Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/33b30779-b2a5-475b-b004-99eb3c86d86d.roa
File:                     33b30779-b2a5-475b-b004-99eb3c86d86d.roa (raw, json)
Hash identifier:          nOLPepQh6YCAkWXJdS9ir0WVvxIZluxz4RNUGW9A77s=
Subject key identifier:   D0:C8:C0:A6:D8:FB:BF:25:84:CC:85:51:82:72:71:75:9B:8F:4F:28
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       274D35D9CA19B36394BD3985CE509E16CCFC24A8
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/33b30779-b2a5-475b-b004-99eb3c86d86d.roa
Signing time:             Fri 28 Mar 2025 17:51:39 +0000
ROA not before:           Fri 28 Mar 2025 17:51:39 +0000
ROA not after:            Fri 02 May 2025 23:59:59 +0000
asID:                     22394
IP address blocks:        155.146.80.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 06 Apr 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:4d:35:d9:ca:19:b3:63:94:bd:39:85:ce:50:9e:16:cc:fc:24:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar 28 17:51:39 2025 GMT
            Not After : May  2 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:d5:42:8e:85:43:c4:23:39:10:ea:06:04:ae:
                    d4:45:90:2b:46:cb:fe:40:bf:fd:a2:e7:9e:14:e3:
                    25:9a:36:ce:52:96:14:66:cf:2f:99:21:1b:f4:c0:
                    48:4b:b5:6f:97:1f:f4:2c:23:95:02:e9:fb:e9:19:
                    9e:a5:e0:eb:5d:56:68:7e:5e:90:f0:f2:9f:04:98:
                    81:26:a6:ae:03:98:44:85:01:4f:6e:51:d9:6c:82:
                    26:9d:92:a1:4b:00:fd:4f:ae:48:b0:04:b7:09:ee:
                    3e:f2:f1:6a:76:96:e9:ea:c7:5c:52:4a:d2:67:1e:
                    0e:fd:ad:6f:16:c1:1b:6c:1d:c9:81:02:9c:32:e1:
                    95:51:18:0d:23:09:2a:2d:87:c3:d2:51:88:7d:85:
                    7e:86:d1:07:d3:8b:ed:78:d8:c9:3b:ca:e5:74:f0:
                    c1:c5:fb:79:90:38:d4:de:b3:7a:7b:dc:83:1d:ea:
                    39:5b:95:36:0d:6f:2c:89:20:86:7f:0c:fa:1d:a0:
                    73:11:a0:da:42:1a:34:a1:83:cc:21:47:97:48:8c:
                    a5:d3:af:ea:a5:df:30:a1:c2:56:f9:03:ea:96:0a:
                    9b:68:52:65:1a:80:c7:d5:9f:2d:b4:90:2f:f7:1f:
                    22:71:0a:86:e4:23:61:4d:71:d9:89:f2:99:fe:3c:
                    b7:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:C8:C0:A6:D8:FB:BF:25:84:CC:85:51:82:72:71:75:9B:8F:4F:28
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/33b30779-b2a5-475b-b004-99eb3c86d86d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  155.146.80.0/20

    Signature Algorithm: sha256WithRSAEncryption
         45:16:a8:53:15:d9:47:e8:21:d6:84:e7:e9:19:91:f4:05:0f:
         4d:bd:67:cf:2c:a5:c9:05:7e:0b:9a:08:cf:88:52:ed:a6:80:
         c1:9a:8c:94:7a:17:59:dd:41:69:a4:5a:59:52:25:b5:7c:7f:
         bf:d0:76:e6:30:09:e5:fc:de:56:51:3b:fa:fb:6a:5f:16:21:
         bd:7b:ec:cd:19:bf:6d:df:3c:d5:ce:bd:9b:68:17:3d:55:ed:
         d1:b0:47:d4:f5:ef:9e:4c:e6:95:af:ee:cc:76:3c:8a:54:16:
         28:13:d1:bf:68:92:59:59:2e:bc:84:65:4f:6f:66:7a:3b:b1:
         2e:2f:a7:15:16:86:85:5f:ee:47:24:4e:81:d7:e9:80:0e:a8:
         3b:10:d0:85:43:b7:29:58:ea:7a:d3:fb:da:d9:81:0d:df:f0:
         6e:6b:f8:8f:4b:bf:44:f5:36:be:f6:43:1e:b3:1a:12:ae:e2:
         f4:8d:35:11:00:55:37:ac:bc:1b:af:0d:9f:5d:56:45:e1:83:
         d2:81:b1:bc:bc:48:97:8c:30:d4:d6:75:2e:46:e1:63:d7:32:
         86:e2:bf:16:66:8a:5b:cb:a3:b9:2c:4b:e0:86:ec:7e:65:9b:
         fd:21:7d:ed:48:d3:f2:8c:f4:07:2a:b7:bd:a0:24:2f:17:95:
         ad:24:54:13
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJ0012coZs2OUvTmFzlCeFsz8JKgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMzI4MTc1MTM5WhcNMjUwNTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BiYWY0YTVkYmI2YWY5MzY2MDA3ZjM2MWEyYTM4M2RlMTYx
NmFhZTIzMjcyOGVhM2VlZmY0M2JiZjUxZWMyOGM4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDh1UKOhUPEIzkQ6gYErtRFkCtGy/5Av/2i554U4yWaNs5S
lhRmzy+ZIRv0wEhLtW+XH/QsI5UC6fvpGZ6l4OtdVmh+XpDw8p8EmIEmpq4DmESF
AU9uUdlsgiadkqFLAP1PrkiwBLcJ7j7y8Wp2lunqx1xSStJnHg79rW8WwRtsHcmB
Apwy4ZVRGA0jCSoth8PSUYh9hX6G0QfTi+142Mk7yuV08MHF+3mQONTes3p73IMd
6jlblTYNbyyJIIZ/DPodoHMRoNpCGjShg8whR5dIjKXTr+ql3zChwlb5A+qWCpto
UmUagMfVny20kC/3HyJxCobkI2FNcdmJ8pn+PLd9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU0MjAptj7vyWEzIVRgnJxdZuPTygwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzMzYjMwNzc5LWIyYTUtNDc1Yi1iMDA0LTk5ZWIzYzg2ZDg2ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBASbklAwDQYJKoZIhvcNAQELBQADggEBAEUWqFMV2UfoIdaE5+kZkfQFD029
Z88spckFfguaCM+IUu2mgMGajJR6F1ndQWmkWllSJbV8f7/QduYwCeX83lZRO/r7
al8WIb177M0Zv23fPNXOvZtoFz1V7dGwR9T1755M5pWv7sx2PIpUFigT0b9okllZ
LryEZU9vZno7sS4vpxUWhoVf7kckToHX6YAOqDsQ0IVDtylY6nrT+9rZgQ3f8G5r
+I9Lv0T1Nr72Qx6zGhKu4vSNNREAVTesvBuvDZ9dVkXhg9KBsby8SJeMMNTWdS5G
4WPXMobivxZmilvLo7ksS+CG7H5lm/0hfe1I0/KM9Acqt72gJC8Xla0kVBM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:52:34 2025 by rpki-client