Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2c91061a-ee80-4ba7-87d5-b68a7b08cc53.roa
File:                     2c91061a-ee80-4ba7-87d5-b68a7b08cc53.roa (raw, json)
Hash identifier:          rakFDfGhHW0Hg8yx3N2vJ4Jh2kLIx6scOvkkXKiMXE4=
Subject key identifier:   5E:7E:82:CF:3D:71:DC:E9:EE:2B:4D:53:CC:3E:CD:24:0C:28:7F:52
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0C90E3450B72CB3444D97FDBBFDDB4D9971FD5A4
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2c91061a-ee80-4ba7-87d5-b68a7b08cc53.roa
Signing time:             Fri 09 May 2025 15:30:15 +0000
ROA not before:           Fri 09 May 2025 15:30:15 +0000
ROA not after:            Fri 13 Jun 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        52.0.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 10 May 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:90:e3:45:0b:72:cb:34:44:d9:7f:db:bf:dd:b4:d9:97:1f:d5:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May  9 15:30:15 2025 GMT
            Not After : Jun 13 23:59:59 2025 GMT
        Subject: serialNumber=8a59b65c762ff742a4b3ed1f9c27325d02516d2e428f9d7a6f77f7fd70a2ba49, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:9a:dd:9b:1b:a7:8c:8a:06:f8:35:b2:02:0a:
                    28:b6:c0:2e:c3:cd:06:f7:2d:50:1b:07:2a:2e:b1:
                    05:95:0a:20:c3:c6:73:0f:a2:8c:61:6e:66:8c:9f:
                    2d:d6:46:32:13:31:c5:1d:d6:47:f0:f3:9f:70:41:
                    ef:58:8c:c6:be:f6:db:92:dd:c9:2a:6c:9c:dc:9a:
                    8b:3d:43:d1:a3:08:5a:e0:63:b2:58:75:1b:6d:d8:
                    78:9e:67:3c:bb:f7:0a:5f:34:c7:58:92:84:a4:61:
                    93:c9:ea:19:a6:a3:69:f3:36:c7:9f:5f:09:67:c9:
                    49:b3:c4:79:37:d6:25:5b:46:2b:dd:70:24:85:1d:
                    0a:a4:74:8a:57:af:33:f6:91:19:7d:cf:e4:73:32:
                    80:45:2b:63:be:e8:c7:d9:92:18:4e:8a:47:60:88:
                    72:e0:b3:3e:ae:64:5f:cc:b6:12:c5:33:51:1c:c2:
                    26:d3:95:2f:16:b3:13:d5:40:13:e8:f5:6f:3f:c1:
                    52:d5:04:cb:16:ab:77:10:db:42:f8:68:b5:30:81:
                    2d:ba:74:8e:ba:a0:c0:41:21:e8:8b:df:ce:3f:e8:
                    63:e8:7d:f6:32:7a:51:4b:a7:fe:e6:93:ae:7c:25:
                    24:15:3c:20:fb:5a:2f:c6:87:9f:ef:91:7c:fa:d0:
                    f3:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:7E:82:CF:3D:71:DC:E9:EE:2B:4D:53:CC:3E:CD:24:0C:28:7F:52
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2c91061a-ee80-4ba7-87d5-b68a7b08cc53.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.0.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         3e:df:a0:76:98:03:48:65:54:d8:27:c8:12:73:f3:7a:7b:2c:
         d9:3f:ed:3b:08:f7:0e:3c:99:35:ff:a1:bf:c6:13:60:b5:1d:
         ad:cf:f6:64:09:1a:a5:e0:58:3e:93:67:87:c2:be:a5:a6:b8:
         49:51:40:39:70:61:63:76:75:5a:e2:c3:23:48:c5:17:81:e2:
         30:96:00:69:2c:f2:0d:65:9e:19:97:b0:4d:b2:ba:9a:87:22:
         0f:43:dd:b1:c1:24:72:4d:fa:f3:55:6a:a4:aa:5d:42:ae:dd:
         2a:38:be:58:de:34:53:7f:d8:cb:4d:fe:0a:f3:b9:2e:a4:da:
         54:1a:d5:31:73:02:c5:0d:6c:7c:1c:9d:b2:5a:bb:03:0a:1a:
         06:6b:72:36:82:fe:c2:39:f3:94:66:11:4f:b8:82:b4:85:2f:
         8f:92:25:b8:a6:cc:ef:54:ee:85:10:f8:6e:69:12:8e:0d:8d:
         c8:dc:13:cd:a8:66:74:cb:de:0e:cf:d6:f1:83:b9:1f:6a:a8:
         8e:cb:cf:85:33:0a:58:ed:35:2b:4a:ba:ab:42:2d:17:15:08:
         c9:93:66:8b:5a:56:49:55:2a:e6:ff:80:53:1d:3d:13:5d:a4:
         c3:fd:ff:2d:d1:99:29:bf:1c:6b:1e:7e:4e:03:8a:c1:c4:d0:
         a6:ae:64:92
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUDJDjRQtyyzRE2X/bv9202Zcf1aQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNTA5MTUzMDE1WhcNMjUwNjEzMjM1OTU5
WjB6MUkwRwYDVQQFE0A4YTU5YjY1Yzc2MmZmNzQyYTRiM2VkMWY5YzI3MzI1ZDAy
NTE2ZDJlNDI4ZjlkN2E2Zjc3ZjdmZDcwYTJiYTQ5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBmt2bG6eMigb4NbICCii2wC7DzQb3LVAbByousQWVCiDD
xnMPooxhbmaMny3WRjITMcUd1kfw859wQe9YjMa+9tuS3ckqbJzcmos9Q9GjCFrg
Y7JYdRtt2HieZzy79wpfNMdYkoSkYZPJ6hmmo2nzNsefXwlnyUmzxHk31iVbRivd
cCSFHQqkdIpXrzP2kRl9z+RzMoBFK2O+6MfZkhhOikdgiHLgsz6uZF/MthLFM1Ec
wibTlS8WsxPVQBPo9W8/wVLVBMsWq3cQ20L4aLUwgS26dI66oMBBIeiL384/6GPo
ffYyelFLp/7mk658JSQVPCD7Wi/Gh5/vkXz60PM3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUXn6Czz1x3OnuK01TzD7NJAwof1IwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzJjOTEwNjFhLWVlODAtNGJhNy04N2Q1LWI2OGE3YjA4Y2M1My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwE0ADANBgkqhkiG9w0BAQsFAAOCAQEAPt+gdpgDSGVU2CfIEnPzenss2T/t
Owj3DjyZNf+hv8YTYLUdrc/2ZAkapeBYPpNnh8K+paa4SVFAOXBhY3Z1WuLDI0jF
F4HiMJYAaSzyDWWeGZewTbK6mociD0PdscEkck3681VqpKpdQq7dKji+WN40U3/Y
y03+CvO5LqTaVBrVMXMCxQ1sfBydslq7AwoaBmtyNoL+wjnzlGYRT7iCtIUvj5Il
uKbM71TuhRD4bmkSjg2NyNwTzahmdMveDs/W8YO5H2qojsvPhTMKWO01K0q6q0It
FxUIyZNmi1pWSVUq5v+AUx09E12kw/3/LdGZKb8cax5+TgOKwcTQpq5kkg==
-----END CERTIFICATE-----