Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ede7f351-4d0f-4c75-9915-6673e09863e1.roa
File:                     ede7f351-4d0f-4c75-9915-6673e09863e1.roa (raw, json)
Hash identifier:          bIctp61y7fXgA2sAd7nfD6rtXwLi3r4KIXKc0UZFzkw=
Subject key identifier:   CD:7A:C6:1B:DB:CC:0A:7A:D8:1D:99:F3:BF:2B:75:B7:0A:B9:75:31
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4656463A0C52C1B613C1D7D2AA64484B17ED30F4
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ede7f351-4d0f-4c75-9915-6673e09863e1.roa
Signing time:             Fri 25 Jul 2025 15:40:20 +0000
ROA not before:           Fri 25 Jul 2025 15:40:20 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.15.64.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:56:46:3a:0c:52:c1:b6:13:c1:d7:d2:aa:64:48:4b:17:ed:30:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 25 15:40:20 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=869694b8fd8c881399a82331958b3a10da1a51f5df57fa7e2e1626891dbb8ac6, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:82:48:67:9c:7b:2b:b6:a2:1d:6b:0c:d4:2f:
                    ea:57:74:1f:cc:7b:8c:10:5d:a8:fd:0e:6b:0e:39:
                    e5:84:69:5d:6d:2b:af:81:c4:ce:8b:7a:40:68:85:
                    f2:10:1f:6f:7d:1e:9f:d8:36:77:14:36:ef:7b:2f:
                    71:0b:ca:9a:36:4b:a8:f0:45:e9:18:89:3c:48:0e:
                    c5:77:bd:ed:ba:68:d7:1e:43:06:62:67:0e:61:ec:
                    9c:1c:15:b8:e6:cd:a7:b7:c3:45:b2:97:e9:56:f8:
                    90:1b:e0:ea:f9:43:f0:53:44:f4:33:48:c7:32:cf:
                    ca:41:0a:e3:2c:ab:4c:9e:97:e7:45:82:27:db:9e:
                    0a:33:70:1c:0d:a5:7b:c2:0f:3c:dc:e8:89:dd:de:
                    3c:98:78:f0:4f:41:9c:e0:4f:83:79:31:26:3c:24:
                    8f:20:39:12:43:0b:8b:b2:9c:8e:63:92:0b:2b:f9:
                    28:c6:0d:c7:df:38:e6:6e:16:6c:cd:c2:da:44:0e:
                    7b:c9:6c:43:7b:3a:cb:e6:00:c1:69:27:95:c9:f7:
                    66:9a:a0:a9:b8:2a:20:de:b4:da:18:e1:64:b1:b7:
                    a3:b4:53:4d:27:2d:7b:17:59:fb:9b:aa:8e:24:84:
                    73:dd:75:3b:8b:d7:b4:16:e7:60:34:7c:fe:df:40:
                    83:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:7A:C6:1B:DB:CC:0A:7A:D8:1D:99:F3:BF:2B:75:B7:0A:B9:75:31
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ede7f351-4d0f-4c75-9915-6673e09863e1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.15.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         57:f5:64:9c:ab:1f:8f:24:ec:e3:ac:81:0a:b9:1a:36:bf:3d:
         06:1b:19:f4:cc:d6:39:62:58:79:29:69:36:3b:c2:b6:bd:5e:
         70:9e:3c:39:4f:e1:d0:09:0c:9a:a9:51:8a:a1:42:83:3c:6b:
         d3:1d:9d:83:fe:18:50:5e:d4:67:14:1b:1c:06:a2:e8:bb:06:
         7f:ef:46:2e:4e:86:50:29:dc:0a:ce:1f:05:d9:6f:b4:e0:4f:
         3b:09:3e:f3:c6:1a:c7:b3:8a:e5:cc:dd:a8:ff:34:b9:1b:52:
         19:c3:63:fa:6d:c0:0c:2e:12:1a:70:11:cc:2d:f9:3a:28:0d:
         96:17:46:0b:fd:33:b2:d4:ab:93:44:7f:48:69:4d:87:38:1a:
         b5:53:bb:7f:0b:a6:48:6a:bb:ae:b4:cd:ce:ab:9c:2d:52:9c:
         60:dc:e2:bb:b5:eb:84:4d:9f:33:d3:d3:a1:1c:44:65:04:fb:
         d8:fa:59:ce:c3:15:86:2e:ff:13:bb:15:cc:7d:50:a6:ba:32:
         54:b7:2d:da:eb:25:b6:93:e2:c7:bf:d2:68:c3:2e:d0:90:a7:
         36:ed:5a:79:83:db:43:3b:2b:3b:14:67:f4:72:17:d8:6a:e2:
         7a:39:12:98:77:de:46:38:2a:5d:49:16:a9:c6:75:4b:0b:d8:
         bc:f5:77:96
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURlZGOgxSwbYTwdfSqmRISxftMPQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI1MTU0MDIwWhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A4Njk2OTRiOGZkOGM4ODEzOTlhODIzMzE5NThiM2ExMGRh
MWE1MWY1ZGY1N2ZhN2UyZTE2MjY4OTFkYmI4YWM2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDSgkhnnHsrtqIdawzUL+pXdB/Me4wQXaj9DmsOOeWEaV1t
K6+BxM6LekBohfIQH299Hp/YNncUNu97L3ELypo2S6jwRekYiTxIDsV3ve26aNce
QwZiZw5h7JwcFbjmzae3w0Wyl+lW+JAb4Or5Q/BTRPQzSMcyz8pBCuMsq0yel+dF
gifbngozcBwNpXvCDzzc6Ind3jyYePBPQZzgT4N5MSY8JI8gORJDC4uynI5jkgsr
+SjGDcffOOZuFmzNwtpEDnvJbEN7OsvmAMFpJ5XJ92aaoKm4KiDetNoY4WSxt6O0
U00nLXsXWfubqo4khHPddTuL17QW52A0fP7fQIPBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUzXrGG9vMCnrYHZnzvyt1twq5dTEwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2VkZTdmMzUxLTRkMGYtNGM3NS05OTE1LTY2NzNlMDk4NjNlMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAY0D0AwDQYJKoZIhvcNAQELBQADggEBAFf1ZJyrH48k7OOsgQq5Gja/PQYb
GfTM1jliWHkpaTY7wra9XnCePDlP4dAJDJqpUYqhQoM8a9MdnYP+GFBe1GcUGxwG
oui7Bn/vRi5OhlAp3ArOHwXZb7TgTzsJPvPGGseziuXM3aj/NLkbUhnDY/ptwAwu
EhpwEcwt+TooDZYXRgv9M7LUq5NEf0hpTYc4GrVTu38Lpkhqu660zc6rnC1SnGDc
4ru164RNnzPT06EcRGUE+9j6Wc7DFYYu/xO7Fcx9UKa6MlS3LdrrJbaT4se/0mjD
LtCQpzbtWnmD20M7KzsUZ/RyF9hq4no5Eph33kY4Kl1JFqnGdUsL2Lz1d5Y=
-----END CERTIFICATE-----
Generated at Tue Aug 5 21:37:13 2025 by rpki-client