Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2aaae616-0457-40ae-9037-643180e0b128.roa
File:                     2aaae616-0457-40ae-9037-643180e0b128.roa (raw, json)
Hash identifier:          WQ8Xtq5Knhyn0V89SOC08qH6VpUD8kQoCScq+9Bkrk8=
Subject key identifier:   DF:3D:15:1B:B9:9B:BA:B8:AC:1E:89:9B:29:A3:FD:2B:FE:0E:CA:57
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       117D9A652239A4728CC3618EA6878DDDA51E3425
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2aaae616-0457-40ae-9037-643180e0b128.roa
Signing time:             Tue 01 Jul 2025 00:30:25 +0000
ROA not before:           Tue 01 Jul 2025 00:30:25 +0000
ROA not after:            Tue 05 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        15.230.248.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 03 Jul 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:7d:9a:65:22:39:a4:72:8c:c3:61:8e:a6:87:8d:dd:a5:1e:34:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul  1 00:30:25 2025 GMT
            Not After : Aug  5 23:59:59 2025 GMT
        Subject: serialNumber=14bf4aa22cdf38e522d51bf85307c194068b68c02d69eedaf4ed1799b5af5c7d, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:86:cf:a5:ab:0d:7e:1b:15:cf:49:b4:27:20:
                    24:d1:3e:5f:e4:9e:ea:8c:78:01:fb:9b:15:61:1e:
                    33:40:10:90:01:8a:56:fe:60:99:75:6a:a1:b2:ab:
                    0d:23:c2:17:ce:a5:e4:a1:bb:14:29:b0:56:9c:4e:
                    71:a4:06:b4:97:60:e9:d2:ad:5f:56:30:d9:16:af:
                    de:66:bd:24:6a:8e:eb:ce:62:87:3b:b8:45:d9:2a:
                    70:78:cd:ae:b1:f1:9f:9d:6d:a2:ba:a5:a3:54:e1:
                    03:07:b2:18:30:27:07:4b:ce:e2:f4:de:d8:f9:13:
                    d6:28:bf:f2:84:6e:ef:ca:f7:b1:ea:41:da:b7:c1:
                    8e:63:b4:dc:48:bf:45:c7:0f:cf:aa:0e:cf:8d:3c:
                    ce:c3:8e:da:9a:c8:d1:be:a9:7e:6f:2d:bb:78:38:
                    23:c2:a0:10:28:e0:92:99:19:6f:e2:33:a6:06:d0:
                    f9:40:b2:1b:68:d2:50:d3:01:72:9d:e4:58:6f:cb:
                    43:c1:d7:a1:da:07:72:e9:b6:14:54:ea:9c:63:a9:
                    28:49:67:a4:a0:5f:05:ff:86:dc:7e:a9:65:57:4d:
                    1d:0e:57:02:f2:8e:7c:6a:14:f7:3c:16:11:f3:93:
                    df:79:ff:72:38:56:b2:87:fb:d2:fc:f1:9e:f3:c4:
                    85:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:3D:15:1B:B9:9B:BA:B8:AC:1E:89:9B:29:A3:FD:2B:FE:0E:CA:57
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2aaae616-0457-40ae-9037-643180e0b128.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.230.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:dd:83:2c:49:50:bb:c2:22:81:f4:93:13:4a:cc:36:81:53:
         e3:5d:0f:65:3c:fd:29:9e:9e:73:0e:67:a3:dd:50:d7:da:38:
         93:63:d9:e4:0c:6e:f5:3b:b2:1b:05:c3:68:af:a9:c8:f9:30:
         9c:b6:a1:e5:16:5c:9e:f3:6e:38:ef:59:a6:75:32:42:c8:86:
         ba:1b:5c:83:19:56:b9:35:6e:2a:53:e6:9c:dd:3f:56:10:6a:
         96:07:7f:b8:eb:62:71:7b:4f:8b:4b:b0:6e:72:44:bb:b1:95:
         f5:2b:06:82:cf:94:78:29:51:87:05:73:61:fd:84:cc:5b:62:
         a2:d1:17:bb:69:32:7e:19:6d:19:fd:ba:e7:a7:b6:28:00:37:
         0e:56:3e:60:6c:f4:24:33:38:fc:37:02:82:40:26:da:1d:98:
         b4:e8:9c:6f:5b:63:10:7d:15:a5:d3:88:13:6f:22:d7:1c:dc:
         5c:0d:a3:eb:12:a8:20:d3:61:0c:f9:15:1a:78:3c:c4:b2:a6:
         89:cd:68:76:cf:54:fd:9e:32:8d:eb:97:53:f3:e2:ef:5f:82:
         da:11:4d:19:fc:13:47:0f:3b:8b:d8:a9:df:8e:a4:fc:f5:6c:
         84:3e:97:dc:a4:1e:4c:c8:42:c8:4f:d1:de:e8:b6:2a:ab:4c:
         27:f5:9b:13
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEX2aZSI5pHKMw2GOpoeN3aUeNCUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzAxMDAzMDI1WhcNMjUwODA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AxNGJmNGFhMjJjZGYzOGU1MjJkNTFiZjg1MzA3YzE5NDA2
OGI2OGMwMmQ2OWVlZGFmNGVkMTc5OWI1YWY1YzdkMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDbhs+lqw1+GxXPSbQnICTRPl/knuqMeAH7mxVhHjNAEJAB
ilb+YJl1aqGyqw0jwhfOpeShuxQpsFacTnGkBrSXYOnSrV9WMNkWr95mvSRqjuvO
Yoc7uEXZKnB4za6x8Z+dbaK6paNU4QMHshgwJwdLzuL03tj5E9Yov/KEbu/K97Hq
Qdq3wY5jtNxIv0XHD8+qDs+NPM7DjtqayNG+qX5vLbt4OCPCoBAo4JKZGW/iM6YG
0PlAshto0lDTAXKd5Fhvy0PB16HaB3LpthRU6pxjqShJZ6SgXwX/htx+qWVXTR0O
VwLyjnxqFPc8FhHzk995/3I4VrKH+9L88Z7zxIXJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3z0VG7mburisHombKaP9K/4OylcwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzJhYWFlNjE2LTA0NTctNDBhZS05MDM3LTY0MzE4MGUwYjEyOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAP5vgwDQYJKoZIhvcNAQELBQADggEBADTdgyxJULvCIoH0kxNKzDaBU+Nd
D2U8/SmennMOZ6PdUNfaOJNj2eQMbvU7shsFw2ivqcj5MJy2oeUWXJ7zbjjvWaZ1
MkLIhrobXIMZVrk1bipT5pzdP1YQapYHf7jrYnF7T4tLsG5yRLuxlfUrBoLPlHgp
UYcFc2H9hMxbYqLRF7tpMn4ZbRn9uuentigANw5WPmBs9CQzOPw3AoJAJtodmLTo
nG9bYxB9FaXTiBNvItcc3FwNo+sSqCDTYQz5FRp4PMSyponNaHbPVP2eMo3rl1Pz
4u9fgtoRTRn8E0cPO4vYqd+OpPz1bIQ+l9ykHkzIQshP0d7otiqrTCf1mxM=
-----END CERTIFICATE-----
Generated at Tue Jul 1 06:58:14 2025 by rpki-client