Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ed6ae7a6-80d3-4713-820e-ecde1ed6852f.roa
File:                     ed6ae7a6-80d3-4713-820e-ecde1ed6852f.roa (raw, json)
Hash identifier:          x3inZGvwgndv0gg3X8t0efzmhtpX/8uw34MhFxrrG7Y=
Subject key identifier:   B0:47:40:57:C3:27:C6:66:F9:2F:17:4C:1F:0C:84:F9:76:FA:12:2F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       776D21696C8C91D98A1F91D2D98231DCDB1B1121
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ed6ae7a6-80d3-4713-820e-ecde1ed6852f.roa
Signing time:             Tue 22 Jul 2025 15:11:05 +0000
ROA not before:           Tue 22 Jul 2025 15:11:05 +0000
ROA not after:            Tue 26 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.48.0.0/14 maxlen: 14
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:6d:21:69:6c:8c:91:d9:8a:1f:91:d2:d9:82:31:dc:db:1b:11:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 22 15:11:05 2025 GMT
            Not After : Aug 26 23:59:59 2025 GMT
        Subject: serialNumber=4c36d49a3ff5a00f4b237ca91097df0acf47c8059801eea7b2401c4d5542fa62, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:35:ba:16:72:5f:ed:d7:3a:3a:30:9c:3c:d1:
                    a2:ab:65:22:7d:85:27:e3:ea:eb:31:12:20:c0:ef:
                    78:13:5b:11:4a:81:8e:0d:60:f8:ff:27:41:bc:b8:
                    7e:e3:0f:17:76:7b:1c:e3:98:a6:aa:c3:f1:88:ad:
                    e9:92:46:d5:86:ee:29:2d:6b:49:98:3c:ef:94:67:
                    6a:f3:40:16:5e:a3:b3:a6:05:ac:02:bd:69:a8:6b:
                    c3:6a:61:1d:18:68:a4:2d:95:cd:77:03:c9:43:b0:
                    3d:5b:6a:3d:28:6b:4b:e4:b7:42:ca:fb:d7:39:b9:
                    7f:f3:42:57:d0:39:e6:fb:e2:ba:88:80:68:8d:48:
                    44:03:d2:e3:a3:30:c3:6b:9a:a2:f2:a4:34:95:b9:
                    19:c6:1a:fd:12:84:b1:77:7b:f3:13:a9:44:4c:48:
                    aa:e3:79:eb:bd:96:48:96:82:07:3f:90:c5:37:72:
                    e5:0b:61:6a:04:69:94:ed:60:7e:49:d5:9a:c0:6a:
                    fe:a9:90:f9:9e:bb:df:a5:cf:bd:91:f6:41:d0:1c:
                    75:43:1d:27:5b:3b:e3:e7:d4:14:f6:41:df:0a:b8:
                    5c:64:bc:f5:a6:75:48:39:76:8b:f8:e1:23:9a:ac:
                    2e:97:01:96:ba:bb:90:22:9c:39:bc:31:1f:65:d1:
                    1a:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:47:40:57:C3:27:C6:66:F9:2F:17:4C:1F:0C:84:F9:76:FA:12:2F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ed6ae7a6-80d3-4713-820e-ecde1ed6852f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.48.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         43:91:46:ac:23:90:9f:c6:c1:37:88:7f:d4:d9:52:b7:aa:31:
         63:2a:9a:ac:06:79:67:08:40:42:d6:c8:c4:61:ae:09:f3:aa:
         0a:f2:98:d2:f9:a9:0f:84:53:b4:5d:cf:f1:a8:66:01:80:aa:
         1f:b8:19:8d:1b:0c:e8:ce:99:8e:63:ef:67:48:6a:01:18:fa:
         cf:45:9a:6a:50:e4:1f:67:c9:70:65:ab:7d:47:ce:73:15:ec:
         2c:b9:0e:c7:ed:41:f7:0e:c9:01:11:ba:5c:c5:a4:c8:4c:da:
         f3:c6:88:25:6a:c0:1f:a1:b4:b0:8d:83:9e:8f:dc:97:70:ba:
         e2:94:1b:c3:2f:c2:51:28:2b:f2:e1:e3:e4:9e:63:c4:a9:04:
         13:80:33:dc:40:eb:f2:e0:2b:bb:a5:19:4d:3b:d6:fb:51:1e:
         42:de:99:d7:ad:4d:18:86:3a:3e:04:8c:0a:cc:56:a4:c3:ef:
         d6:48:4d:be:04:56:a0:9e:e4:56:d3:ee:ee:cb:f5:e0:ea:94:
         61:ba:93:2e:89:5e:22:8d:38:1c:ac:8b:c1:a0:c8:1c:29:8d:
         0e:1f:fb:bf:88:92:c5:90:4f:73:d3:71:98:5b:c8:de:53:62:
         43:a5:e6:a8:80:6c:61:a6:36:0e:e1:7f:75:64:dd:cf:09:01:
         71:ce:6a:e7
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUd20haWyMkdmKH5HS2YIx3NsbESEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzIyMTUxMTA1WhcNMjUwODI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A0YzM2ZDQ5YTNmZjVhMDBmNGIyMzdjYTkxMDk3ZGYwYWNm
NDdjODA1OTgwMWVlYTdiMjQwMWM0ZDU1NDJmYTYyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDUNboWcl/t1zo6MJw80aKrZSJ9hSfj6usxEiDA73gTWxFK
gY4NYPj/J0G8uH7jDxd2exzjmKaqw/GIremSRtWG7ikta0mYPO+UZ2rzQBZeo7Om
BawCvWmoa8NqYR0YaKQtlc13A8lDsD1baj0oa0vkt0LK+9c5uX/zQlfQOeb74rqI
gGiNSEQD0uOjMMNrmqLypDSVuRnGGv0ShLF3e/MTqURMSKrjeeu9lkiWggc/kMU3
cuULYWoEaZTtYH5J1ZrAav6pkPmeu9+lz72R9kHQHHVDHSdbO+Pn1BT2Qd8KuFxk
vPWmdUg5dov44SOarC6XAZa6u5AinDm8MR9l0RqlAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUsEdAV8Mnxmb5LxdMHwyE+Xb6Ei8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2VkNmFlN2E2LTgwZDMtNDcxMy04MjBlLWVjZGUxZWQ2ODUyZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwINMDANBgkqhkiG9w0BAQsFAAOCAQEAQ5FGrCOQn8bBN4h/1NlSt6oxYyqa
rAZ5ZwhAQtbIxGGuCfOqCvKY0vmpD4RTtF3P8ahmAYCqH7gZjRsM6M6ZjmPvZ0hq
ARj6z0WaalDkH2fJcGWrfUfOcxXsLLkOx+1B9w7JARG6XMWkyEza88aIJWrAH6G0
sI2Dno/cl3C64pQbwy/CUSgr8uHj5J5jxKkEE4Az3EDr8uAru6UZTTvW+1EeQt6Z
161NGIY6PgSMCsxWpMPv1khNvgRWoJ7kVtPu7sv14OqUYbqTLoleIo04HKyLwaDI
HCmNDh/7v4iSxZBPc9NxmFvI3lNiQ6XmqIBsYaY2DuF/dWTdzwkBcc5q5w==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:38:45 2025 by rpki-client