Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/43fbd2ec-b4d4-47b6-a839-8141fcf26700.roa
File:                     43fbd2ec-b4d4-47b6-a839-8141fcf26700.roa (raw, json)
Hash identifier:          R70qq8Y4VfsAmD20b5al2l2bnmFvfSE4t1sg4lpgOzM=
Subject key identifier:   62:80:8C:EA:06:91:00:4C:B1:37:9B:E1:EB:4B:99:9E:A9:C4:EF:AA
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6B8591A7FA1D15E578D211BC11D7347B811D0E9D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/43fbd2ec-b4d4-47b6-a839-8141fcf26700.roa
Signing time:             Fri 31 Jan 2025 00:00:00 +0000
ROA not before:           Fri 31 Jan 2025 00:00:00 +0000
ROA not after:            Fri 07 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.253.0.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 07 Feb 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:85:91:a7:fa:1d:15:e5:78:d2:11:bc:11:d7:34:7b:81:1d:0e:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jan 31 00:00:00 2025 GMT
            Not After : Mar  7 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:da:f4:50:d7:2a:6d:52:e7:ab:39:4b:5b:46:
                    fa:33:03:95:94:ed:b7:93:a7:5e:0a:4a:20:28:2e:
                    4d:9a:c2:80:ca:ae:c6:3b:a2:a4:0f:89:44:4a:76:
                    bb:ec:9b:0e:b9:da:e4:c5:ba:08:1b:6c:0a:30:56:
                    92:b7:95:43:b7:b2:98:fd:5b:89:0e:b2:2a:34:09:
                    a4:f4:c2:46:b5:27:39:36:9a:c0:a0:3a:8e:92:1c:
                    7e:d2:68:46:21:60:55:0f:16:f6:83:2c:84:48:ad:
                    e7:b7:74:5c:65:40:0e:bb:37:dc:a4:ae:a7:a1:dd:
                    22:63:e6:5c:b5:a6:ff:af:7a:2f:56:d5:1a:17:c5:
                    1b:1c:5d:5c:c7:be:51:b3:ed:31:2c:30:2e:48:8e:
                    4b:20:a2:2c:21:60:eb:43:08:20:9a:35:ab:fd:c0:
                    f3:7c:b2:af:07:60:5c:27:ed:2b:29:f0:c5:02:b7:
                    c6:9e:6b:3d:ab:97:11:56:25:de:e0:a5:fd:37:a4:
                    8f:74:35:b2:34:a1:d8:31:93:83:af:85:77:0c:bb:
                    f1:d4:7a:0e:79:f7:9a:57:01:af:28:18:45:c4:89:
                    48:e4:66:70:1f:c5:1b:ce:e8:0b:72:99:4f:34:7b:
                    df:24:39:e1:af:91:e8:bb:e8:66:ed:db:f2:fe:66:
                    4b:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:80:8C:EA:06:91:00:4C:B1:37:9B:E1:EB:4B:99:9E:A9:C4:EF:AA
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/43fbd2ec-b4d4-47b6-a839-8141fcf26700.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.253.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         56:6e:43:d5:63:e4:a3:fa:89:bc:58:58:dd:3e:2d:2c:f6:ce:
         08:84:50:92:7d:22:ec:ac:7d:4b:a2:37:5e:8b:2a:f0:ca:bb:
         75:79:87:5e:37:b6:d2:c4:4d:26:a2:56:55:9f:ea:32:72:72:
         94:0f:c5:9e:ea:63:29:fd:6f:72:6c:d7:ba:fe:f2:2f:0e:f0:
         b0:d1:7c:4d:24:bc:21:6e:2f:a7:08:f1:5b:50:61:8b:c2:d4:
         b4:3a:5e:9e:96:2b:92:ed:c1:42:84:4d:52:d1:2b:0a:7c:4e:
         43:29:2e:d2:9f:82:82:05:2c:ef:8c:f1:78:8c:3f:7b:c2:af:
         dc:dd:b9:bd:6a:d0:63:36:82:1c:e6:64:dc:59:5f:2a:5e:72:
         ae:e1:6c:22:d9:1d:90:6e:1e:61:72:dd:72:be:08:8a:d3:14:
         b5:86:b9:68:4d:11:a9:15:3f:b7:8a:68:e3:8e:39:7a:4f:b7:
         c0:0e:d0:3f:e1:92:e9:a1:5a:e8:38:80:3c:23:6f:d0:d6:a3:
         59:e7:52:78:3e:35:f7:15:3e:96:ad:6f:52:c7:44:a1:7c:ac:
         20:51:de:12:aa:04:cd:a5:ff:42:5f:29:e6:2b:0e:3d:a3:f4:
         bf:99:2b:9e:81:1a:00:23:4e:3b:33:c2:e0:74:3b:97:a4:89:
         91:9e:45:f7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUa4WRp/odFeV40hG8Edc0e4EdDp0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMTMxMDAwMDAwWhcNMjUwMzA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMTViZDYxYWIyZWE4ZDEzMjEzNmM0Y2U2NDFiYmEwNDVk
YzE4YWZmMTQ0YWEyODc2ZTFhNzJkYjZlNDRhZjE1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDF2vRQ1yptUuerOUtbRvozA5WU7beTp14KSiAoLk2awoDK
rsY7oqQPiURKdrvsmw652uTFuggbbAowVpK3lUO3spj9W4kOsio0CaT0wka1Jzk2
msCgOo6SHH7SaEYhYFUPFvaDLIRIree3dFxlQA67N9ykrqeh3SJj5ly1pv+vei9W
1RoXxRscXVzHvlGz7TEsMC5IjksgoiwhYOtDCCCaNav9wPN8sq8HYFwn7Ssp8MUC
t8aeaz2rlxFWJd7gpf03pI90NbI0odgxk4OvhXcMu/HUeg5595pXAa8oGEXEiUjk
ZnAfxRvO6AtymU80e98kOeGvkei76Gbt2/L+ZksNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYoCM6gaRAEyxN5vh60uZnqnE76owHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzQzZmJkMmVjLWI0ZDQtNDdiNi1hODM5LTgxNDFmY2YyNjcwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAc2/QAwDQYJKoZIhvcNAQELBQADggEBAFZuQ9Vj5KP6ibxYWN0+LSz2zgiE
UJJ9IuysfUuiN16LKvDKu3V5h143ttLETSaiVlWf6jJycpQPxZ7qYyn9b3Js17r+
8i8O8LDRfE0kvCFuL6cI8VtQYYvC1LQ6Xp6WK5LtwUKETVLRKwp8TkMpLtKfgoIF
LO+M8XiMP3vCr9zdub1q0GM2ghzmZNxZXypecq7hbCLZHZBuHmFy3XK+CIrTFLWG
uWhNEakVP7eKaOOOOXpPt8AO0D/hkumhWug4gDwjb9DWo1nnUng+NfcVPpatb1LH
RKF8rCBR3hKqBM2l/0JfKeYrDj2j9L+ZK56BGgAjTjszwuB0O5ekiZGeRfc=
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:44:34 2025 by rpki-client