Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/01a4ba3f-879d-4446-9474-aa3c352a0fe7.roa
File:                     01a4ba3f-879d-4446-9474-aa3c352a0fe7.roa (raw, json)
Hash identifier:          uJOh20WSm5bwGGfj/5v5h+l9OzF+eCzlTwDLc8TsDQg=
Subject key identifier:   BD:05:AA:8B:B7:B9:D5:76:66:EB:4B:06:1F:F4:3E:AB:6F:14:9F:A6
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       74A49B4D25439D34FBE5EE0A38F6BFB549524C84
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/01a4ba3f-879d-4446-9474-aa3c352a0fe7.roa
Signing time:             Fri 19 Sep 2025 00:53:43 +0000
ROA not before:           Fri 19 Sep 2025 00:53:43 +0000
ROA not after:            Fri 24 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.124.153.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 21 Sep 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:a4:9b:4d:25:43:9d:34:fb:e5:ee:0a:38:f6:bf:b5:49:52:4c:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 19 00:53:43 2025 GMT
            Not After : Oct 24 23:59:59 2025 GMT
        Subject: serialNumber=cc510d14660f1f93c6c1ff85c1e83f007191e8467c71870cbde62e4dfa1024d0, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:b8:cf:88:13:78:f3:fd:a2:8e:e4:ad:7f:b7:
                    73:c4:46:cd:bf:12:e8:82:5c:40:ab:be:6d:48:3f:
                    53:4e:c1:bb:46:76:14:c2:f1:f0:65:e5:3c:69:5a:
                    8d:a7:da:e5:4f:56:d8:87:4f:32:5f:fb:b3:3e:99:
                    95:67:9e:34:6c:3f:87:7e:47:42:06:94:ac:9e:5e:
                    49:91:b2:a2:fa:b8:2e:c1:11:55:8c:f0:3f:32:a4:
                    bf:a8:d3:3b:0a:bc:2b:67:9e:22:ae:75:60:2c:d0:
                    5c:5e:de:23:b5:16:24:5c:99:97:2c:67:ff:90:18:
                    7c:57:4a:ec:9e:ab:de:5f:5d:97:e5:0e:ae:cf:16:
                    00:90:b8:f7:80:cd:b8:61:47:36:28:34:96:f2:24:
                    49:20:61:63:63:77:21:4f:04:4c:62:e2:a0:ed:5b:
                    15:dc:58:5a:eb:ba:57:41:d7:a0:89:3a:7b:85:55:
                    32:5f:53:ed:28:29:46:a2:0f:97:a4:a3:12:dd:81:
                    23:de:aa:97:44:cf:c6:dc:1b:a3:4c:4f:db:0a:7a:
                    13:ec:04:4a:a2:81:3c:ed:e6:76:d0:3f:d4:cf:52:
                    74:b8:80:1b:61:7e:9b:5c:5e:b1:cf:73:97:ed:56:
                    8b:f0:9b:79:15:58:ad:fc:e4:b2:fe:59:a9:72:d3:
                    2f:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:05:AA:8B:B7:B9:D5:76:66:EB:4B:06:1F:F4:3E:AB:6F:14:9F:A6
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/01a4ba3f-879d-4446-9474-aa3c352a0fe7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.124.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:9b:6a:5f:b9:b4:23:1a:ad:85:ab:4a:a4:32:dc:a1:66:df:
         be:53:51:30:a5:50:f0:03:4d:2f:79:cf:af:bf:1b:5a:4e:9b:
         48:13:ea:de:b2:4b:b2:cf:a2:bc:31:74:12:9f:45:8b:18:25:
         1e:4b:5b:18:38:39:a1:53:ac:d9:6c:d5:de:9c:f5:90:b4:8a:
         15:06:8d:ca:a7:a8:81:d9:8c:8c:98:15:56:3f:8c:31:3c:f9:
         f5:1b:aa:80:bc:6e:4f:41:d4:c1:98:dd:78:5f:95:34:42:91:
         36:16:c5:93:c0:8e:92:ef:ea:d0:99:4a:d8:e3:6f:43:a8:c0:
         9e:6c:74:45:e3:52:8e:b2:58:7a:08:72:ac:0c:28:c8:ad:4e:
         4c:47:91:ef:43:6b:d4:f3:a0:a3:af:bc:b6:a1:ac:59:4e:24:
         16:8f:6f:54:1b:dc:9a:8c:47:80:d5:c1:4c:5b:d3:00:bf:3c:
         a9:9d:d4:e8:42:7b:61:2e:2e:83:39:1e:69:31:35:69:62:ac:
         9b:f7:ee:3f:28:30:42:02:c6:f9:7b:75:9c:cd:89:7c:ce:c8:
         ad:d0:0d:72:42:72:e6:9f:2c:2d:59:38:fe:d8:f7:64:37:7f:
         f5:87:1d:a2:81:41:7b:c7:c5:51:1e:4c:5c:16:cd:e7:ae:12:
         81:41:8f:fa
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdKSbTSVDnTT75e4KOPa/tUlSTIQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTE5MDA1MzQzWhcNMjUxMDI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BjYzUxMGQxNDY2MGYxZjkzYzZjMWZmODVjMWU4M2YwMDcx
OTFlODQ2N2M3MTg3MGNiZGU2MmU0ZGZhMTAyNGQwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCduM+IE3jz/aKO5K1/t3PERs2/EuiCXECrvm1IP1NOwbtG
dhTC8fBl5TxpWo2n2uVPVtiHTzJf+7M+mZVnnjRsP4d+R0IGlKyeXkmRsqL6uC7B
EVWM8D8ypL+o0zsKvCtnniKudWAs0Fxe3iO1FiRcmZcsZ/+QGHxXSuyeq95fXZfl
Dq7PFgCQuPeAzbhhRzYoNJbyJEkgYWNjdyFPBExi4qDtWxXcWFrruldB16CJOnuF
VTJfU+0oKUaiD5ekoxLdgSPeqpdEz8bcG6NMT9sKehPsBEqigTzt5nbQP9TPUnS4
gBthfptcXrHPc5ftVovwm3kVWK385LL+Waly0y+RAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUvQWqi7e51XZm60sGH/Q+q28Un6YwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzAxYTRiYTNmLTg3OWQtNDQ0Ni05NDc0LWFhM2MzNTJhMGZlNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA0fJkwDQYJKoZIhvcNAQELBQADggEBAAObal+5tCMarYWrSqQy3KFm375T
UTClUPADTS95z6+/G1pOm0gT6t6yS7LPorwxdBKfRYsYJR5LWxg4OaFTrNls1d6c
9ZC0ihUGjcqnqIHZjIyYFVY/jDE8+fUbqoC8bk9B1MGY3XhflTRCkTYWxZPAjpLv
6tCZStjjb0OowJ5sdEXjUo6yWHoIcqwMKMitTkxHke9Da9TzoKOvvLahrFlOJBaP
b1Qb3JqMR4DVwUxb0wC/PKmd1OhCe2EuLoM5HmkxNWlirJv37j8oMEICxvl7dZzN
iXzOyK3QDXJCcuafLC1ZOP7Y92Q3f/WHHaKBQXvHxVEeTFwWzeeuEoFBj/o=
-----END CERTIFICATE-----
Generated at Fri Sep 19 04:35:10 2025 by rpki-client