Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d5df39b2-9bcd-491e-bf74-f057dc8aa854.roa
File:                     d5df39b2-9bcd-491e-bf74-f057dc8aa854.roa (raw, json)
Hash identifier:          vjwXaHhM853C9QfXhYQgrtAtc4w0olfJhLV1Zxfgno0=
Subject key identifier:   32:33:D4:27:96:C3:55:79:8B:1D:29:E4:B6:BF:A9:7C:66:27:37:2D
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       47EE08C79BA29096DD32DA9FA0FBF504C5DB8C13
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d5df39b2-9bcd-491e-bf74-f057dc8aa854.roa
Signing time:             Fri 18 Apr 2025 16:11:07 +0000
ROA not before:           Fri 18 Apr 2025 16:11:07 +0000
ROA not after:            Fri 23 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.207.192.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:ee:08:c7:9b:a2:90:96:dd:32:da:9f:a0:fb:f5:04:c5:db:8c:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr 18 16:11:07 2025 GMT
            Not After : May 23 23:59:59 2025 GMT
        Subject: serialNumber=81badd640c4b1ec79a004fa0222e929015a107057c6746ada6d651271977fe87, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:3b:f5:a6:d2:8e:dd:65:79:25:73:ec:c6:45:
                    02:3e:ff:5c:fc:f2:e7:13:2e:8d:d1:a3:f2:31:e4:
                    01:60:e5:f3:22:64:7a:a4:a0:a0:3d:1a:40:c2:10:
                    ab:bb:57:b1:dc:b3:ac:2b:2f:28:1c:6c:a1:52:5b:
                    50:c3:5b:4b:f8:05:ca:e0:cf:76:a1:f9:6b:56:5c:
                    8e:74:ee:10:4a:11:d5:ff:85:ff:3c:ce:fc:7e:4f:
                    b2:4f:3b:aa:3b:e3:b6:1b:a5:0d:4b:ad:b7:6c:18:
                    3d:63:45:e8:4d:ea:66:13:01:b0:6c:65:42:f8:b3:
                    2d:b9:52:21:00:f8:b5:65:b9:4a:d7:b2:39:78:0a:
                    17:57:9a:51:31:b2:0f:b9:8e:06:e3:9a:a4:83:5c:
                    22:97:8a:44:ab:e0:0d:e1:d5:8e:31:ed:7a:44:2b:
                    6b:da:f2:b2:69:9f:6f:45:86:2f:1b:f1:4f:58:dc:
                    b3:02:36:94:d8:4e:eb:95:af:49:79:2c:b7:e9:77:
                    6c:9a:1d:45:83:1a:0d:a5:89:6d:ac:b4:89:6b:a6:
                    df:8b:7c:b0:29:f4:b6:a5:cc:89:b9:6a:00:05:92:
                    5e:cc:56:1c:da:1c:d7:47:59:bc:6c:14:74:54:0c:
                    38:99:82:16:e8:fd:d2:98:fd:85:f8:6c:c3:b4:96:
                    aa:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:33:D4:27:96:C3:55:79:8B:1D:29:E4:B6:BF:A9:7C:66:27:37:2D
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d5df39b2-9bcd-491e-bf74-f057dc8aa854.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.207.192.0/19

    Signature Algorithm: sha256WithRSAEncryption
         5d:63:c5:6c:35:e7:4e:74:7c:4d:ac:f1:76:20:29:9d:f3:9b:
         8e:8a:26:45:da:35:53:b0:82:8a:05:ca:d9:fb:ad:ea:79:70:
         c6:d0:87:e7:57:1a:fa:cd:d5:6a:ce:de:8b:04:62:f5:01:1e:
         d0:7e:21:6e:67:84:d0:5a:59:54:e0:2e:4a:13:1a:cc:ac:0c:
         b0:11:77:de:e1:99:2c:38:23:12:2b:3a:24:4a:f6:d5:1a:dd:
         79:4d:01:34:45:20:69:b2:9c:2c:94:3c:5f:77:55:14:23:c3:
         fb:fe:95:4d:87:60:f8:92:9c:2d:6c:38:a5:7b:fc:c6:57:41:
         9b:51:9d:29:ca:a6:b3:d0:94:48:f2:24:0a:fa:b0:f3:58:b2:
         1e:62:ae:2f:ee:b8:d0:50:fc:88:c8:46:6e:66:2a:e1:58:bc:
         d7:5d:c5:80:6c:1c:fd:c9:62:62:7f:a2:bb:22:cf:bf:aa:11:
         ae:31:96:d2:ea:26:5d:68:1f:07:0e:08:1c:04:50:2f:36:08:
         53:5c:af:c1:d2:6c:0b:ab:a9:ec:1a:34:9a:6d:9b:60:3e:a7:
         cd:dc:ef:72:e1:88:88:d8:6f:18:53:f3:e2:7e:1f:44:e3:7b:
         4c:86:af:41:cf:4a:96:44:91:58:dc:af:c7:4f:b6:09:24:6b:
         f4:0a:ae:92
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUR+4Ix5uikJbdMtqfoPv1BMXbjBMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDE4MTYxMTA3WhcNMjUwNTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A4MWJhZGQ2NDBjNGIxZWM3OWEwMDRmYTAyMjJlOTI5MDE1
YTEwNzA1N2M2NzQ2YWRhNmQ2NTEyNzE5NzdmZTg3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1O/Wm0o7dZXklc+zGRQI+/1z88ucTLo3Ro/Ix5AFg5fMi
ZHqkoKA9GkDCEKu7V7Hcs6wrLygcbKFSW1DDW0v4Bcrgz3ah+WtWXI507hBKEdX/
hf88zvx+T7JPO6o747YbpQ1LrbdsGD1jRehN6mYTAbBsZUL4sy25UiEA+LVluUrX
sjl4ChdXmlExsg+5jgbjmqSDXCKXikSr4A3h1Y4x7XpEK2va8rJpn29Fhi8b8U9Y
3LMCNpTYTuuVr0l5LLfpd2yaHUWDGg2liW2stIlrpt+LfLAp9LalzIm5agAFkl7M
VhzaHNdHWbxsFHRUDDiZghbo/dKY/YX4bMO0lqqNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUMjPUJ5bDVXmLHSnktr+pfGYnNy0wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2Q1ZGYzOWIyLTliY2QtNDkxZS1iZjc0LWYwNTdkYzhhYTg1NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU2z8AwDQYJKoZIhvcNAQELBQADggEBAF1jxWw15050fE2s8XYgKZ3zm46K
JkXaNVOwgooFytn7rep5cMbQh+dXGvrN1WrO3osEYvUBHtB+IW5nhNBaWVTgLkoT
GsysDLARd97hmSw4IxIrOiRK9tUa3XlNATRFIGmynCyUPF93VRQjw/v+lU2HYPiS
nC1sOKV7/MZXQZtRnSnKprPQlEjyJAr6sPNYsh5iri/uuNBQ/IjIRm5mKuFYvNdd
xYBsHP3JYmJ/orsiz7+qEa4xltLqJl1oHwcOCBwEUC82CFNcr8HSbAurqewaNJpt
m2A+p83c73LhiIjYbxhT8+J+H0Tje0yGr0HPSpZEkVjcr8dPtgkka/QKrpI=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:28:10 2025 by rpki-client