Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f1b64b94-b1ab-4ac2-acf5-cc70cdd284b5.roa
File:                     f1b64b94-b1ab-4ac2-acf5-cc70cdd284b5.roa (raw, json)
Hash identifier:          OZKMUhV09ABCudPFq2UmFJ6S5RInerFyPB952tk211M=
Subject key identifier:   A1:7A:35:9C:4C:97:55:A9:75:95:62:CE:4D:D6:05:7A:20:8A:B4:75
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       1B4BFF2848097A55B5400702E995BC14AAB23E04
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f1b64b94-b1ab-4ac2-acf5-cc70cdd284b5.roa
Signing time:             Sat 26 Jul 2025 00:21:07 +0000
ROA not before:           Sat 26 Jul 2025 00:21:07 +0000
ROA not after:            Sat 30 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        141.139.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:4b:ff:28:48:09:7a:55:b5:40:07:02:e9:95:bc:14:aa:b2:3e:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 26 00:21:07 2025 GMT
            Not After : Aug 30 23:59:59 2025 GMT
        Subject: serialNumber=e16b125b1ad21529b89fb9ee2c88c9aadfb4b6906c5e2d89d14ebd6494fc33d6, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:d0:8c:dd:8e:58:81:57:5e:96:40:3c:96:ed:
                    0c:41:9a:ff:87:61:8b:2f:7e:fa:f0:b0:16:78:ed:
                    7a:e4:6c:f8:af:85:f2:c8:20:85:1a:c6:6c:87:d5:
                    83:04:35:35:76:db:18:19:ee:07:f1:5c:1b:d6:5e:
                    12:72:c8:71:29:67:24:2f:66:36:51:f3:4d:45:93:
                    2a:71:84:dd:77:61:72:29:2c:96:5c:c2:47:47:10:
                    f9:07:90:c6:7d:30:21:60:38:45:0a:e7:e4:08:03:
                    fb:03:26:bf:a3:c9:1d:9a:f7:1c:0f:94:d0:4a:4c:
                    22:56:02:0f:65:93:7d:97:92:45:db:79:a4:79:2f:
                    84:3d:d9:8c:81:a0:0a:7a:ec:69:54:1f:5c:9e:5b:
                    c2:17:32:cf:f7:3f:43:0f:e6:c8:08:e3:90:51:8e:
                    d0:30:d0:72:7d:e0:06:f7:d0:2a:39:7e:7e:90:f8:
                    a5:15:e4:b9:bb:cc:24:eb:21:f0:d8:08:0d:bb:fb:
                    35:e1:20:fc:34:55:af:4c:2d:3b:22:bd:ec:8f:bd:
                    ae:69:70:e0:fa:14:80:81:5b:73:c7:78:be:a0:c1:
                    cc:7f:6b:5d:8d:f4:bd:04:2b:4e:05:c1:60:cf:94:
                    c6:9a:de:45:20:0b:a6:87:e6:46:90:03:00:3e:55:
                    62:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:7A:35:9C:4C:97:55:A9:75:95:62:CE:4D:D6:05:7A:20:8A:B4:75
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f1b64b94-b1ab-4ac2-acf5-cc70cdd284b5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.139.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         61:f3:58:8b:89:cb:36:16:9d:d3:72:b3:a9:61:90:18:ae:67:
         63:dd:f3:3f:40:f2:75:12:c7:30:af:30:3c:11:05:9d:d2:e1:
         0f:cd:e3:dc:8d:06:83:66:ca:1c:87:73:2c:ae:c3:fe:de:9b:
         fe:02:c5:e9:cb:7a:ab:12:f3:df:c4:9e:61:f8:70:42:7a:ad:
         ce:b4:89:88:08:6b:6e:82:b3:c5:20:b8:3f:da:ec:d1:5e:3c:
         cc:7a:ba:ca:bd:d1:f5:3e:7b:dc:fc:8e:d4:a1:36:f1:3c:12:
         7e:f9:49:43:fd:45:06:ba:1f:c8:17:e4:0f:c2:82:05:f9:38:
         56:50:fc:58:0e:78:65:a7:59:f6:fc:24:3d:36:7d:2a:40:7f:
         55:4f:51:af:c0:36:46:6a:9f:71:b4:6c:51:92:55:93:80:b5:
         eb:db:49:80:2b:8c:9b:61:e5:48:51:e1:c7:64:dd:fa:2f:bb:
         77:f4:fe:d4:ed:9f:48:6e:e2:f9:f9:a6:47:d9:37:f8:00:d0:
         25:03:cd:70:e0:ea:77:06:15:77:6b:90:c7:a6:fb:55:52:0c:
         4a:58:16:83:f3:05:89:ae:89:33:1c:d6:f7:8e:76:c6:a8:79:
         f1:61:19:f2:ad:63:2a:00:37:b9:6b:d1:b9:b4:96:a8:20:bb:
         34:e4:00:dd
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUG0v/KEgJelW1QAcC6ZW8FKqyPgQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI2MDAyMTA3WhcNMjUwODMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BlMTZiMTI1YjFhZDIxNTI5Yjg5ZmI5ZWUyYzg4YzlhYWRm
YjRiNjkwNmM1ZTJkODlkMTRlYmQ2NDk0ZmMzM2Q2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDA0IzdjliBV16WQDyW7QxBmv+HYYsvfvrwsBZ47XrkbPiv
hfLIIIUaxmyH1YMENTV22xgZ7gfxXBvWXhJyyHEpZyQvZjZR801FkypxhN13YXIp
LJZcwkdHEPkHkMZ9MCFgOEUK5+QIA/sDJr+jyR2a9xwPlNBKTCJWAg9lk32XkkXb
eaR5L4Q92YyBoAp67GlUH1yeW8IXMs/3P0MP5sgI45BRjtAw0HJ94Ab30Co5fn6Q
+KUV5Lm7zCTrIfDYCA27+zXhIPw0Va9MLTsiveyPva5pcOD6FICBW3PHeL6gwcx/
a12N9L0EK04FwWDPlMaa3kUgC6aH5kaQAwA+VWILAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUoXo1nEyXVal1lWLOTdYFeiCKtHUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2YxYjY0Yjk0LWIxYWItNGFjMi1hY2Y1LWNjNzBjZGQyODRiNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCNizANBgkqhkiG9w0BAQsFAAOCAQEAYfNYi4nLNhad03KzqWGQGK5nY93z
P0DydRLHMK8wPBEFndLhD83j3I0Gg2bKHIdzLK7D/t6b/gLF6ct6qxLz38SeYfhw
QnqtzrSJiAhrboKzxSC4P9rs0V48zHq6yr3R9T573PyO1KE28TwSfvlJQ/1FBrof
yBfkD8KCBfk4VlD8WA54ZadZ9vwkPTZ9KkB/VU9Rr8A2RmqfcbRsUZJVk4C169tJ
gCuMm2HlSFHhx2Td+i+7d/T+1O2fSG7i+fmmR9k3+ADQJQPNcODqdwYVd2uQx6b7
VVIMSlgWg/MFia6JMxzW9452xqh58WEZ8q1jKgA3uWvRubSWqCC7NOQA3Q==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:38:52 2025 by rpki-client