Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fd8582f2-711d-49f5-9208-ce76c6466e79.roa
File:                     fd8582f2-711d-49f5-9208-ce76c6466e79.roa (raw, json)
Hash identifier:          ESX6B+TcD2Jc1t7EXcmVAdt9zIqEwYNVi93h6LyCWQ4=
Subject key identifier:   1D:02:F3:8F:06:0B:BD:7A:E7:F4:77:74:C7:32:77:48:2B:A9:A7:9D
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       1F99CA5E74CAE04261ECB1059B441277C4ACAC8B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fd8582f2-711d-49f5-9208-ce76c6466e79.roa
Signing time:             Fri 25 Apr 2025 17:01:12 +0000
ROA not before:           Fri 25 Apr 2025 17:01:12 +0000
ROA not after:            Fri 30 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.95.56.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:99:ca:5e:74:ca:e0:42:61:ec:b1:05:9b:44:12:77:c4:ac:ac:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr 25 17:01:12 2025 GMT
            Not After : May 30 23:59:59 2025 GMT
        Subject: serialNumber=db93741fc89faf606bdac7a2b24df107ae474f6c442155bd75f1bc8806b5161f, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:2f:f3:70:aa:3d:39:fb:74:92:0a:ab:0e:29:
                    ac:90:de:7c:54:80:c7:0b:56:8d:10:e0:58:f9:69:
                    1e:3d:36:b0:29:d1:86:f3:86:23:7e:bf:c8:0c:16:
                    33:38:2f:c4:02:a9:b1:76:a6:70:49:4a:a1:0a:d6:
                    9f:79:96:cd:d8:c2:05:ac:e3:73:56:39:0f:58:e6:
                    eb:4f:32:17:8a:22:a1:86:34:d4:9b:60:4e:11:09:
                    b7:74:1f:cc:2c:d9:6f:48:4c:80:c4:b5:f0:f6:55:
                    98:de:1a:19:d7:b8:f7:ae:77:3a:33:aa:83:4a:0f:
                    70:82:9d:60:d5:e3:91:0d:75:f9:1d:b6:5e:83:f5:
                    45:d7:4d:56:7b:ef:b4:19:32:64:e8:f6:64:54:24:
                    7b:41:81:f0:03:72:7c:be:72:45:66:65:38:8a:21:
                    e2:32:a7:72:8b:10:14:1f:d2:ea:87:72:53:18:9d:
                    36:59:43:ae:30:b6:54:7e:bf:83:4f:62:ec:08:dd:
                    5c:4b:bb:77:91:0c:fe:fe:b4:ec:3a:af:9c:16:44:
                    52:e3:25:01:a1:8d:31:8c:5f:65:87:4c:c7:93:d7:
                    86:c6:36:61:14:9a:88:40:72:47:f3:8b:b1:31:1a:
                    64:2f:0a:c9:00:89:73:02:f3:90:0b:3c:a4:b1:cd:
                    de:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:02:F3:8F:06:0B:BD:7A:E7:F4:77:74:C7:32:77:48:2B:A9:A7:9D
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fd8582f2-711d-49f5-9208-ce76c6466e79.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.95.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         39:46:f3:34:f4:8d:23:66:c0:5d:d0:0c:d9:9a:16:35:82:5d:
         50:e8:fc:be:07:df:96:60:b3:66:58:8d:bd:8a:a4:c9:2d:82:
         54:f9:ee:bd:67:a0:1c:ee:fd:bd:17:78:ef:6b:b2:9d:67:40:
         2c:d0:e9:ca:b1:49:99:22:62:73:76:af:af:42:01:f7:07:cb:
         85:de:13:61:25:f4:c0:10:39:8f:ee:cf:af:52:55:15:6d:7a:
         94:0d:f3:11:e7:72:31:3b:f9:03:9a:6b:84:7f:19:fd:9d:66:
         c9:ce:ec:a0:8d:f2:9a:cf:e4:2b:ba:d0:20:a5:6d:c9:f3:6a:
         77:d9:eb:d8:ea:d0:f9:ac:13:1d:24:38:dc:4c:32:bd:24:d3:
         dc:5f:ca:b1:95:66:93:71:76:a3:23:ed:5e:d0:58:76:a9:42:
         82:95:d3:03:9f:20:b3:5f:d7:84:22:1e:5b:8f:a0:d6:6b:7d:
         87:e5:ec:56:ac:6f:95:b6:13:2f:4f:fa:f9:7c:b4:59:58:04:
         3a:e9:47:16:72:36:8f:e8:ea:f1:a4:27:ab:8e:5b:2b:a9:54:
         5a:4a:fd:98:c1:46:0b:d2:89:d0:5c:e9:d6:c1:49:f8:67:7f:
         7f:62:33:16:a9:37:0f:d6:65:c5:fa:20:f2:13:d5:fb:f0:77:
         96:9f:f5:08
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUH5nKXnTK4EJh7LEFm0QSd8SsrIswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDI1MTcwMTEyWhcNMjUwNTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkYjkzNzQxZmM4OWZhZjYwNmJkYWM3YTJiMjRkZjEwN2Fl
NDc0ZjZjNDQyMTU1YmQ3NWYxYmM4ODA2YjUxNjFmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7L/Nwqj05+3SSCqsOKayQ3nxUgMcLVo0Q4Fj5aR49NrAp
0YbzhiN+v8gMFjM4L8QCqbF2pnBJSqEK1p95ls3YwgWs43NWOQ9Y5utPMheKIqGG
NNSbYE4RCbd0H8ws2W9ITIDEtfD2VZjeGhnXuPeudzozqoNKD3CCnWDV45ENdfkd
tl6D9UXXTVZ777QZMmTo9mRUJHtBgfADcny+ckVmZTiKIeIyp3KLEBQf0uqHclMY
nTZZQ64wtlR+v4NPYuwI3VxLu3eRDP7+tOw6r5wWRFLjJQGhjTGMX2WHTMeT14bG
NmEUmohAckfzi7ExGmQvCskAiXMC85ALPKSxzd6XAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUHQLzjwYLvXrn9Hd0xzJ3SCupp50wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2ZkODU4MmYyLTcxMWQtNDlmNS05MjA4LWNlNzZjNjQ2NmU3OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAI0XzgwDQYJKoZIhvcNAQELBQADggEBADlG8zT0jSNmwF3QDNmaFjWCXVDo
/L4H35Zgs2ZYjb2KpMktglT57r1noBzu/b0XeO9rsp1nQCzQ6cqxSZkiYnN2r69C
AfcHy4XeE2El9MAQOY/uz69SVRVtepQN8xHncjE7+QOaa4R/Gf2dZsnO7KCN8prP
5Cu60CClbcnzanfZ69jq0PmsEx0kONxMMr0k09xfyrGVZpNxdqMj7V7QWHapQoKV
0wOfILNf14QiHluPoNZrfYfl7Fasb5W2Ey9P+vl8tFlYBDrpRxZyNo/o6vGkJ6uO
WyupVFpK/ZjBRgvSidBc6dbBSfhnf39iMxapNw/WZcX6IPIT1fvwd5af9Qg=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:51:17 2025 by rpki-client