Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0fb5e281-d545-4001-97fa-007bbac7fd98.roa
File:                     0fb5e281-d545-4001-97fa-007bbac7fd98.roa (raw, json)
Hash identifier:          1YTsxxmYcs4roQXctYL9SWYfnW8ya/Zxu8YAgfCjKuA=
Subject key identifier:   7C:A7:50:CD:4A:1A:53:6F:BB:7B:6B:BC:30:13:12:2B:F8:19:6B:FB
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       321DF31271ECD3625B76DC8DF8B2034E413A6E11
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0fb5e281-d545-4001-97fa-007bbac7fd98.roa
Signing time:             Tue 20 May 2025 16:40:52 +0000
ROA not before:           Tue 20 May 2025 16:40:52 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        152.25.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 07 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:1d:f3:12:71:ec:d3:62:5b:76:dc:8d:f8:b2:03:4e:41:3a:6e:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 20 16:40:52 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=3ed8dc5beab90139c53f1f1d423e094f2dcbde3e65449e0a994e094abfbf1a4f, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:6f:d5:da:05:22:5b:74:b3:34:b4:44:7d:36:
                    bc:07:c7:88:72:67:fd:8c:20:fe:28:da:a9:02:ef:
                    a1:42:36:af:4e:0c:57:99:ed:f1:36:0a:49:90:9d:
                    d8:ac:3c:e1:32:6c:85:2e:cf:20:5b:37:06:a6:75:
                    e8:15:8b:24:dd:78:6e:4a:aa:5b:d4:94:2e:9e:7f:
                    ca:a3:0d:19:30:78:3b:b7:7f:a3:71:3c:6e:e6:f3:
                    e4:6f:64:f2:0d:0a:89:21:e9:e6:74:ec:95:57:6e:
                    62:2e:af:60:ad:94:48:ce:ac:f0:63:b2:5e:b2:a6:
                    cc:f6:dd:3c:a7:45:f3:35:f9:a2:cf:6a:4d:9a:e4:
                    fa:03:e5:e7:61:c8:ca:fe:2a:2c:e7:c1:8c:ee:5f:
                    0f:2c:0b:aa:73:e4:47:9c:84:c1:59:fa:38:12:7e:
                    22:eb:0c:06:f9:3f:04:df:b4:5f:90:53:af:6d:d2:
                    e6:ef:1a:08:c8:06:90:34:62:6f:62:16:e1:70:44:
                    16:56:7e:a5:f0:0e:4c:ef:9c:34:b5:f3:2b:f7:79:
                    64:d6:05:b0:10:08:c6:89:15:0f:66:a3:14:42:df:
                    ee:e5:9f:0b:f7:b3:cd:16:fd:00:9b:a9:de:3b:a4:
                    d8:83:2f:ec:05:a8:86:62:5b:0f:c7:c4:a1:3e:80:
                    3f:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:A7:50:CD:4A:1A:53:6F:BB:7B:6B:BC:30:13:12:2B:F8:19:6B:FB
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0fb5e281-d545-4001-97fa-007bbac7fd98.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.25.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         ac:72:7b:ad:55:9c:c4:4e:6c:4d:15:e5:8a:5d:ef:2a:9d:ee:
         a2:88:0a:36:d3:f2:33:92:7f:67:52:aa:54:bf:02:6a:78:6d:
         1a:2b:77:9a:a7:cf:67:27:b0:04:b6:91:b0:fb:11:31:1a:d5:
         2f:d8:08:56:b2:3b:d7:f7:49:e5:0b:ba:eb:56:09:7b:6f:11:
         73:54:17:fb:09:6b:ca:45:fe:2d:41:e7:7e:d8:9f:e8:80:26:
         40:b8:05:5f:d8:93:e9:f5:f0:10:31:23:3b:b2:0c:ac:e2:33:
         04:1e:f5:64:ca:59:d3:5f:bb:bb:3f:2c:05:05:1e:6d:4c:72:
         71:fa:33:cd:2e:d4:5e:21:a2:d4:62:6b:dd:03:c8:1c:9c:42:
         d3:11:ab:bd:d7:bc:8d:d2:36:ff:14:3d:36:35:6f:c4:10:2f:
         c4:55:13:b4:f2:c2:6e:3e:c5:c1:e9:f6:6f:65:ea:b5:c1:98:
         83:d6:22:45:08:63:fb:31:9e:a4:24:91:86:e7:21:8e:cd:d8:
         60:9a:d9:b3:c6:d4:b8:4c:f1:c5:c6:08:bb:ee:14:9a:a3:83:
         d0:35:90:29:ed:66:f5:da:65:6f:a6:09:cc:87:6f:ae:6f:9f:
         25:e4:b6:aa:2f:19:2a:d0:88:81:d6:da:f4:75:1f:28:c2:5b:
         5f:06:4b:e0
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUMh3zEnHs02JbdtyN+LIDTkE6bhEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNTIwMTY0MDUyWhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0AzZWQ4ZGM1YmVhYjkwMTM5YzUzZjFmMWQ0MjNlMDk0ZjJk
Y2JkZTNlNjU0NDllMGE5OTRlMDk0YWJmYmYxYTRmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1b9XaBSJbdLM0tER9NrwHx4hyZ/2MIP4o2qkC76FCNq9O
DFeZ7fE2CkmQndisPOEybIUuzyBbNwamdegViyTdeG5KqlvUlC6ef8qjDRkweDu3
f6NxPG7m8+RvZPINCokh6eZ07JVXbmIur2CtlEjOrPBjsl6ypsz23TynRfM1+aLP
ak2a5PoD5edhyMr+KiznwYzuXw8sC6pz5EechMFZ+jgSfiLrDAb5PwTftF+QU69t
0ubvGgjIBpA0Ym9iFuFwRBZWfqXwDkzvnDS18yv3eWTWBbAQCMaJFQ9moxRC3+7l
nwv3s80W/QCbqd47pNiDL+wFqIZiWw/HxKE+gD/HAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUfKdQzUoaU2+7e2u8MBMSK/gZa/swHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzBmYjVlMjgxLWQ1NDUtNDAwMS05N2ZhLTAwN2JiYWM3ZmQ5OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCYGTANBgkqhkiG9w0BAQsFAAOCAQEArHJ7rVWcxE5sTRXlil3vKp3uoogK
NtPyM5J/Z1KqVL8CanhtGit3mqfPZyewBLaRsPsRMRrVL9gIVrI71/dJ5Qu661YJ
e28Rc1QX+wlrykX+LUHnftif6IAmQLgFX9iT6fXwEDEjO7IMrOIzBB71ZMpZ01+7
uz8sBQUebUxycfozzS7UXiGi1GJr3QPIHJxC0xGrvde8jdI2/xQ9NjVvxBAvxFUT
tPLCbj7Fwen2b2XqtcGYg9YiRQhj+zGepCSRhuchjs3YYJrZs8bUuEzxxcYIu+4U
mqOD0DWQKe1m9dplb6YJzIdvrm+fJeS2qi8ZKtCIgdba9HUfKMJbXwZL4A==
-----END CERTIFICATE-----
Generated at Fri Jun 6 03:04:41 2025 by rpki-client