Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/25bba307-7d0c-4072-9571-fcfab0c857b9.roa
File:                     25bba307-7d0c-4072-9571-fcfab0c857b9.roa (raw, json)
Hash identifier:          n/8dgo05lv8esJ9sYjXsBEUrsgtbqw8SVftcd3gei1U=
Subject key identifier:   E3:2D:8F:05:4A:7B:7D:11:ED:A4:1B:0E:B5:53:00:F5:7F:A6:02:A9
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       405C74C5BFAA44D22F5974DB92D4B94AB98E03
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/25bba307-7d0c-4072-9571-fcfab0c857b9.roa
Signing time:             Wed 20 Aug 2025 00:50:18 +0000
ROA not before:           Wed 20 Aug 2025 00:50:18 +0000
ROA not after:            Wed 24 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.56.0.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 22 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:5c:74:c5:bf:aa:44:d2:2f:59:74:db:92:d4:b9:4a:b9:8e:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Aug 20 00:50:18 2025 GMT
            Not After : Sep 24 23:59:59 2025 GMT
        Subject: serialNumber=b11fa7c16cd7338184ba274121ff11c42d9a5e815f03938b82e29b1efc8ba769, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:e0:37:38:34:42:1c:0a:46:0e:56:13:8b:ed:
                    4b:4b:6f:a4:5f:7a:af:bb:52:80:22:a7:5b:09:c4:
                    54:94:52:f1:35:56:18:82:7a:ec:35:c1:50:c3:2c:
                    e2:ac:94:af:98:9a:21:7f:7e:51:dc:97:82:de:a1:
                    76:a2:55:3a:68:56:79:7f:df:05:07:16:f7:8f:79:
                    6b:db:c0:5c:e8:25:34:4a:af:c8:4e:13:9f:42:14:
                    80:20:a5:7b:4c:f0:25:7c:13:06:5e:4f:4d:88:cd:
                    b7:59:6d:35:8f:eb:5e:7d:cd:31:0a:25:4c:c9:8e:
                    a3:9a:d3:c5:c7:3c:79:2a:73:67:3d:e3:3d:99:4c:
                    76:68:b7:a7:41:d5:7e:94:ba:61:fe:bf:84:bd:55:
                    c4:5b:ef:bd:37:1a:df:c8:85:6d:b6:91:66:55:e9:
                    74:43:1b:b1:89:cf:91:de:46:f1:9c:2b:60:ce:5d:
                    d5:96:24:0e:16:70:47:3b:9c:c4:45:9f:e2:5e:c9:
                    8a:00:78:3f:6f:55:e8:8c:ab:86:e4:4e:7d:a2:cf:
                    76:98:04:b4:b2:6e:bf:2a:8b:90:28:b0:e4:b0:39:
                    32:14:ca:44:df:0c:75:7e:6c:17:38:cf:ff:49:58:
                    c5:27:db:63:da:cf:b2:10:60:95:d3:17:7b:f4:4d:
                    f2:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:2D:8F:05:4A:7B:7D:11:ED:A4:1B:0E:B5:53:00:F5:7F:A6:02:A9
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/25bba307-7d0c-4072-9571-fcfab0c857b9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.56.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         ad:16:68:b0:8d:34:f2:85:7f:f8:33:a0:af:5e:5f:c7:19:33:
         69:9c:4e:23:97:c1:54:e9:1e:6e:a9:0b:3b:0f:28:c5:af:28:
         ce:4e:7a:c2:cc:d9:14:14:78:76:48:84:ad:c7:e2:06:f8:4c:
         e0:7e:c0:57:99:2d:ed:de:94:8e:fa:ea:b5:ab:1f:0d:e4:a9:
         01:8d:47:83:f6:d8:e8:1c:0e:49:df:30:c9:b7:d9:67:3d:5a:
         75:4e:d1:41:d9:e2:1e:c3:7e:8d:64:3e:f8:e4:19:89:2d:a6:
         e2:36:a8:e2:7a:58:f2:19:dd:87:1c:51:6a:fc:88:4e:c1:53:
         ab:95:60:d3:c6:81:6d:68:1b:7d:a7:01:8b:c0:2d:7f:e4:13:
         f2:59:46:8d:a6:36:c9:28:1c:ba:47:f7:f9:df:4e:0c:29:48:
         82:f6:a1:03:a8:0c:0f:c4:de:6b:83:6d:67:81:f7:c6:f8:10:
         0d:ec:6f:1f:2d:2c:ef:11:ff:f0:11:2e:35:89:0b:93:0c:2f:
         6b:93:fa:9c:e0:29:21:f9:23:03:09:69:98:aa:2a:9f:c7:c5:
         5a:05:e6:bb:e8:bf:7c:b7:69:3c:5f:90:03:0b:c1:67:58:17:
         d0:65:27:34:fc:7e:c6:d4:ab:70:ec:2a:b0:b0:a7:c9:c3:20:
         63:d3:25:9c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITQFx0xb+qRNIvWXTbktS5SrmOAzANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzJkZjZmM2IzYTM0YjYzODZkMWEzMmQ4ZjRmYTMxNzhlZjMx
ODg3ZDhiNDI4ZGZhYTQ3NjAeFw0yNTA4MjAwMDUwMThaFw0yNTA5MjQyMzU5NTla
MHoxSTBHBgNVBAUTQGIxMWZhN2MxNmNkNzMzODE4NGJhMjc0MTIxZmYxMWM0MmQ5
YTVlODE1ZjAzOTM4YjgyZTI5YjFlZmM4YmE3NjkxLTArBgNVBAMTJDVmMjc2MDQ1
LTViOWYtNDVlZi05MjNkLWYzZmNlMjRhNjIyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN7gNzg0QhwKRg5WE4vtS0tvpF96r7tSgCKnWwnEVJRS8TVW
GIJ67DXBUMMs4qyUr5iaIX9+UdyXgt6hdqJVOmhWeX/fBQcW9495a9vAXOglNEqv
yE4Tn0IUgCCle0zwJXwTBl5PTYjNt1ltNY/rXn3NMQolTMmOo5rTxcc8eSpzZz3j
PZlMdmi3p0HVfpS6Yf6/hL1VxFvvvTca38iFbbaRZlXpdEMbsYnPkd5G8ZwrYM5d
1ZYkDhZwRzucxEWf4l7JigB4P29V6IyrhuROfaLPdpgEtLJuvyqLkCiw5LA5MhTK
RN8MdX5sFzjP/0lYxSfbY9rPshBgldMXe/RN8jkCAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBTjLY8FSnt9Ee2kGw61UwD1f6YCqTAfBgNVHSMEGDAWgBQlrdNCsB63pY6t
GZAmiLVLP4H0uDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzg1MWNlZjE3LTEz
MmEtNDMzNy1iN2QxLWJmMTZhNTJmZmQwMy9kZjZmM2IzYTM0YjYzODZkMWEzMmQ4
ZjRmYTMxNzhlZjMxODg3ZDhiNDI4ZGZhYTQ3Ni5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9mNzAzNjk2ZS1lNDdiLTRjMjAtYmQ5My02Zjgw
OTA0ZTQyZDIvMjViYmEzMDctN2QwYy00MDcyLTk1NzEtZmNmYWIwYzg1N2I5LnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMt
NmY4MDkwNGU0MmQyL3RqaHRHakxZOVBveGVPOHhpSDJMUW8zNnBIWS5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBTQ4ADANBgkqhkiG9w0BAQsFAAOCAQEArRZosI008oV/+DOgr15fxxkzaZxO
I5fBVOkebqkLOw8oxa8ozk56wszZFBR4dkiErcfiBvhM4H7AV5kt7d6Ujvrqtasf
DeSpAY1Hg/bY6BwOSd8wybfZZz1adU7RQdniHsN+jWQ++OQZiS2m4jao4npY8hnd
hxxRavyITsFTq5Vg08aBbWgbfacBi8Atf+QT8llGjaY2ySgcukf3+d9ODClIgvah
A6gMD8Tea4NtZ4H3xvgQDexvHy0s7xH/8BEuNYkLkwwva5P6nOApIfkjAwlpmKoq
n8fFWgXmu+i/fLdpPF+QAwvBZ1gX0GUnNPx+xtSrcOwqsLCnycMgY9MlnA==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:40:29 2025 by rpki-client