Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/cd3cba7a-e3ac-4c64-825b-e5de6c7078fe.roa
File:                     cd3cba7a-e3ac-4c64-825b-e5de6c7078fe.roa (raw, json)
Hash identifier:          W8QbaguPjb1Eknppow/IJtqB0frwzoGKZNaClkoSqvA=
Subject key identifier:   5E:98:20:18:32:62:47:24:86:EF:9D:F0:ED:20:43:1B:4C:9D:9C:AA
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       55C29930EB87330798D97A2428E9282B885DF240
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/cd3cba7a-e3ac-4c64-825b-e5de6c7078fe.roa
Signing time:             Fri 25 Apr 2025 16:51:21 +0000
ROA not before:           Fri 25 Apr 2025 16:51:21 +0000
ROA not after:            Fri 30 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.46.80.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:c2:99:30:eb:87:33:07:98:d9:7a:24:28:e9:28:2b:88:5d:f2:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr 25 16:51:21 2025 GMT
            Not After : May 30 23:59:59 2025 GMT
        Subject: serialNumber=c11b06edc2ffcac9faa07c8d32eadc2282d268f24e9565a0d013af658e5499ef, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:bc:1e:78:10:1c:85:7e:75:78:63:0e:f2:dc:
                    27:cb:1f:83:99:8e:4b:95:cc:15:bd:3e:4e:01:29:
                    03:42:c5:3b:5e:81:6f:26:ed:6b:37:fb:9e:a4:eb:
                    46:3a:e1:3f:de:b8:7c:5f:ee:71:08:4e:79:da:62:
                    5b:ca:2c:db:a6:e8:ac:9d:80:ba:14:ad:a3:5b:d3:
                    90:4d:c9:f5:cb:b8:59:25:2b:fb:26:ae:d8:36:3e:
                    e9:74:e1:de:c4:fd:2a:e6:51:5e:8f:8c:19:ce:c1:
                    cf:ed:26:56:e9:b4:e1:73:8b:91:c6:3e:a7:91:fa:
                    40:27:bd:4d:47:d9:62:35:07:15:44:a1:0a:55:4c:
                    2f:b5:f5:b9:df:19:73:b3:dd:a7:0e:7b:bd:d8:ef:
                    57:e5:7d:27:85:7a:5a:4f:3f:8a:20:7f:8f:a4:18:
                    5f:30:52:01:88:e6:01:66:b9:12:0b:05:2b:ef:c7:
                    20:78:10:b3:33:e2:d8:a4:2d:95:97:b8:18:86:de:
                    23:20:7b:44:2f:c0:ff:4d:68:50:3a:a3:9e:0b:7b:
                    23:5c:81:a1:f9:15:9f:c7:9b:86:94:1e:88:09:9c:
                    15:96:de:57:a9:a0:35:c3:90:17:43:18:3b:ab:44:
                    f0:85:18:8c:e3:b4:ff:a5:47:b3:a2:c2:e8:39:20:
                    83:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:98:20:18:32:62:47:24:86:EF:9D:F0:ED:20:43:1B:4C:9D:9C:AA
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/cd3cba7a-e3ac-4c64-825b-e5de6c7078fe.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.46.80.0/21

    Signature Algorithm: sha256WithRSAEncryption
         8b:e3:09:ae:fb:ea:69:5f:2c:79:fe:57:7e:e1:99:bd:51:dc:
         ea:a7:9e:b8:9c:2d:ba:c4:90:0c:23:cf:67:dc:d9:b3:1c:24:
         48:f0:d2:38:81:80:b5:db:2f:51:80:97:68:e4:df:b2:77:27:
         40:a3:05:65:0d:11:80:e6:bd:a6:83:7b:44:5d:e9:ba:e5:1d:
         fd:70:00:16:de:f9:e7:37:7f:b4:28:26:13:d2:a8:87:fe:89:
         7a:84:ea:9a:b8:96:08:e4:ff:c7:2b:e3:d5:f5:ce:9e:f1:ad:
         88:8f:5e:92:86:4c:a9:53:b3:10:52:ed:8f:f4:66:b3:c1:e8:
         6c:b5:35:6a:17:b2:a6:5b:4d:45:65:96:ec:47:d8:a2:a4:92:
         b0:6a:a3:bf:ee:cf:2d:e2:a0:33:89:75:e1:42:ec:e3:8c:d8:
         26:1b:f8:4b:68:f6:c4:02:16:d1:54:c3:1b:4f:68:96:f7:a1:
         b4:78:9a:1b:c0:3d:68:4c:26:3c:80:35:e3:2c:6c:b9:df:3d:
         85:5e:ad:18:a1:7d:31:07:23:94:b0:91:9c:69:09:35:bc:87:
         35:91:19:60:5b:28:99:69:6b:08:c3:4a:de:cf:6b:8e:d5:b6:
         89:25:c6:31:a4:7e:d6:14:e8:56:b9:83:6f:99:1f:f0:b9:c8:
         d8:6a:90:79
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVcKZMOuHMweY2XokKOkoK4hd8kAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDI1MTY1MTIxWhcNMjUwNTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BjMTFiMDZlZGMyZmZjYWM5ZmFhMDdjOGQzMmVhZGMyMjgy
ZDI2OGYyNGU5NTY1YTBkMDEzYWY2NThlNTQ5OWVmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjvB54EByFfnV4Yw7y3CfLH4OZjkuVzBW9Pk4BKQNCxTte
gW8m7Ws3+56k60Y64T/euHxf7nEITnnaYlvKLNum6KydgLoUraNb05BNyfXLuFkl
K/smrtg2Pul04d7E/SrmUV6PjBnOwc/tJlbptOFzi5HGPqeR+kAnvU1H2WI1BxVE
oQpVTC+19bnfGXOz3acOe73Y71flfSeFelpPP4ogf4+kGF8wUgGI5gFmuRILBSvv
xyB4ELMz4tikLZWXuBiG3iMge0QvwP9NaFA6o54LeyNcgaH5FZ/Hm4aUHogJnBWW
3lepoDXDkBdDGDurRPCFGIzjtP+lR7Oiwug5IIOVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXpggGDJiRySG753w7SBDG0ydnKowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2NkM2NiYTdhLWUzYWMtNGM2NC04MjViLWU1ZGU2YzcwNzhmZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAM0LlAwDQYJKoZIhvcNAQELBQADggEBAIvjCa776mlfLHn+V37hmb1R3Oqn
nricLbrEkAwjz2fc2bMcJEjw0jiBgLXbL1GAl2jk37J3J0CjBWUNEYDmvaaDe0Rd
6brlHf1wABbe+ec3f7QoJhPSqIf+iXqE6pq4lgjk/8cr49X1zp7xrYiPXpKGTKlT
sxBS7Y/0ZrPB6Gy1NWoXsqZbTUVlluxH2KKkkrBqo7/uzy3ioDOJdeFC7OOM2CYb
+Eto9sQCFtFUwxtPaJb3obR4mhvAPWhMJjyANeMsbLnfPYVerRihfTEHI5SwkZxp
CTW8hzWRGWBbKJlpawjDSt7Pa47VtoklxjGkftYU6Fa5g2+ZH/C5yNhqkHk=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:50:12 2025 by rpki-client