Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/503e4ea6-1eb7-413e-af4f-6643fc009258.roa
File:                     503e4ea6-1eb7-413e-af4f-6643fc009258.roa (raw, json)
Hash identifier:          Fs+HH7qh11Sj5jfDbdLZT1RetTIUoKu2oUVneCyZpv8=
Subject key identifier:   B9:41:C2:FA:DA:B0:4D:9D:34:5E:1B:55:7B:E6:E4:46:3C:D7:DA:C0
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       706D9D11431B5EAC4371E48934735ED9DB062F20
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/503e4ea6-1eb7-413e-af4f-6643fc009258.roa
Signing time:             Mon 31 Mar 2025 17:31:27 +0000
ROA not before:           Mon 31 Mar 2025 17:31:27 +0000
ROA not after:            Mon 05 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.46.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 20 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:6d:9d:11:43:1b:5e:ac:43:71:e4:89:34:73:5e:d9:db:06:2f:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar 31 17:31:27 2025 GMT
            Not After : May  5 23:59:59 2025 GMT
        Subject: serialNumber=e200bc150c110725f065c75171bc2a1170668839fa7aa78e5436422a05564b5e, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:51:78:48:2b:c4:16:2e:f6:56:be:35:b0:49:
                    f5:24:44:8f:a3:94:bb:c0:0b:05:3c:77:9e:71:ee:
                    07:3a:c9:8d:17:60:08:13:87:28:a9:85:e0:66:07:
                    76:b2:69:51:04:f4:c1:94:97:ee:55:4a:59:f8:32:
                    5a:a2:cc:b0:da:2b:26:f5:78:3f:5c:7d:2a:98:69:
                    83:58:ea:b5:ca:3f:c1:c0:ac:1f:5f:fe:06:44:ee:
                    3f:35:8f:a9:cf:fa:b4:f4:bb:ff:72:86:1f:ba:9b:
                    06:ba:c9:49:c6:4f:81:51:6e:08:63:b3:c9:1f:ef:
                    1e:7f:0b:d8:9d:ca:37:91:b6:86:f1:10:f9:0f:b1:
                    92:05:18:8d:d7:18:6b:81:42:7b:fd:53:e7:3e:1c:
                    bd:10:04:cc:e5:f0:d9:90:ce:48:8d:f3:55:8f:bb:
                    c5:a2:32:cb:99:34:fa:bb:30:a8:47:bb:61:f8:5e:
                    88:66:8d:a7:54:90:c8:a9:16:b7:1b:d2:68:47:47:
                    d2:6f:f4:7d:84:ee:f5:8a:bd:75:cf:4c:e5:d6:77:
                    d3:92:cc:13:a4:49:26:ce:8a:75:eb:e6:7e:c1:41:
                    03:3e:e3:c1:44:37:1e:e3:cc:2b:32:4b:61:bf:2e:
                    b2:94:8b:b8:a1:e2:76:ac:79:38:71:ca:47:aa:b9:
                    2b:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:41:C2:FA:DA:B0:4D:9D:34:5E:1B:55:7B:E6:E4:46:3C:D7:DA:C0
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/503e4ea6-1eb7-413e-af4f-6643fc009258.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.46.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         08:07:29:68:c7:af:9b:76:f3:8e:62:96:12:cf:ee:a8:5f:33:
         30:d4:64:f0:77:24:54:1c:1a:6b:2d:58:f4:3f:80:4c:a1:1c:
         18:af:90:c7:84:2e:22:25:b6:ba:f1:04:a7:cf:5d:f8:ea:99:
         11:97:99:42:3e:f7:1c:63:d0:f9:c2:ef:27:99:4e:be:87:64:
         1f:08:4f:56:3d:4c:66:d1:94:ea:ee:9d:af:92:4d:18:29:e8:
         2a:99:63:87:d7:8f:12:47:5b:c6:5a:03:9f:6d:d8:e5:44:85:
         89:e8:e6:6e:7d:5e:23:13:42:89:b3:9f:84:90:6b:1e:f2:dc:
         c6:79:d0:3f:80:64:5e:13:c3:88:fc:3c:f0:95:7f:5d:b2:6c:
         cb:5e:e9:9f:c2:de:fd:17:c4:a9:7a:fc:f1:9b:ba:a1:2f:cb:
         e7:85:c1:c0:54:61:b9:b3:c0:ee:3c:1a:2a:b7:75:96:e4:c6:
         e4:4c:4e:1b:7a:58:3a:b9:fe:15:1c:af:16:6b:4b:35:98:76:
         80:9f:50:0d:c6:72:dd:ab:9c:f4:d5:f8:5d:69:54:e3:4b:f2:
         f5:54:12:9c:dd:08:7e:44:be:d9:ce:e3:68:d6:8f:a5:aa:d7:
         29:7c:47:40:30:76:8c:37:59:c6:61:09:8c:7e:8e:54:2d:dc:
         fc:a2:5b:d9
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUcG2dEUMbXqxDceSJNHNe2dsGLyAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMzMxMTczMTI3WhcNMjUwNTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BlMjAwYmMxNTBjMTEwNzI1ZjA2NWM3NTE3MWJjMmExMTcw
NjY4ODM5ZmE3YWE3OGU1NDM2NDIyYTA1NTY0YjVlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLUXhIK8QWLvZWvjWwSfUkRI+jlLvACwU8d55x7gc6yY0X
YAgThyipheBmB3ayaVEE9MGUl+5VSln4MlqizLDaKyb1eD9cfSqYaYNY6rXKP8HA
rB9f/gZE7j81j6nP+rT0u/9yhh+6mwa6yUnGT4FRbghjs8kf7x5/C9idyjeRtobx
EPkPsZIFGI3XGGuBQnv9U+c+HL0QBMzl8NmQzkiN81WPu8WiMsuZNPq7MKhHu2H4
XohmjadUkMipFrcb0mhHR9Jv9H2E7vWKvXXPTOXWd9OSzBOkSSbOinXr5n7BQQM+
48FENx7jzCsyS2G/LrKUi7ih4naseThxykequSvJAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUuUHC+tqwTZ00XhtVe+bkRjzX2sAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzUwM2U0ZWE2LTFlYjctNDEzZS1hZjRmLTY2NDNmYzAwOTI1OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwASLjANBgkqhkiG9w0BAQsFAAOCAQEACAcpaMevm3bzjmKWEs/uqF8zMNRk
8HckVBwaay1Y9D+ATKEcGK+Qx4QuIiW2uvEEp89d+OqZEZeZQj73HGPQ+cLvJ5lO
vodkHwhPVj1MZtGU6u6dr5JNGCnoKpljh9ePEkdbxloDn23Y5USFiejmbn1eIxNC
ibOfhJBrHvLcxnnQP4BkXhPDiPw88JV/XbJsy17pn8Le/RfEqXr88Zu6oS/L54XB
wFRhubPA7jwaKrd1luTG5ExOG3pYOrn+FRyvFmtLNZh2gJ9QDcZy3auc9NX4XWlU
40vy9VQSnN0IfkS+2c7jaNaPparXKXxHQDB2jDdZxmEJjH6OVC3c/KJb2Q==
-----END CERTIFICATE-----
Generated at Fri Apr 18 16:59:40 2025 by rpki-client