Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d28f05a3-dcbb-4637-9ae9-72ab43653d82.roa
File:                     d28f05a3-dcbb-4637-9ae9-72ab43653d82.roa (raw, json)
Hash identifier:          caJczsnXBdmULvnsLaXh3mxxR3PYtbgQADjI2L8gE8c=
Subject key identifier:   7C:59:1E:74:7D:1B:0F:41:B2:58:7E:DE:04:49:3C:74:CD:7E:6D:D9
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       71A9F60A4412E9D2317D1AF37498BAE0415114FB
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d28f05a3-dcbb-4637-9ae9-72ab43653d82.roa
Signing time:             Tue 20 May 2025 15:51:03 +0000
ROA not before:           Tue 20 May 2025 15:51:03 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.174.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:a9:f6:0a:44:12:e9:d2:31:7d:1a:f3:74:98:ba:e0:41:51:14:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 20 15:51:03 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=0c03bf9d0d2bf9acc5bdd64f7301baa145dc5858bbcf40739a8c2f78b7f518d1, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:c1:0c:a0:17:94:1d:b6:b2:d0:ac:38:84:28:
                    9e:d4:4c:2b:30:25:ce:75:a8:a6:4e:a6:b9:41:f0:
                    75:e2:10:1c:0f:fa:8e:77:bb:5e:20:7a:7d:c3:e6:
                    90:78:d2:c1:3d:00:f3:0c:78:aa:02:b2:b9:49:3b:
                    96:ea:a9:70:87:df:01:30:cb:be:77:84:dc:af:e3:
                    4c:fb:7b:d7:5a:25:14:d7:ee:3b:ce:fd:15:b3:9c:
                    60:0d:c2:30:99:f7:8c:2e:4d:67:3c:dc:ac:e3:43:
                    8b:d7:fa:a0:75:63:2f:cf:53:be:e9:5c:ea:da:e7:
                    f0:27:dd:08:c1:b4:65:28:5d:5d:ce:66:f4:a7:fa:
                    b9:55:d7:dd:89:ba:f1:7b:94:b5:ce:9e:0c:e8:8b:
                    aa:7f:8e:2a:4a:64:8f:d4:b4:6a:ea:aa:74:39:1f:
                    98:35:c1:ed:4e:d1:f5:d5:8f:54:73:b8:49:a9:a7:
                    ad:d2:e9:89:bc:8a:a7:11:54:b9:9f:32:3e:db:bd:
                    88:99:48:e6:2b:df:97:57:82:85:5f:26:4e:03:b9:
                    30:25:2c:48:c8:0a:6b:79:84:e9:02:ed:bc:2f:74:
                    ba:97:26:3b:1a:fd:db:69:d1:06:09:05:6e:16:54:
                    6d:5b:05:29:23:2a:06:ac:c3:c1:ce:63:ff:12:d0:
                    03:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:59:1E:74:7D:1B:0F:41:B2:58:7E:DE:04:49:3C:74:CD:7E:6D:D9
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d28f05a3-dcbb-4637-9ae9-72ab43653d82.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.174.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         95:91:ef:c0:c9:84:36:5b:e4:0b:75:0c:60:5d:9f:17:11:ef:
         94:83:f1:87:ea:81:3a:dc:4b:31:62:96:e7:af:95:e7:63:36:
         2d:2c:2b:4e:d7:40:1e:f9:38:b1:ab:3b:18:da:90:1f:5b:91:
         85:e3:33:42:45:12:e4:38:ec:8e:0e:dd:2d:0c:28:31:ce:f8:
         e1:27:e1:39:6d:4d:fd:c4:64:57:a3:24:3f:02:1b:32:b8:3f:
         93:ac:89:6e:6c:ae:43:78:14:e0:f2:64:39:75:43:1b:1b:3d:
         83:66:2a:fd:99:f3:2d:33:28:bd:b7:6d:f6:b9:54:ff:19:ec:
         22:05:12:f7:2a:60:a3:73:20:df:f6:cc:e2:b5:e7:57:c0:17:
         a8:93:9c:2b:c1:a0:44:27:24:05:8b:0f:51:78:79:a7:cf:1a:
         b1:8d:f6:9f:78:5b:c2:8a:9c:bf:9b:ac:d8:7d:e7:89:4e:27:
         a3:1a:a3:c0:ed:e8:f3:29:77:fe:3c:93:48:7d:a6:8a:54:02:
         4d:28:ee:be:04:5a:14:37:44:ff:03:e0:70:8e:a8:c3:78:d3:
         0d:55:6e:3f:76:8e:a4:c3:5e:05:bc:4d:14:9f:38:29:61:b4:
         e2:8a:97:f1:2e:cf:ac:04:49:9c:8c:e1:6e:3f:28:e9:7b:6b:
         51:9c:40:02
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUcan2CkQS6dIxfRrzdJi64EFRFPswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNTIwMTU1MTAzWhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0AwYzAzYmY5ZDBkMmJmOWFjYzViZGQ2NGY3MzAxYmFhMTQ1
ZGM1ODU4YmJjZjQwNzM5YThjMmY3OGI3ZjUxOGQxMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOwQygF5QdtrLQrDiEKJ7UTCswJc51qKZOprlB8HXiEBwP
+o53u14gen3D5pB40sE9APMMeKoCsrlJO5bqqXCH3wEwy753hNyv40z7e9daJRTX
7jvO/RWznGANwjCZ94wuTWc83KzjQ4vX+qB1Yy/PU77pXOra5/An3QjBtGUoXV3O
ZvSn+rlV192JuvF7lLXOngzoi6p/jipKZI/UtGrqqnQ5H5g1we1O0fXVj1RzuEmp
p63S6Ym8iqcRVLmfMj7bvYiZSOYr35dXgoVfJk4DuTAlLEjICmt5hOkC7bwvdLqX
Jjsa/dtp0QYJBW4WVG1bBSkjKgasw8HOY/8S0ANLAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUfFkedH0bD0GyWH7eBEk8dM1+bdkwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2QyOGYwNWEzLWRjYmItNDYzNy05YWU5LTcyYWI0MzY1M2Q4Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAPrjANBgkqhkiG9w0BAQsFAAOCAQEAlZHvwMmENlvkC3UMYF2fFxHvlIPx
h+qBOtxLMWKW56+V52M2LSwrTtdAHvk4sas7GNqQH1uRheMzQkUS5Djsjg7dLQwo
Mc744SfhOW1N/cRkV6MkPwIbMrg/k6yJbmyuQ3gU4PJkOXVDGxs9g2Yq/ZnzLTMo
vbdt9rlU/xnsIgUS9ypgo3Mg3/bM4rXnV8AXqJOcK8GgRCckBYsPUXh5p88asY32
n3hbwoqcv5us2H3niU4noxqjwO3o8yl3/jyTSH2milQCTSjuvgRaFDdE/wPgcI6o
w3jTDVVuP3aOpMNeBbxNFJ84KWG04oqX8S7PrARJnIzhbj8o6XtrUZxAAg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:06:25 2025 by rpki-client