Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6c5331e1-7be3-4fa4-9602-afbd9f20b415.roa
File:                     6c5331e1-7be3-4fa4-9602-afbd9f20b415.roa (raw, json)
Hash identifier:          0/PguL6nxqcB/DnCXR5szXHD2YaJGQAVymbt0UCjVQs=
Subject key identifier:   7D:1A:1E:19:42:CE:C3:D9:63:0E:95:40:DF:1B:19:96:DE:70:58:2B
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       46BDA76DAC2DD395B105F8BE5AF34D1019EB2515
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6c5331e1-7be3-4fa4-9602-afbd9f20b415.roa
Signing time:             Mon 30 Jun 2025 16:10:11 +0000
ROA not before:           Mon 30 Jun 2025 16:10:11 +0000
ROA not after:            Mon 04 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.212.0.0/14 maxlen: 14
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 03 Jul 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:bd:a7:6d:ac:2d:d3:95:b1:05:f8:be:5a:f3:4d:10:19:eb:25:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun 30 16:10:11 2025 GMT
            Not After : Aug  4 23:59:59 2025 GMT
        Subject: serialNumber=11bc30a52866239b23daff059b0a7500a23f5e88030689d20f9a7cf4a79411ab, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:92:bf:16:62:12:6d:67:cb:3d:82:6e:11:68:
                    cd:df:c5:cf:a7:5d:1d:f1:15:3f:1b:49:3c:6f:65:
                    49:ca:b0:d6:3b:dc:26:aa:24:c2:68:01:f5:7b:18:
                    4b:a9:b6:8e:46:92:5b:03:5f:12:2b:f0:f8:d7:2a:
                    50:d6:fa:e9:0c:c9:f4:69:b9:c1:fb:d8:52:38:59:
                    52:64:b2:4a:c1:b0:4e:b5:ac:08:d5:d7:e1:28:44:
                    85:88:39:42:f5:08:91:79:99:93:a8:f0:cd:5f:63:
                    42:7f:d4:a2:ab:ba:05:90:b4:9b:a1:b3:63:a3:35:
                    4e:18:78:ee:f5:e1:74:c2:e6:b2:fd:eb:36:05:1d:
                    29:7d:71:80:7b:b3:82:ec:1f:58:1a:6f:55:24:d4:
                    5d:33:c0:e6:0f:ff:67:34:cb:b2:55:51:49:4b:c6:
                    28:6c:65:f3:75:64:2a:4f:12:18:31:b7:66:27:20:
                    a8:26:aa:83:5e:84:eb:f3:87:3f:92:d0:41:6a:9d:
                    c1:31:40:dc:57:5b:1c:50:ac:c1:cb:3c:34:f2:71:
                    9a:23:26:a2:52:c3:15:2b:d2:10:06:fc:b8:f1:16:
                    26:37:33:37:18:de:a7:24:5e:17:67:4d:32:8b:94:
                    68:2c:7d:fa:29:ad:d2:d4:7c:36:72:31:ce:cf:2c:
                    79:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:1A:1E:19:42:CE:C3:D9:63:0E:95:40:DF:1B:19:96:DE:70:58:2B
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6c5331e1-7be3-4fa4-9602-afbd9f20b415.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.212.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         3c:12:d4:8a:aa:25:cd:41:68:9c:d7:60:56:8b:40:b3:f0:aa:
         85:12:38:0a:e8:78:6e:b0:bc:7e:a5:ca:f8:aa:ac:61:eb:79:
         92:b3:32:48:58:2a:bd:b9:1d:7c:a4:4f:1a:6c:84:e4:9d:78:
         ef:5b:2a:84:8d:de:ef:1a:98:c1:48:fe:5e:a2:45:ab:62:cd:
         0b:86:e0:35:bf:b8:bc:a1:51:1c:51:94:2e:71:f0:e7:d4:7c:
         c0:70:78:54:a2:f9:ef:e8:0b:db:89:ca:23:1d:93:ea:1b:9f:
         1f:b2:08:24:47:fd:e0:37:18:f5:eb:e4:1d:0c:ae:c0:43:c8:
         3c:a6:4c:8a:f0:61:61:e9:c2:f1:52:e2:89:28:6b:fe:ca:d9:
         b5:f5:02:87:32:cc:97:20:cb:5e:41:41:75:5e:0b:68:ec:90:
         1d:35:30:50:22:7c:6d:aa:07:40:64:3b:23:36:79:c5:a5:67:
         fb:bb:da:2a:68:98:30:33:94:66:ef:d3:5b:e3:f5:7f:08:58:
         cd:aa:60:58:ab:b2:9f:26:ae:68:28:71:4d:f5:43:3d:7b:e0:
         37:0a:8d:a0:74:74:06:dc:56:ef:79:97:94:fd:9d:70:0b:b6:
         c3:84:ec:0a:01:4b:cf:35:25:55:37:7d:2e:da:47:0c:1b:6a:
         dd:fe:9c:3e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIURr2nbawt05WxBfi+WvNNEBnrJRUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNjMwMTYxMDExWhcNMjUwODA0MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMWJjMzBhNTI4NjYyMzliMjNkYWZmMDU5YjBhNzUwMGEy
M2Y1ZTg4MDMwNjg5ZDIwZjlhN2NmNGE3OTQxMWFiMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClkr8WYhJtZ8s9gm4RaM3fxc+nXR3xFT8bSTxvZUnKsNY7
3CaqJMJoAfV7GEupto5GklsDXxIr8PjXKlDW+ukMyfRpucH72FI4WVJkskrBsE61
rAjV1+EoRIWIOUL1CJF5mZOo8M1fY0J/1KKrugWQtJuhs2OjNU4YeO714XTC5rL9
6zYFHSl9cYB7s4LsH1gab1Uk1F0zwOYP/2c0y7JVUUlLxihsZfN1ZCpPEhgxt2Yn
IKgmqoNehOvzhz+S0EFqncExQNxXWxxQrMHLPDTycZojJqJSwxUr0hAG/LjxFiY3
MzcY3qckXhdnTTKLlGgsffoprdLUfDZyMc7PLHnzAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUfRoeGULOw9ljDpVA3xsZlt5wWCswHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzZjNTMzMWUxLTdiZTMtNGZhNC05NjAyLWFmYmQ5ZjIwYjQxNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwIN1DANBgkqhkiG9w0BAQsFAAOCAQEAPBLUiqolzUFonNdgVotAs/CqhRI4
Cuh4brC8fqXK+KqsYet5krMySFgqvbkdfKRPGmyE5J1471sqhI3e7xqYwUj+XqJF
q2LNC4bgNb+4vKFRHFGULnHw59R8wHB4VKL57+gL24nKIx2T6hufH7IIJEf94DcY
9evkHQyuwEPIPKZMivBhYenC8VLiiShr/srZtfUChzLMlyDLXkFBdV4LaOyQHTUw
UCJ8baoHQGQ7IzZ5xaVn+7vaKmiYMDOUZu/TW+P1fwhYzapgWKuynyauaChxTfVD
PXvgNwqNoHR0BtxW73mXlP2dcAu2w4TsCgFLzzUlVTd9LtpHDBtq3f6cPg==
-----END CERTIFICATE-----
Generated at Mon Jun 30 23:05:19 2025 by rpki-client