Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fe5fbc0d-10db-4668-a761-29fb1eff0f6e.roa
File:                     fe5fbc0d-10db-4668-a761-29fb1eff0f6e.roa (raw, json)
Hash identifier:          BSu2q7ADqsg+lKw7PQ9PH9tRNZMAFS2+HOU+42v17hA=
Subject key identifier:   FE:63:DA:BC:F8:12:3B:35:9D:D6:B8:8F:5A:B4:AF:84:FD:9F:48:CE
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2D3953C4C7DEBF67758941746F309AED2996586E
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fe5fbc0d-10db-4668-a761-29fb1eff0f6e.roa
Signing time:             Mon 14 Apr 2025 16:11:12 +0000
ROA not before:           Mon 14 Apr 2025 16:11:12 +0000
ROA not after:            Mon 19 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        34.255.128.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:39:53:c4:c7:de:bf:67:75:89:41:74:6f:30:9a:ed:29:96:58:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr 14 16:11:12 2025 GMT
            Not After : May 19 23:59:59 2025 GMT
        Subject: serialNumber=d16f2ac773998520938b06a6d6b54bc2e6cdd8aa4a51d81ce16d84b63653ecb7, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:6a:21:b4:6c:32:dc:69:85:22:92:cc:36:3e:
                    bf:7f:8e:98:a8:ff:2c:2a:51:ce:d2:7d:6f:78:95:
                    6f:7b:79:db:0d:83:11:b0:96:b9:52:db:59:e7:a5:
                    e3:f5:fc:08:58:c3:83:0d:f9:48:bf:39:60:0c:0c:
                    36:27:bf:03:c6:71:38:a6:99:f8:5c:02:29:86:21:
                    62:bc:d1:3b:92:54:e5:da:bf:c6:b4:b8:d3:af:9d:
                    4c:75:eb:9c:ec:4f:4a:3a:62:6a:44:66:3b:3f:e1:
                    75:ce:88:5f:5c:2e:1b:ae:7e:3a:a9:e0:a3:22:98:
                    68:f4:d9:da:e7:2b:c5:c8:0e:34:26:a0:29:ff:c5:
                    55:b9:fa:1f:ff:cc:aa:c8:c7:7f:59:1b:22:97:6b:
                    94:2e:91:2c:80:cd:8f:df:8b:03:76:08:05:ef:bb:
                    5d:da:2c:92:1a:91:72:62:3b:51:e0:8c:d4:73:83:
                    a5:9c:1a:b2:6d:33:56:64:9e:17:38:64:cd:7c:dd:
                    58:b6:05:0f:6d:51:88:44:2f:03:e6:05:bd:93:6d:
                    32:12:ae:a3:7f:73:08:7f:81:40:03:db:c9:fa:6e:
                    c2:dc:f2:63:bf:f1:05:92:88:ab:40:d8:a8:9d:80:
                    1b:cd:9e:45:b3:4f:95:24:b2:bd:88:1d:dc:18:a7:
                    24:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:63:DA:BC:F8:12:3B:35:9D:D6:B8:8F:5A:B4:AF:84:FD:9F:48:CE
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fe5fbc0d-10db-4668-a761-29fb1eff0f6e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  34.255.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         41:29:3d:9a:3e:4b:49:3c:86:24:d2:05:60:b5:ad:6b:f6:cf:
         da:30:61:59:cf:cc:14:5b:5d:1e:2f:cd:b3:b0:cd:25:eb:14:
         38:4d:06:83:3b:51:06:71:1c:f1:1d:58:b5:64:46:ea:81:ac:
         d8:be:67:d3:12:e5:6f:49:a0:85:2a:5b:59:e5:46:08:92:78:
         dc:b7:fc:2b:0d:d0:e7:ef:6b:1e:2e:a2:2c:d0:c4:04:4a:0b:
         cc:8b:22:9b:34:a0:e6:ed:3b:84:c8:79:53:50:c8:e8:90:cf:
         bc:c4:6e:27:2e:dc:94:a2:b1:8b:96:6d:2c:c2:52:3f:6c:b0:
         33:c3:20:70:17:3a:6a:46:6b:b7:b7:46:3f:28:01:3f:6b:ec:
         3d:71:d4:eb:46:0e:57:b8:c5:43:41:c3:9d:1e:09:af:a2:2d:
         d2:c1:c7:3f:17:77:97:5d:f0:0b:9c:7a:e6:8e:29:86:ea:aa:
         d1:57:fb:f8:1b:ed:dd:fd:54:65:fe:6d:21:3d:23:aa:20:74:
         1a:a4:2d:86:ea:9e:0d:7d:ce:9e:be:ff:19:00:c4:8b:4f:19:
         56:2c:84:a8:2f:96:cd:fd:5d:36:4b:6b:50:d8:77:08:a7:78:
         10:49:2a:d6:7a:80:51:25:60:f3:ab:c3:37:ce:41:ab:e7:df:
         b5:74:9b:68
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULTlTxMfev2d1iUF0bzCa7SmWWG4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDE0MTYxMTEyWhcNMjUwNTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BkMTZmMmFjNzczOTk4NTIwOTM4YjA2YTZkNmI1NGJjMmU2
Y2RkOGFhNGE1MWQ4MWNlMTZkODRiNjM2NTNlY2I3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLaiG0bDLcaYUiksw2Pr9/jpio/ywqUc7SfW94lW97edsN
gxGwlrlS21nnpeP1/AhYw4MN+Ui/OWAMDDYnvwPGcTimmfhcAimGIWK80TuSVOXa
v8a0uNOvnUx165zsT0o6YmpEZjs/4XXOiF9cLhuufjqp4KMimGj02drnK8XIDjQm
oCn/xVW5+h//zKrIx39ZGyKXa5QukSyAzY/fiwN2CAXvu13aLJIakXJiO1HgjNRz
g6WcGrJtM1Zknhc4ZM183Vi2BQ9tUYhELwPmBb2TbTISrqN/cwh/gUAD28n6bsLc
8mO/8QWSiKtA2KidgBvNnkWzT5Uksr2IHdwYpySzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU/mPavPgSOzWd1riPWrSvhP2fSM4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2ZlNWZiYzBkLTEwZGItNDY2OC1hNzYxLTI5ZmIxZWZmMGY2ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYi/4AwDQYJKoZIhvcNAQELBQADggEBAEEpPZo+S0k8hiTSBWC1rWv2z9ow
YVnPzBRbXR4vzbOwzSXrFDhNBoM7UQZxHPEdWLVkRuqBrNi+Z9MS5W9JoIUqW1nl
RgiSeNy3/CsN0Ofvax4uoizQxARKC8yLIps0oObtO4TIeVNQyOiQz7zEbicu3JSi
sYuWbSzCUj9ssDPDIHAXOmpGa7e3Rj8oAT9r7D1x1OtGDle4xUNBw50eCa+iLdLB
xz8Xd5dd8AuceuaOKYbqqtFX+/gb7d39VGX+bSE9I6ogdBqkLYbqng19zp6+/xkA
xItPGVYshKgvls39XTZLa1DYdwineBBJKtZ6gFElYPOrwzfOQavn37V0m2g=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:14 2025 by rpki-client