Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/cd3cba7a-e3ac-4c64-825b-e5de6c7078fe.roa
File:                     cd3cba7a-e3ac-4c64-825b-e5de6c7078fe.roa (raw, json)
Hash identifier:          3Mq08nDfTkHQPF26I0qEGg3Lnzxm7hFCVXSMYpK/ogM=
Subject key identifier:   6D:5F:11:B8:B3:72:A4:2D:E1:A3:F4:5F:89:DA:29:49:E5:31:1E:8E
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6DC4E67D13017E13161BA7A5161561564E7F41A2
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/cd3cba7a-e3ac-4c64-825b-e5de6c7078fe.roa
Signing time:             Fri 11 Jul 2025 17:00:11 +0000
ROA not before:           Fri 11 Jul 2025 17:00:11 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.46.80.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:c4:e6:7d:13:01:7e:13:16:1b:a7:a5:16:15:61:56:4e:7f:41:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 11 17:00:11 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=808e04ea042ac6d103a7acf6f9ca526842e3bdc7adc14b26cdd883b4170b5451, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:6d:09:9a:73:a3:14:97:df:4c:11:0c:55:89:
                    4a:2e:46:3e:7b:93:af:62:fe:b0:c4:23:49:c4:e8:
                    cf:b5:89:d7:80:7a:3f:b0:5d:66:c3:4d:82:5a:28:
                    99:60:7b:7b:b6:ae:d0:5f:e3:9c:0f:f1:45:7d:a7:
                    b6:3e:3d:31:9c:ad:0b:1a:51:b8:8f:ac:e1:ec:e9:
                    f2:43:44:ef:1d:4d:a4:95:cd:45:9e:0c:8b:bd:e8:
                    6e:92:98:fc:59:ca:12:29:17:04:98:98:0c:4e:7a:
                    ec:da:5e:e6:31:2f:d4:11:11:63:bd:1d:0a:a8:aa:
                    bc:08:7c:9f:f5:5e:5e:f4:da:77:a4:4d:fe:34:95:
                    39:39:71:2d:f8:4e:c1:18:1e:21:ca:d1:f9:88:7b:
                    ed:a4:32:3a:f9:7a:8d:30:ac:b5:b2:6b:92:07:b2:
                    69:53:0e:b8:73:fd:48:14:e8:6c:f6:8a:3e:a5:35:
                    ce:f9:ee:df:96:9c:e8:f7:fd:ec:da:a6:5c:74:06:
                    f5:da:c3:b5:f8:3c:01:06:5c:dc:ef:3a:d6:93:c0:
                    a7:8b:db:f5:25:cb:60:2f:31:a1:fe:bb:27:dc:67:
                    50:6e:5a:d8:e9:96:76:a1:bd:1c:90:8b:0e:83:58:
                    91:69:c0:df:11:c0:97:e5:05:d2:31:8c:dd:bd:f8:
                    f8:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:5F:11:B8:B3:72:A4:2D:E1:A3:F4:5F:89:DA:29:49:E5:31:1E:8E
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/cd3cba7a-e3ac-4c64-825b-e5de6c7078fe.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.46.80.0/21

    Signature Algorithm: sha256WithRSAEncryption
         34:56:90:fe:41:d9:7c:2f:fa:c0:78:a4:b9:4c:2f:93:e7:5b:
         48:92:79:5b:ee:18:15:63:89:77:61:e0:2a:44:4f:98:53:56:
         dd:f7:f7:39:69:a6:cf:44:a6:d1:94:21:e0:0e:48:e7:86:d7:
         32:f9:89:9f:5c:c6:f0:96:d3:9f:ba:a9:c8:c4:9c:1b:43:77:
         9a:6c:59:e9:e7:57:99:eb:8e:dd:d4:b9:34:5d:73:ab:36:0b:
         6c:64:e1:7a:b9:ab:a2:03:35:7b:36:47:fe:97:c9:a8:34:69:
         6e:b1:b6:2d:62:ae:53:8b:b8:77:db:7a:38:3f:c0:ad:dc:fe:
         94:2a:c1:ae:92:fe:4b:df:2b:fb:72:52:2d:98:53:c6:89:56:
         f3:70:9a:28:2b:c7:92:af:e9:d3:ee:9a:c0:07:ca:36:2b:b7:
         48:4c:d5:89:cb:49:bf:70:21:8b:8c:a0:cc:ef:b0:df:f5:41:
         aa:6a:8a:97:33:30:4e:65:e3:7c:47:ac:1b:1f:8b:02:5f:f0:
         37:f6:52:d6:44:09:29:61:30:e8:d0:0d:da:d9:b6:6d:67:c2:
         4b:87:f3:fb:94:09:94:1f:54:60:eb:95:09:c6:c1:a7:45:2d:
         c0:a3:c3:22:d3:9b:ba:20:2a:34:09:dc:0f:b3:32:40:c1:5a:
         3d:b9:01:3e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbcTmfRMBfhMWG6elFhVhVk5/QaIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzExMTcwMDExWhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A4MDhlMDRlYTA0MmFjNmQxMDNhN2FjZjZmOWNhNTI2ODQy
ZTNiZGM3YWRjMTRiMjZjZGQ4ODNiNDE3MGI1NDUxMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCLbQmac6MUl99MEQxViUouRj57k69i/rDEI0nE6M+1ideA
ej+wXWbDTYJaKJlge3u2rtBf45wP8UV9p7Y+PTGcrQsaUbiPrOHs6fJDRO8dTaSV
zUWeDIu96G6SmPxZyhIpFwSYmAxOeuzaXuYxL9QREWO9HQqoqrwIfJ/1Xl702nek
Tf40lTk5cS34TsEYHiHK0fmIe+2kMjr5eo0wrLWya5IHsmlTDrhz/UgU6Gz2ij6l
Nc757t+WnOj3/ezaplx0BvXaw7X4PAEGXNzvOtaTwKeL2/Uly2AvMaH+uyfcZ1Bu
WtjplnahvRyQiw6DWJFpwN8RwJflBdIxjN29+Ph1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUbV8RuLNypC3ho/RfidopSeUxHo4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2NkM2NiYTdhLWUzYWMtNGM2NC04MjViLWU1ZGU2YzcwNzhmZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAM0LlAwDQYJKoZIhvcNAQELBQADggEBADRWkP5B2Xwv+sB4pLlML5PnW0iS
eVvuGBVjiXdh4CpET5hTVt339zlpps9EptGUIeAOSOeG1zL5iZ9cxvCW05+6qcjE
nBtDd5psWennV5nrjt3UuTRdc6s2C2xk4Xq5q6IDNXs2R/6Xyag0aW6xti1irlOL
uHfbejg/wK3c/pQqwa6S/kvfK/tyUi2YU8aJVvNwmigrx5Kv6dPumsAHyjYrt0hM
1YnLSb9wIYuMoMzvsN/1QapqipczME5l43xHrBsfiwJf8Df2UtZECSlhMOjQDdrZ
tm1nwkuH8/uUCZQfVGDrlQnGwadFLcCjwyLTm7ogKjQJ3A+zMkDBWj25AT4=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:45:36 2025 by rpki-client