Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/254b4192-a38e-41eb-a28b-d01a7ee37964.roa
File:                     254b4192-a38e-41eb-a28b-d01a7ee37964.roa (raw, json)
Hash identifier:          wCw2PZ8h7zPZmaNwDYCVbT9i4805bQfPUS4VvOIxiPc=
Subject key identifier:   F4:B6:04:22:5C:12:09:A5:4B:CB:D6:21:3F:B7:2D:22:FF:F9:D6:F3
Certificate issuer:       /CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
Certificate serial:       68C46FF41E60EA87EF91494C239945236F1FF590
Authority key identifier: 99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/254b4192-a38e-41eb-a28b-d01a7ee37964.roa
Signing time:             Mon 30 Jun 2025 15:40:15 +0000
ROA not before:           Mon 30 Jun 2025 15:40:15 +0000
ROA not after:            Mon 04 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2620:108:d000::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 05 Jul 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:c4:6f:f4:1e:60:ea:87:ef:91:49:4c:23:99:45:23:6f:1f:f5:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
        Validity
            Not Before: Jun 30 15:40:15 2025 GMT
            Not After : Aug  4 23:59:59 2025 GMT
        Subject: serialNumber=4d7967775e6856e28ba76254823d9f04e9fe35a25d84d654812d8e95716ab487, CN=0099a7ea-794a-4a28-b164-49547626eb11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:26:50:5d:ed:4d:83:78:bd:4d:83:2d:0d:7b:
                    81:ab:0a:88:3b:52:e7:62:0b:7c:b7:54:77:de:d7:
                    ca:99:59:50:a3:88:a8:30:a5:b7:64:19:b2:14:53:
                    37:f9:39:18:fc:ab:21:b5:13:6c:3a:a6:ca:86:7b:
                    ce:5f:7b:ba:18:de:cf:46:3e:fe:d9:65:1d:e7:2e:
                    cc:67:ea:3e:4b:3f:27:12:88:b3:c9:36:44:2a:91:
                    e8:e6:3c:59:12:f7:27:30:21:87:8d:dd:d5:8f:be:
                    d6:23:be:f7:88:26:f6:d2:68:54:3f:52:ca:e0:98:
                    a4:1c:2e:a4:5f:b4:de:be:5c:f2:cc:12:3b:c7:2a:
                    d0:0b:78:63:bf:72:82:0b:46:44:e3:9d:1f:a4:1d:
                    ed:cc:29:f2:ab:01:06:48:65:c8:9f:63:ca:d1:8b:
                    bf:51:f4:fa:d6:8d:71:3b:18:f1:eb:5b:54:aa:ba:
                    57:31:a7:6a:98:aa:4d:1e:d8:fc:98:c6:56:25:1e:
                    cb:d2:c6:eb:d8:80:e6:c2:5f:e1:28:ec:32:fb:af:
                    f8:91:c3:45:69:ea:25:43:d1:b5:12:ec:f0:35:bc:
                    12:62:d2:15:2a:2f:af:f6:18:82:63:fb:18:88:60:
                    ca:9f:de:e5:41:cd:ec:a0:ad:84:2f:d5:d5:26:21:
                    8b:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:B6:04:22:5C:12:09:A5:4B:CB:D6:21:3F:B7:2D:22:FF:F9:D6:F3
            X509v3 Authority Key Identifier:
                keyid:99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/254b4192-a38e-41eb-a28b-d01a7ee37964.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:108:d000::/44

    Signature Algorithm: sha256WithRSAEncryption
         05:50:4c:89:ea:3e:54:e7:4a:da:fa:44:a3:76:6d:23:bb:80:
         f4:dc:43:be:f2:c4:a3:64:27:5a:c7:d1:7e:a9:44:d7:74:60:
         79:39:78:0e:f3:82:4f:87:94:7f:c3:32:12:63:1b:d2:5a:2c:
         34:fc:a5:ba:56:37:e9:2a:d7:aa:46:56:f2:54:8d:66:9a:dc:
         16:80:7e:5c:15:47:d6:cd:ba:b7:7b:8f:50:03:bb:99:3a:a3:
         80:83:e1:8b:d9:ad:59:d9:d4:62:61:7e:05:45:ee:c8:37:29:
         d5:09:71:6a:cf:3f:4f:4c:c6:95:67:88:e1:b0:57:fe:af:b4:
         d3:b4:db:e3:b0:b0:38:da:99:95:1c:f9:ec:68:7e:de:ce:85:
         9d:24:80:a0:67:59:93:5b:af:f7:2e:4a:69:c5:69:42:eb:90:
         07:13:bc:56:f2:69:ac:a9:44:0f:3d:d3:6a:72:61:9c:2f:d9:
         db:6e:f1:17:0d:13:31:20:82:4a:ef:a1:93:24:5e:0a:0a:13:
         70:81:6a:f3:ce:86:68:11:26:41:51:34:69:b6:7b:62:ab:7e:
         6a:ce:52:1c:ea:72:78:6d:b1:d1:03:b5:0c:db:3f:c3:8b:3e:
         e0:84:2c:ce:e0:72:36:fc:c2:f5:0f:6e:90:81:6f:ce:f2:96:
         2f:47:2a:50
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUaMRv9B5g6ofvkUlMI5lFI28f9ZAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzA1Njc2YzczM2ZkOGNjYWU1YmU2M2I5MmJkZGM5MGI3
YTViNzRlNjk0NDljMWViMDQwHhcNMjUwNjMwMTU0MDE1WhcNMjUwODA0MjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZDc5Njc3NzVlNjg1NmUyOGJhNzYyNTQ4MjNkOWYwNGU5
ZmUzNWEyNWQ4NGQ2NTQ4MTJkOGU5NTcxNmFiNDg3MS0wKwYDVQQDEyQwMDk5YTdl
YS03OTRhLTRhMjgtYjE2NC00OTU0NzYyNmViMTEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrJlBd7U2DeL1Ngy0Ne4GrCog7UudiC3y3VHfe18qZWVCj
iKgwpbdkGbIUUzf5ORj8qyG1E2w6psqGe85fe7oY3s9GPv7ZZR3nLsxn6j5LPycS
iLPJNkQqkejmPFkS9ycwIYeN3dWPvtYjvveIJvbSaFQ/UsrgmKQcLqRftN6+XPLM
EjvHKtALeGO/coILRkTjnR+kHe3MKfKrAQZIZcifY8rRi79R9PrWjXE7GPHrW1Sq
ulcxp2qYqk0e2PyYxlYlHsvSxuvYgObCX+Eo7DL7r/iRw0Vp6iVD0bUS7PA1vBJi
0hUqL6/2GIJj+xiIYMqf3uVBzeygrYQv1dUmIYsBAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU9LYEIlwSCaVLy9YhP7ctIv/51vMwHwYDVR0jBBgwFoAUmcNUTAjJlFS4
eZUe/6R6j2PIp3cwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi83N2I1NjQyOC05
YjUyLTQxNmYtYjI3OS1iYmFlMTQ0MjJkZTIvYzA1Njc2YzczM2ZkOGNjYWU1YmU2
M2I5MmJkZGM5MGI3YTViNzRlNjk0NDljMWViMDQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNDI1ODJjNjctZGQzZi00YmM1LWJhNjAtZTk3
ZTU1MmM2ZTM1LzI1NGI0MTkyLWEzOGUtNDFlYi1hMjhiLWQwMWE3ZWUzNzk2NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzQyNTgyYzY3LWRkM2YtNGJjNS1iYTYw
LWU5N2U1NTJjNmUzNS9fWXpLNWI1anVTdmR5UXQ2VzNUbWxFbkI2d1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmIAEI0AAwDQYJKoZIhvcNAQELBQADggEBAAVQTInqPlTnStr6RKN2bSO7
gPTcQ77yxKNkJ1rH0X6pRNd0YHk5eA7zgk+HlH/DMhJjG9JaLDT8pbpWN+kq16pG
VvJUjWaa3BaAflwVR9bNurd7j1ADu5k6o4CD4YvZrVnZ1GJhfgVF7sg3KdUJcWrP
P09MxpVniOGwV/6vtNO02+OwsDjamZUc+exoft7OhZ0kgKBnWZNbr/cuSmnFaULr
kAcTvFbyaaypRA8902pyYZwv2dtu8RcNEzEggkrvoZMkXgoKE3CBavPOhmgRJkFR
NGm2e2KrfmrOUhzqcnhtsdEDtQzbP8OLPuCELM7gcjb8wvUPbpCBb87yli9HKlA=
-----END CERTIFICATE-----
Generated at Thu Jul 3 00:43:16 2025 by rpki-client