Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fddc965c-ee70-48d4-a6d9-cd980d11b34c.roa
File:                     fddc965c-ee70-48d4-a6d9-cd980d11b34c.roa (raw, json)
Hash identifier:          okiZxSjmLDKF9qWNTvFTXYZ7lO4ZCdjqqjQZ5HimIYo=
Subject key identifier:   E2:BE:C6:11:7F:2D:EF:3D:30:2E:3A:97:F4:AE:5D:B2:7F:0A:9F:9E
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5DDABD4C1BFB3E6C24E579698ED364E5E9AF284A
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fddc965c-ee70-48d4-a6d9-cd980d11b34c.roa
Signing time:             Mon 09 Jun 2025 16:01:41 +0000
ROA not before:           Mon 09 Jun 2025 16:01:41 +0000
ROA not after:            Mon 14 Jul 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        54.144.64.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 17 Jun 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:da:bd:4c:1b:fb:3e:6c:24:e5:79:69:8e:d3:64:e5:e9:af:28:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun  9 16:01:41 2025 GMT
            Not After : Jul 14 23:59:59 2025 GMT
        Subject: serialNumber=240ac4d5c98de0ba0061185c612c8e26a595de3709549339819cf2447790c1f1, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:75:ed:ed:dc:7b:f9:21:ce:b2:13:ae:fb:ed:
                    de:23:4f:2d:c3:52:83:85:b1:37:1c:c4:0f:32:d9:
                    4e:ab:ae:10:0f:25:23:1e:9e:f1:fc:df:f9:5f:71:
                    03:d8:6b:5b:d1:94:8f:0d:96:a6:32:4d:f3:b9:d2:
                    a4:99:3c:d7:50:81:03:5d:a0:ff:89:18:da:4e:17:
                    2b:4b:43:0b:d7:cf:4b:85:ca:8e:69:96:16:10:60:
                    0b:12:03:3e:64:4b:75:c1:9e:c8:41:82:ea:9b:91:
                    43:04:51:8b:86:37:48:5f:18:41:60:dd:3b:5f:ce:
                    06:42:5a:4d:1b:65:15:5f:3e:26:bb:e9:ec:4a:26:
                    a2:8d:90:8e:78:61:62:8b:bb:27:98:27:c8:44:0a:
                    9b:99:b0:15:35:c2:4b:53:50:fc:14:93:f2:54:4f:
                    15:ea:b0:60:41:e0:ba:78:43:3d:6a:e7:25:22:1f:
                    d0:fd:53:e2:6a:cb:c5:52:02:b9:3e:ab:eb:a0:64:
                    98:ae:5f:40:0d:75:43:00:23:57:78:19:cc:a2:09:
                    1d:0d:24:a1:0d:e3:42:e7:1a:af:cb:ba:7b:e1:55:
                    57:58:be:bd:c3:d6:0d:8f:82:9e:50:37:ca:53:29:
                    c4:86:5a:7a:79:f4:b7:6f:ba:e6:f5:a0:0b:26:59:
                    9d:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:BE:C6:11:7F:2D:EF:3D:30:2E:3A:97:F4:AE:5D:B2:7F:0A:9F:9E
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fddc965c-ee70-48d4-a6d9-cd980d11b34c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.144.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         85:29:e1:2b:6d:ef:c6:da:09:f9:d4:97:7a:1e:2f:7c:9d:c6:
         7c:65:53:1d:28:7a:84:bc:60:1e:b6:ad:1c:b0:06:d5:d5:60:
         04:c2:9a:47:60:80:41:22:77:48:41:d6:18:4b:22:5a:6d:02:
         2b:83:1e:5e:2b:21:1e:bb:e2:b7:34:46:15:47:3c:1e:00:bb:
         51:ec:ca:e8:dc:0c:d6:55:b6:80:01:07:97:f1:0f:b9:f7:fe:
         eb:bd:e9:b1:0a:da:bc:cb:af:cd:e2:f2:99:0a:7c:58:61:33:
         75:44:57:37:88:2c:86:99:2a:e4:fa:50:e3:ec:4b:41:d9:10:
         eb:26:1a:74:66:15:90:00:f9:82:e8:e7:9c:52:fd:1c:26:3b:
         bd:9b:f4:7a:d0:66:c5:2d:d2:57:52:d3:ef:1f:e5:5e:d5:01:
         7d:7b:45:58:41:89:00:bc:d2:1b:37:9a:fd:0f:04:e6:e9:d6:
         a1:2b:31:b0:35:22:04:33:49:22:4d:2e:d0:b7:82:86:71:ec:
         9e:51:81:8e:3b:f3:dd:6f:3b:04:ff:df:f4:38:e5:db:98:2b:
         f4:c8:9c:6e:c4:70:bb:09:e4:fc:a2:ee:44:f8:ef:4b:15:a0:
         9d:7e:5b:31:22:9c:98:09:ea:45:8c:b8:a8:69:54:2e:da:6e:
         35:3d:4f:8c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXdq9TBv7Pmwk5XlpjtNk5emvKEowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNjA5MTYwMTQxWhcNMjUwNzE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNDBhYzRkNWM5OGRlMGJhMDA2MTE4NWM2MTJjOGUyNmE1
OTVkZTM3MDk1NDkzMzk4MTljZjI0NDc3OTBjMWYxMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyde3t3Hv5Ic6yE6777d4jTy3DUoOFsTccxA8y2U6rrhAP
JSMenvH83/lfcQPYa1vRlI8NlqYyTfO50qSZPNdQgQNdoP+JGNpOFytLQwvXz0uF
yo5plhYQYAsSAz5kS3XBnshBguqbkUMEUYuGN0hfGEFg3TtfzgZCWk0bZRVfPia7
6exKJqKNkI54YWKLuyeYJ8hECpuZsBU1wktTUPwUk/JUTxXqsGBB4Lp4Qz1q5yUi
H9D9U+Jqy8VSArk+q+ugZJiuX0ANdUMAI1d4GcyiCR0NJKEN40LnGq/LunvhVVdY
vr3D1g2Pgp5QN8pTKcSGWnp59Ldvuub1oAsmWZ2tAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4r7GEX8t7z0wLjqX9K5dsn8Kn54wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2ZkZGM5NjVjLWVlNzAtNDhkNC1hNmQ5LWNkOTgwZDExYjM0Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAY2kEAwDQYJKoZIhvcNAQELBQADggEBAIUp4Stt78baCfnUl3oeL3ydxnxl
Ux0oeoS8YB62rRywBtXVYATCmkdggEEid0hB1hhLIlptAiuDHl4rIR674rc0RhVH
PB4Au1HsyujcDNZVtoABB5fxD7n3/uu96bEK2rzLr83i8pkKfFhhM3VEVzeILIaZ
KuT6UOPsS0HZEOsmGnRmFZAA+YLo55xS/RwmO72b9HrQZsUt0ldS0+8f5V7VAX17
RVhBiQC80hs3mv0PBObp1qErMbA1IgQzSSJNLtC3goZx7J5RgY47891vOwT/3/Q4
5duYK/TInG7EcLsJ5Pyi7kT470sVoJ1+WzEinJgJ6kWMuKhpVC7abjU9T4w=
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:38:03 2025 by rpki-client