PLlcMUswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzExMTY1MTI1WhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNThmNzhiNGFjOTM0ZjRmODI3ZGRlYzAwNjAwZWE3NTRm
MDE2MTJjZWU1ZWZiZDFjNWJkNTk0NmE1YzE3MGIxMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDT6hoi1klAiqomuRceAIX9Z5b98lrdLPcHzZ0Wf2zy0VPS
0/HSz24k0O+p0ipCC+IclaP/1/n9sO3DOaeW+rhTAO5c3pFj4oSse+ZJ27MddAaj
TnR8HgtYVyMfhQ/M39xUBgR6BMgBSgOOQd8fsZX8jSRkEq1Uy3r1jC9qgR5BD2xg
KuUV0Z2op/EwLKyxGpF3o4B4kmJi0i6uZB7aErbreRnvz6HDfjdXW4DbqPLWGkv8
jeWZw25bNMQ6ybpdzEzfn69bRhASpNbiwrJO9Eg34BPNOp/meJ3ZQqFkcXypMvfK
9xJt1btiCvHI8A1zrLCjQnl6YAyWRB98Vc16OsQVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUCQtCVn6zGiSISqnoKEqA3DAE6TEwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2NhZjlmMjQxLTFmMmItNGEyZS05MmMzLTcxN2VjNDFlY2ZjZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAcjR4AwDQYJKoZIhvcNAQELBQADggEBADBdzAzit9TLRMQ5M+nuKztlelvA
jxJlrrR+mGluNPzgkm+N6raUZGyfL2PyyqyOe+QQIsUweTEUoJGOeVxHpSraJ2V7
zx6dRdnc7vtp3/k2XCgWPS/Itdbr+7FA0l8hkyM4M11A6iYIEmMRS5+degqbiw3c
nTrz8sARAcQeJewbySiXcTgdrG+1zQDpCoW29y0Gy5vf2vmUnXyx63Ixc5kzWwcp
UepmSL0nKPd4O2MHcmj337H4/cIklA/kjPXhJaiboFiskSYMB0zckSXvtyIHFB8K
6MZdyqV4wnLHyUc69gXm2SPz2ut+Jfw0giQc5kdsYbQtGPEXRFedYsfzRRk=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:38:22 2025 by rpki-client