Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/717d8d60-b812-4321-a774-df7920ae17ef.roa
File:                     717d8d60-b812-4321-a774-df7920ae17ef.roa (raw, json)
Hash identifier:          qyuXbRVbH/r1bfX2oWgR5xLAegx4xg2cGRxT+bKFT/8=
Subject key identifier:   E2:AC:48:1E:14:E7:99:D6:F0:1A:C9:B9:40:47:5B:FA:18:65:8B:37
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       28E6A178D96EC1594352AF255BC756354B4578F4
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/717d8d60-b812-4321-a774-df7920ae17ef.roa
Signing time:             Fri 09 May 2025 15:50:04 +0000
ROA not before:           Fri 09 May 2025 15:50:04 +0000
ROA not after:            Fri 13 Jun 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        54.160.64.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 10 May 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:e6:a1:78:d9:6e:c1:59:43:52:af:25:5b:c7:56:35:4b:45:78:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May  9 15:50:04 2025 GMT
            Not After : Jun 13 23:59:59 2025 GMT
        Subject: serialNumber=8d41b8d8049efc2bc9dfa55c5dc9b77d5dbfd8a33029d602b13cd11c80a3dcc0, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:e4:43:f3:49:39:26:05:24:1b:b3:dc:b8:6f:
                    63:63:53:7d:6e:7d:2f:55:6b:dd:83:a3:d5:eb:7f:
                    62:4e:7a:da:d9:3b:1e:3c:3e:72:b5:4e:48:27:99:
                    a8:2d:9c:82:d8:5d:32:ef:61:4c:fe:cf:7a:cf:95:
                    69:cc:87:98:3a:d5:5c:aa:5b:a2:2d:66:d5:ff:dc:
                    57:64:6f:21:e5:f0:7a:4f:9a:0d:a2:99:5b:09:2f:
                    b0:d4:bf:8c:15:f5:a5:8d:f4:78:e8:3d:19:48:4b:
                    08:75:d2:a3:bd:1b:36:08:d6:cf:56:d3:08:96:02:
                    4e:71:66:ad:8f:08:37:9d:ca:2a:df:a6:c5:9d:92:
                    c5:ed:99:a7:fc:69:e1:d9:54:78:f4:97:9e:45:15:
                    87:c3:b7:51:5f:b7:63:40:3b:16:c2:44:60:eb:64:
                    d1:6f:89:ff:af:22:ef:40:11:c2:73:67:cf:f0:5c:
                    f3:4e:10:5c:1b:a9:19:0d:e5:c6:3f:f9:ca:fd:5b:
                    76:8a:2e:a6:88:0a:65:9e:8e:47:3d:bd:ee:e7:23:
                    d2:0e:0f:2f:c8:61:46:84:4b:be:f5:32:13:48:57:
                    8d:89:1a:79:ee:d7:47:97:b1:71:8e:cf:ac:5d:89:
                    f5:0b:99:cd:40:97:b0:fe:18:e2:24:c4:3a:9e:b4:
                    70:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:AC:48:1E:14:E7:99:D6:F0:1A:C9:B9:40:47:5B:FA:18:65:8B:37
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/717d8d60-b812-4321-a774-df7920ae17ef.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.160.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         72:40:a0:62:ee:39:01:4f:f8:d3:52:11:47:ab:d5:6b:8a:5a:
         c7:97:69:d0:48:22:b0:2c:d0:39:12:3f:68:67:9c:34:fd:4e:
         5a:9f:b9:c3:cc:04:8a:0d:b0:cd:4e:02:6c:d9:38:f7:b8:3c:
         94:37:dc:70:71:93:7b:a2:ab:65:9c:6a:09:34:9d:ee:07:2a:
         f0:7e:f8:42:3d:40:dd:f6:fc:aa:28:cd:31:b8:0f:1e:2f:0e:
         81:11:12:5d:f4:27:9f:51:a7:bb:01:e3:ce:32:04:f0:e1:fa:
         42:08:1c:55:a2:7f:55:91:76:2a:83:ce:47:51:02:48:40:20:
         e7:ca:7f:0f:0f:2c:da:e9:da:33:c6:7b:fd:c8:af:ba:8e:2d:
         93:de:45:54:90:2b:71:5d:e1:30:9d:5c:83:c8:ef:f8:35:89:
         d7:41:92:11:63:df:c7:e0:06:68:0a:de:52:83:92:8f:de:06:
         bc:06:fa:16:fc:90:2a:46:68:ce:41:42:29:d1:f9:47:58:5b:
         f6:26:dc:3a:85:bc:51:d8:7e:69:bb:67:eb:98:4f:98:c7:8d:
         19:7a:31:c9:6b:59:41:08:92:18:f4:6a:1d:95:f8:01:02:c1:
         d7:e3:5b:40:6a:82:c5:a4:3d:47:b1:7c:3e:b9:a7:c9:6d:f5:
         9a:20:fe:b2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKOaheNluwVlDUq8lW8dWNUtFePQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNTA5MTU1MDA0WhcNMjUwNjEzMjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZDQxYjhkODA0OWVmYzJiYzlkZmE1NWM1ZGM5Yjc3ZDVk
YmZkOGEzMzAyOWQ2MDJiMTNjZDExYzgwYTNkY2MwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDq5EPzSTkmBSQbs9y4b2NjU31ufS9Va92Do9Xrf2JOetrZ
Ox48PnK1TkgnmagtnILYXTLvYUz+z3rPlWnMh5g61VyqW6ItZtX/3FdkbyHl8HpP
mg2imVsJL7DUv4wV9aWN9HjoPRlISwh10qO9GzYI1s9W0wiWAk5xZq2PCDedyirf
psWdksXtmaf8aeHZVHj0l55FFYfDt1Fft2NAOxbCRGDrZNFvif+vIu9AEcJzZ8/w
XPNOEFwbqRkN5cY/+cr9W3aKLqaICmWejkc9ve7nI9IODy/IYUaES771MhNIV42J
Gnnu10eXsXGOz6xdifULmc1Al7D+GOIkxDqetHBZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4qxIHhTnmdbwGsm5QEdb+hhlizcwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzcxN2Q4ZDYwLWI4MTItNDMyMS1hNzc0LWRmNzkyMGFlMTdlZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAY2oEAwDQYJKoZIhvcNAQELBQADggEBAHJAoGLuOQFP+NNSEUer1WuKWseX
adBIIrAs0DkSP2hnnDT9TlqfucPMBIoNsM1OAmzZOPe4PJQ33HBxk3uiq2Wcagk0
ne4HKvB++EI9QN32/KoozTG4Dx4vDoEREl30J59Rp7sB484yBPDh+kIIHFWif1WR
diqDzkdRAkhAIOfKfw8PLNrp2jPGe/3Ir7qOLZPeRVSQK3Fd4TCdXIPI7/g1iddB
khFj38fgBmgK3lKDko/eBrwG+hb8kCpGaM5BQinR+UdYW/Ym3DqFvFHYfmm7Z+uY
T5jHjRl6MclrWUEIkhj0ah2V+AECwdfjW0BqgsWkPUexfD65p8lt9Zog/rI=
-----END CERTIFICATE-----
Generated at Fri May 9 18:25:22 2025 by rpki-client