Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d2bb4d61-f510-4dfd-a676-e78fce1d19d7.roa
File:                     d2bb4d61-f510-4dfd-a676-e78fce1d19d7.roa (raw, json)
Hash identifier:          D2Mrtk06SzhZzhj8CDEb1NvMnxfSolxVG6BKm6npTd0=
Subject key identifier:   E2:69:4F:AE:34:1E:11:B4:02:15:F8:A8:E2:C2:2E:2A:13:04:4F:B8
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       44306A106CCF8712FFC74503E1B4B22FAA03BAB3
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d2bb4d61-f510-4dfd-a676-e78fce1d19d7.roa
Signing time:             Fri 25 Jul 2025 15:21:15 +0000
ROA not before:           Fri 25 Jul 2025 15:21:15 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        34.253.64.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:30:6a:10:6c:cf:87:12:ff:c7:45:03:e1:b4:b2:2f:aa:03:ba:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 25 15:21:15 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=3f1c4cf88c09914e09c47b53a330121e0b69813d9d66aadb45dbad9345597595, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:39:b5:4f:d0:59:08:2e:c0:11:57:c4:ba:92:
                    8a:6a:f0:80:9d:ac:25:bc:85:6d:a6:6e:2f:13:5b:
                    90:3b:c1:c2:73:76:c0:05:1d:de:dc:f3:ed:0d:fe:
                    0f:3b:84:a5:93:eb:25:a6:e9:31:6d:93:e2:0c:cc:
                    93:81:84:2c:e8:ba:61:81:bb:90:33:c6:99:2b:17:
                    37:c4:b4:7b:fb:77:08:09:3c:5c:4c:ce:47:fc:5d:
                    c6:b1:66:79:98:ae:77:e4:8e:de:84:05:5d:bd:92:
                    88:15:b0:4a:cd:ba:9d:3a:8a:a6:73:f7:ce:69:ed:
                    1a:fb:c6:9d:a9:ac:24:73:c2:b8:82:15:27:24:29:
                    a4:17:93:40:29:2a:5a:ab:91:07:64:61:2e:10:79:
                    94:8f:6e:e7:10:99:d4:6d:ef:1f:42:5d:d1:a1:31:
                    b4:c2:74:a8:67:ef:b2:a7:40:d8:ce:9c:88:72:fb:
                    16:7c:fb:5b:fb:57:3e:a1:5b:45:6f:88:eb:88:44:
                    c4:c3:4b:ca:1f:fd:37:bf:b2:f3:e8:f9:4c:13:ba:
                    bc:1d:d0:92:22:2a:25:bc:f8:f8:26:73:24:71:69:
                    a0:db:36:40:f1:6f:6d:13:19:b6:0c:98:b2:13:2a:
                    32:7c:bc:97:f1:af:1e:6a:df:19:b3:2e:05:9d:b9:
                    bf:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:69:4F:AE:34:1E:11:B4:02:15:F8:A8:E2:C2:2E:2A:13:04:4F:B8
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d2bb4d61-f510-4dfd-a676-e78fce1d19d7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  34.253.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         a3:99:a5:1f:4e:bb:cc:99:78:6e:a7:fb:6b:72:bc:28:67:29:
         dc:e3:6a:e6:9e:c4:da:3b:a2:a6:6f:41:86:0f:00:41:67:10:
         40:77:d1:e2:77:72:9c:bd:df:bf:27:9e:9d:0f:56:96:33:a5:
         4e:d0:85:3d:ae:00:35:05:6d:d3:76:34:39:e4:4e:e7:0f:e7:
         e8:53:16:8b:01:c4:ac:fd:81:15:e6:ae:e9:48:79:00:ad:c4:
         94:4e:2a:71:b7:47:80:c1:e3:a7:ae:bb:71:5a:26:b8:39:64:
         f3:aa:ee:3e:87:a7:b3:b7:de:d3:7c:f3:a7:d5:bc:3c:67:c5:
         ca:25:25:56:4d:12:15:5a:fe:46:58:52:7e:14:c7:0a:10:d0:
         df:3a:4d:cf:53:1a:3d:fa:51:23:8b:fb:77:bc:4d:01:c0:2d:
         80:d3:a2:b4:b7:eb:1f:ab:fc:23:6b:92:2a:11:8e:83:b5:55:
         1e:e0:40:bf:f0:13:c7:f3:29:23:82:a8:ce:dd:8b:42:3d:52:
         29:dc:d4:19:31:39:fa:13:22:e4:69:78:9b:3a:51:a2:7f:f4:
         24:0e:1b:54:01:ae:6d:60:6d:cc:11:71:a1:ae:d5:fa:dd:b2:
         99:ed:ea:10:48:dc:c3:98:97:d4:0d:5f:fb:4f:71:d4:eb:f1:
         9f:0c:ee:61
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURDBqEGzPhxL/x0UD4bSyL6oDurMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI1MTUyMTE1WhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0AzZjFjNGNmODhjMDk5MTRlMDljNDdiNTNhMzMwMTIxZTBi
Njk4MTNkOWQ2NmFhZGI0NWRiYWQ5MzQ1NTk3NTk1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCRObVP0FkILsARV8S6kopq8ICdrCW8hW2mbi8TW5A7wcJz
dsAFHd7c8+0N/g87hKWT6yWm6TFtk+IMzJOBhCzoumGBu5AzxpkrFzfEtHv7dwgJ
PFxMzkf8XcaxZnmYrnfkjt6EBV29kogVsErNup06iqZz985p7Rr7xp2prCRzwriC
FSckKaQXk0ApKlqrkQdkYS4QeZSPbucQmdRt7x9CXdGhMbTCdKhn77KnQNjOnIhy
+xZ8+1v7Vz6hW0VviOuIRMTDS8of/Te/svPo+UwTurwd0JIiKiW8+PgmcyRxaaDb
NkDxb20TGbYMmLITKjJ8vJfxrx5q3xmzLgWdub+jAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4mlPrjQeEbQCFfio4sIuKhMET7gwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2QyYmI0ZDYxLWY1MTAtNGRmZC1hNjc2LWU3OGZjZTFkMTlkNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYi/UAwDQYJKoZIhvcNAQELBQADggEBAKOZpR9Ou8yZeG6n+2tyvChnKdzj
auaexNo7oqZvQYYPAEFnEEB30eJ3cpy9378nnp0PVpYzpU7QhT2uADUFbdN2NDnk
TucP5+hTFosBxKz9gRXmrulIeQCtxJROKnG3R4DB46euu3FaJrg5ZPOq7j6Hp7O3
3tN886fVvDxnxcolJVZNEhVa/kZYUn4UxwoQ0N86Tc9TGj36USOL+3e8TQHALYDT
orS36x+r/CNrkioRjoO1VR7gQL/wE8fzKSOCqM7di0I9Uinc1BkxOfoTIuRpeJs6
UaJ/9CQOG1QBrm1gbcwRcaGu1frdspnt6hBI3MOYl9QNX/tPcdTr8Z8M7mE=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:32:37 2025 by rpki-client