Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/237bd3de-7f19-4b8f-ad74-663c04d89755.roa
File:                     237bd3de-7f19-4b8f-ad74-663c04d89755.roa (raw, json)
Hash identifier:          78vwcGiPJUmF+7T3gQOs8BSogkE4P/mXr0ZC9TysX4w=
Subject key identifier:   ED:B9:34:09:13:68:13:25:4F:00:16:D5:A5:E8:1A:C4:FA:22:EE:D6
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       158A6ABF447E187A9311D4A5B330E6A3C7FF8C8F
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/237bd3de-7f19-4b8f-ad74-663c04d89755.roa
Signing time:             Mon 30 Jun 2025 16:30:15 +0000
ROA not before:           Mon 30 Jun 2025 16:30:15 +0000
ROA not after:            Mon 04 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        35.178.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 03 Jul 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:8a:6a:bf:44:7e:18:7a:93:11:d4:a5:b3:30:e6:a3:c7:ff:8c:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun 30 16:30:15 2025 GMT
            Not After : Aug  4 23:59:59 2025 GMT
        Subject: serialNumber=f0074e5d33736d1e638b166acc854f9587acb252432635914ccde7490d22be23, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:59:8d:c0:a9:0f:82:13:b1:e2:5d:35:31:88:
                    1f:7b:a3:77:4c:7a:5d:dc:e2:c0:08:ea:45:a4:99:
                    06:e3:1a:11:b2:90:2c:7a:56:1f:67:b5:05:a7:e5:
                    00:80:44:44:f8:10:d3:97:42:c2:2a:4d:a8:8c:21:
                    1d:87:5d:16:6a:b4:48:47:21:fa:04:fe:3a:92:1d:
                    6c:e1:4d:96:59:fc:32:21:e6:26:3d:f7:80:c3:23:
                    5b:60:87:44:0d:d6:72:e9:e2:f2:cd:b4:19:1e:e5:
                    8c:00:7c:7b:c8:7f:38:1a:37:db:20:c9:3f:24:60:
                    c0:88:a3:98:8c:af:a8:61:92:8b:29:d0:02:27:49:
                    b6:f3:45:10:41:19:00:fd:48:7d:6e:af:61:2d:44:
                    43:56:36:05:08:cf:2d:bf:23:4e:f2:d9:03:17:3d:
                    0c:55:38:20:31:4a:f1:c3:dd:e5:49:4b:97:c7:f5:
                    73:50:ff:bd:78:07:33:f2:c4:9d:ff:2c:36:40:bf:
                    d9:01:27:97:42:98:05:84:df:ec:5a:f6:7e:7a:60:
                    c7:60:68:da:7d:6b:c0:9f:ef:15:69:81:90:ab:f5:
                    1a:0e:0f:a0:6e:fa:ad:7b:2c:f4:f3:ae:dd:36:e9:
                    ec:cc:bd:fe:69:cb:d7:2c:25:7c:b7:c0:6b:98:33:
                    9e:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:B9:34:09:13:68:13:25:4F:00:16:D5:A5:E8:1A:C4:FA:22:EE:D6
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/237bd3de-7f19-4b8f-ad74-663c04d89755.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.178.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         25:7c:1d:18:64:67:e5:1b:bd:c3:49:dc:ef:f8:ba:a9:61:4f:
         38:1b:dd:fd:c9:a6:7a:37:ea:2f:17:52:92:f9:e4:7f:a2:b1:
         43:f8:28:91:f0:c4:5c:30:53:e8:91:67:9c:71:3a:c6:53:b8:
         72:9c:4c:01:ba:58:d2:01:8d:6b:be:26:47:84:85:b5:e4:33:
         af:95:6f:59:5d:d1:1b:53:dd:75:47:03:8b:7a:03:1c:86:60:
         a2:d7:0c:2a:45:3b:6c:3d:a7:8c:03:ad:c7:4f:de:05:9f:9c:
         67:df:c7:36:24:e5:99:b9:61:61:47:3a:70:e1:a4:37:ee:0a:
         4c:10:93:9f:5c:01:e3:31:c7:99:50:28:38:29:f9:43:9f:4b:
         28:24:9e:b3:90:8c:d2:dd:21:56:40:91:c2:cb:ee:06:38:4b:
         8d:8f:d3:44:89:f6:9f:89:ba:c0:28:76:06:6c:22:95:ca:30:
         22:4f:e2:e4:50:16:9f:00:ae:b9:39:11:91:98:74:69:16:50:
         f5:82:28:08:08:0b:8f:2d:a1:2a:34:2d:4d:4e:53:5e:af:65:
         6c:b6:f8:e3:85:e1:c0:c6:e3:e6:46:ca:79:c6:e3:1d:ce:20:
         40:34:9f:82:b9:64:a2:dd:52:ec:dd:31:bf:d8:b9:c5:96:64:
         89:3e:0d:38
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUFYpqv0R+GHqTEdSlszDmo8f/jI8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNjMwMTYzMDE1WhcNMjUwODA0MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMDA3NGU1ZDMzNzM2ZDFlNjM4YjE2NmFjYzg1NGY5NTg3
YWNiMjUyNDMyNjM1OTE0Y2NkZTc0OTBkMjJiZTIzMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCYWY3AqQ+CE7HiXTUxiB97o3dMel3c4sAI6kWkmQbjGhGy
kCx6Vh9ntQWn5QCARET4ENOXQsIqTaiMIR2HXRZqtEhHIfoE/jqSHWzhTZZZ/DIh
5iY994DDI1tgh0QN1nLp4vLNtBke5YwAfHvIfzgaN9sgyT8kYMCIo5iMr6hhkosp
0AInSbbzRRBBGQD9SH1ur2EtRENWNgUIzy2/I07y2QMXPQxVOCAxSvHD3eVJS5fH
9XNQ/714BzPyxJ3/LDZAv9kBJ5dCmAWE3+xa9n56YMdgaNp9a8Cf7xVpgZCr9RoO
D6Bu+q17LPTzrt026ezMvf5py9csJXy3wGuYM579AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU7bk0CRNoEyVPABbVpegaxPoi7tYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzIzN2JkM2RlLTdmMTktNGI4Zi1hZDc0LTY2M2MwNGQ4OTc1NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEjsjANBgkqhkiG9w0BAQsFAAOCAQEAJXwdGGRn5Ru9w0nc7/i6qWFPOBvd
/cmmejfqLxdSkvnkf6KxQ/gokfDEXDBT6JFnnHE6xlO4cpxMAbpY0gGNa74mR4SF
teQzr5VvWV3RG1PddUcDi3oDHIZgotcMKkU7bD2njAOtx0/eBZ+cZ9/HNiTlmblh
YUc6cOGkN+4KTBCTn1wB4zHHmVAoOCn5Q59LKCSes5CM0t0hVkCRwsvuBjhLjY/T
RIn2n4m6wCh2BmwilcowIk/i5FAWnwCuuTkRkZh0aRZQ9YIoCAgLjy2hKjQtTU5T
Xq9lbLb444XhwMbj5kbKecbjHc4gQDSfgrlkot1S7N0xv9i5xZZkiT4NOA==
-----END CERTIFICATE-----
Generated at Mon Jun 30 23:23:48 2025 by rpki-client