Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d05d1ed6-0d98-42b2-8bd6-0ad727ddd58f.roa
File:                     d05d1ed6-0d98-42b2-8bd6-0ad727ddd58f.roa (raw, json)
Hash identifier:          p2eTn24COaOjYGhvORpHhefrTrtQx4sA40NjpP7p/hw=
Subject key identifier:   18:31:48:41:9E:6B:4A:EC:7F:9A:E6:8B:47:68:D6:61:EF:66:D4:30
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       3F276FF7702E15AB32BC8F4EB702D6B5BCF4900C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d05d1ed6-0d98-42b2-8bd6-0ad727ddd58f.roa
Signing time:             Tue 22 Jul 2025 15:11:13 +0000
ROA not before:           Tue 22 Jul 2025 15:11:13 +0000
ROA not after:            Tue 26 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.53.128.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:27:6f:f7:70:2e:15:ab:32:bc:8f:4e:b7:02:d6:b5:bc:f4:90:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 22 15:11:13 2025 GMT
            Not After : Aug 26 23:59:59 2025 GMT
        Subject: serialNumber=b264abcf2c91d08b940ace29f3a5a51791ddc99bbd0b399bb4e7d225cf8cd300, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:3d:62:85:89:80:9d:9a:90:9f:26:e5:78:9b:
                    2e:35:ac:22:7e:4e:97:b5:25:8f:1f:29:24:9e:04:
                    4a:7e:b4:db:cd:ed:6f:1b:12:40:a8:54:2c:62:0e:
                    21:c0:b4:16:56:76:5b:12:aa:f3:42:37:93:eb:ce:
                    60:43:c4:6e:6b:d9:6b:45:2f:59:db:42:9d:d1:86:
                    30:c5:8e:e7:79:60:18:09:e7:46:f5:76:0c:f7:10:
                    4e:90:2c:2e:cc:56:37:08:85:f8:77:91:70:84:31:
                    9e:d3:93:d1:e5:db:73:cb:45:25:e9:7a:11:16:cb:
                    9f:52:28:fc:c5:a0:de:93:57:fd:ea:c7:b0:56:de:
                    da:9c:d0:86:bc:b9:fc:7f:ee:8d:94:6a:86:73:cd:
                    59:31:c5:87:2e:41:ec:51:95:71:6f:72:55:d5:e1:
                    35:06:f8:e9:49:fe:9d:f3:5d:e6:bc:03:9b:22:9c:
                    07:03:6a:8b:df:61:03:6d:13:cb:9d:37:7d:41:b4:
                    3d:e8:b9:ef:28:bf:fa:08:9d:8e:35:58:24:42:d7:
                    af:03:6e:54:fd:d7:c1:32:f2:95:53:ac:20:af:9d:
                    88:c6:a7:95:9b:94:83:f6:38:47:a1:9c:ae:98:44:
                    ac:76:d2:5e:57:d3:fd:96:d4:ab:fd:49:e5:cd:ba:
                    bb:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:31:48:41:9E:6B:4A:EC:7F:9A:E6:8B:47:68:D6:61:EF:66:D4:30
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d05d1ed6-0d98-42b2-8bd6-0ad727ddd58f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.53.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         8f:37:b9:02:88:ea:8e:ba:7a:82:f5:ea:71:1e:c4:46:db:08:
         26:11:5b:12:26:eb:30:33:5b:ed:c3:7f:e7:0b:7e:80:e6:2c:
         eb:27:d7:0e:b1:47:eb:7e:39:85:10:62:4f:ca:df:13:8f:23:
         21:5e:c1:ed:9b:ed:81:e3:3d:b2:34:31:f3:50:7a:75:2a:25:
         35:62:7f:0e:50:47:3f:9b:b1:46:fb:a5:e8:e1:9d:5c:87:89:
         8e:6d:fc:cf:ad:55:45:e8:18:51:d1:32:b1:17:7b:7b:3d:93:
         cb:1f:22:c5:e2:8a:ff:8c:16:db:fe:7a:2b:7c:f0:10:da:50:
         df:cd:a4:cb:d2:6e:6d:09:50:d5:e6:75:97:15:37:50:1c:e6:
         85:f3:31:5e:eb:1a:8f:6b:fe:72:09:b3:99:19:90:cf:ef:ce:
         04:1a:d1:42:8e:3e:a2:eb:a3:4c:dd:79:7e:de:9e:1f:8c:ba:
         a1:c1:c8:32:89:6c:5d:48:93:b7:d8:c8:27:96:77:15:e6:ae:
         0d:6c:a4:86:32:83:13:44:f8:5d:87:1b:31:29:9d:67:d6:76:
         fa:ab:1f:75:0f:1a:93:a3:1c:ab:14:83:6f:29:08:37:2b:3f:
         6a:16:d0:f5:04:e3:a3:7f:83:4e:90:a5:ae:7a:a9:55:55:48:
         6a:94:ff:3e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPydv93AuFasyvI9OtwLWtbz0kAwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzIyMTUxMTEzWhcNMjUwODI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BiMjY0YWJjZjJjOTFkMDhiOTQwYWNlMjlmM2E1YTUxNzkx
ZGRjOTliYmQwYjM5OWJiNGU3ZDIyNWNmOGNkMzAwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAPWKFiYCdmpCfJuV4my41rCJ+Tpe1JY8fKSSeBEp+tNvN
7W8bEkCoVCxiDiHAtBZWdlsSqvNCN5PrzmBDxG5r2WtFL1nbQp3RhjDFjud5YBgJ
50b1dgz3EE6QLC7MVjcIhfh3kXCEMZ7Tk9Hl23PLRSXpehEWy59SKPzFoN6TV/3q
x7BW3tqc0Ia8ufx/7o2UaoZzzVkxxYcuQexRlXFvclXV4TUG+OlJ/p3zXea8A5si
nAcDaovfYQNtE8udN31BtD3oue8ov/oInY41WCRC168DblT918Ey8pVTrCCvnYjG
p5WblIP2OEehnK6YRKx20l5X0/2W1Kv9SeXNuruJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUGDFIQZ5rSux/muaLR2jWYe9m1DAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2QwNWQxZWQ2LTBkOTgtNDJiMi04YmQ2LTBhZDcyN2RkZDU4Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAcNNYAwDQYJKoZIhvcNAQELBQADggEBAI83uQKI6o66eoL16nEexEbbCCYR
WxIm6zAzW+3Df+cLfoDmLOsn1w6xR+t+OYUQYk/K3xOPIyFewe2b7YHjPbI0MfNQ
enUqJTVifw5QRz+bsUb7pejhnVyHiY5t/M+tVUXoGFHRMrEXe3s9k8sfIsXiiv+M
Ftv+eit88BDaUN/NpMvSbm0JUNXmdZcVN1Ac5oXzMV7rGo9r/nIJs5kZkM/vzgQa
0UKOPqLro0zdeX7enh+MuqHByDKJbF1Ik7fYyCeWdxXmrg1spIYygxNE+F2HGzEp
nWfWdvqrH3UPGpOjHKsUg28pCDcrP2oW0PUE46N/g06Qpa56qVVVSGqU/z4=
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:11:08 2025 by rpki-client