Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6e607366-a5b9-469d-96bc-19db7f27a9fe.roa
File:                     6e607366-a5b9-469d-96bc-19db7f27a9fe.roa (raw, json)
Hash identifier:          0oKoQbW40nwUH8aK9V8s7lnKVv9oJrVYQL1Zk7qyg7M=
Subject key identifier:   37:C7:BF:38:93:A8:68:53:8C:B6:42:A3:C9:2F:CB:84:8D:F5:65:4F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       40268B3DAC2C7EF8E8F7EBBAC107253D3860CD8E
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6e607366-a5b9-469d-96bc-19db7f27a9fe.roa
Signing time:             Tue 05 Aug 2025 17:51:02 +0000
ROA not before:           Tue 05 Aug 2025 17:51:02 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.95.128.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 22 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:26:8b:3d:ac:2c:7e:f8:e8:f7:eb:ba:c1:07:25:3d:38:60:cd:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Aug  5 17:51:02 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=1c48961c161c7553f3566a0595228786d1a133f7442674fe745af0e55e9abeb4, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:00:47:50:c0:b5:3e:ad:44:cd:4c:9a:5e:fb:
                    b7:27:9c:57:d8:e7:b2:dc:89:bc:e2:1f:ea:00:7a:
                    ef:75:9a:be:f1:cc:35:d3:b2:ed:c0:e8:95:2b:4c:
                    ac:ac:4b:be:02:89:a5:9b:1c:de:2c:ed:8b:3a:49:
                    09:93:70:d1:da:22:43:b6:e2:eb:12:cf:bf:e6:c3:
                    bd:34:bf:7c:aa:bc:ab:f8:02:93:03:bb:cb:d6:9b:
                    64:b4:60:5f:73:7c:5d:03:59:0d:92:9a:7d:a2:c0:
                    04:48:3c:eb:81:ea:52:b0:67:b0:12:c0:6a:90:cb:
                    e3:fa:42:55:02:cd:43:c2:bf:4b:f9:5f:d4:65:08:
                    10:1d:b3:94:82:8f:de:86:d1:a6:22:40:51:21:5b:
                    72:d1:2d:bf:2b:cc:85:e6:d5:62:97:2c:16:58:0b:
                    c7:42:b4:e0:9c:d4:d3:2c:b4:57:28:49:a4:be:c3:
                    89:17:b6:99:52:90:5d:e9:58:c2:ca:16:b6:28:58:
                    50:84:23:91:68:d7:05:2f:2f:d1:a9:f1:61:54:40:
                    6f:7b:ac:78:a0:90:ce:b9:e6:71:c9:03:4a:cc:b2:
                    b9:e8:a3:11:de:e2:a1:23:99:1d:e6:fb:60:78:20:
                    92:9e:9f:1b:21:07:5c:21:3d:37:cf:51:6b:6b:77:
                    d7:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:C7:BF:38:93:A8:68:53:8C:B6:42:A3:C9:2F:CB:84:8D:F5:65:4F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6e607366-a5b9-469d-96bc-19db7f27a9fe.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.95.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         44:53:fa:24:cc:de:60:3c:80:9e:97:15:42:d9:03:36:1b:1b:
         ea:e3:61:30:63:81:dc:06:e4:7b:06:dd:78:97:31:e4:2a:90:
         5d:0a:ee:1a:d6:b8:53:5e:a6:2c:20:bf:6c:fb:8c:3e:db:68:
         f3:dc:4b:bf:95:91:42:5e:2c:62:30:56:c5:9e:42:14:f2:91:
         3f:4b:c0:da:2b:5e:f9:95:77:c7:f3:1a:df:c1:67:9e:6d:9c:
         db:e9:ae:ec:5d:15:c9:fc:68:ee:4c:98:d4:f1:7b:da:5e:af:
         37:65:ac:61:83:5c:9c:96:27:85:2b:1c:da:0c:ef:9a:2c:c3:
         69:5b:1f:f0:d9:a5:4d:e2:24:af:42:79:0b:95:9e:43:fc:25:
         51:32:4c:d8:c3:c7:ac:bb:22:93:32:85:f3:cd:2e:06:ab:bc:
         50:5a:98:e1:67:10:ad:5c:56:87:5d:a5:08:8e:23:0c:ff:bc:
         75:d8:df:30:f6:38:5e:ec:7d:ee:cd:42:5d:80:fe:5b:85:84:
         0f:91:e8:f1:3d:86:5f:d0:59:4e:56:ad:2f:25:7e:36:5c:a0:
         78:55:e8:cb:3c:dc:8d:f5:ce:f0:61:7c:a7:c8:5b:bf:32:67:
         b0:87:a8:6a:ae:8c:9a:8a:16:cd:72:11:5c:cc:65:c1:58:75:
         71:4d:e4:e2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQCaLPawsfvjo9+u6wQclPThgzY4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwODA1MTc1MTAyWhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYzQ4OTYxYzE2MWM3NTUzZjM1NjZhMDU5NTIyODc4NmQx
YTEzM2Y3NDQyNjc0ZmU3NDVhZjBlNTVlOWFiZWI0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDSAEdQwLU+rUTNTJpe+7cnnFfY57LcibziH+oAeu91mr7x
zDXTsu3A6JUrTKysS74CiaWbHN4s7Ys6SQmTcNHaIkO24usSz7/mw700v3yqvKv4
ApMDu8vWm2S0YF9zfF0DWQ2Smn2iwARIPOuB6lKwZ7ASwGqQy+P6QlUCzUPCv0v5
X9RlCBAds5SCj96G0aYiQFEhW3LRLb8rzIXm1WKXLBZYC8dCtOCc1NMstFcoSaS+
w4kXtplSkF3pWMLKFrYoWFCEI5Fo1wUvL9Gp8WFUQG97rHigkM655nHJA0rMsrno
oxHe4qEjmR3m+2B4IJKenxshB1whPTfPUWtrd9eBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUN8e/OJOoaFOMtkKjyS/LhI31ZU8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzZlNjA3MzY2LWE1YjktNDY5ZC05NmJjLTE5ZGI3ZjI3YTlmZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAc2X4AwDQYJKoZIhvcNAQELBQADggEBAERT+iTM3mA8gJ6XFULZAzYbG+rj
YTBjgdwG5HsG3XiXMeQqkF0K7hrWuFNepiwgv2z7jD7baPPcS7+VkUJeLGIwVsWe
QhTykT9LwNorXvmVd8fzGt/BZ55tnNvpruxdFcn8aO5MmNTxe9perzdlrGGDXJyW
J4UrHNoM75osw2lbH/DZpU3iJK9CeQuVnkP8JVEyTNjDx6y7IpMyhfPNLgarvFBa
mOFnEK1cVoddpQiOIwz/vHXY3zD2OF7sfe7NQl2A/luFhA+R6PE9hl/QWU5WrS8l
fjZcoHhV6Ms83I31zvBhfKfIW78yZ7CHqGqujJqKFs1yEVzMZcFYdXFN5OI=
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:41:03 2025 by rpki-client