Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c0ac0970-c567-46ea-8f8d-81e4b79a1b45.roa
File:                     c0ac0970-c567-46ea-8f8d-81e4b79a1b45.roa (raw, json)
Hash identifier:          FZpuy3Vus9EzDAuemCUA4NhLqqYJB0UpkhfJWK45dN4=
Subject key identifier:   08:5E:C1:DE:22:B5:9B:BF:7D:4E:64:95:9D:BA:E4:1C:9A:8D:14:8A
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       72F56498599F1669283B2E2DA1391C0640B448B7
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c0ac0970-c567-46ea-8f8d-81e4b79a1b45.roa
Signing time:             Fri 31 Jan 2025 00:00:00 +0000
ROA not before:           Fri 31 Jan 2025 00:00:00 +0000
ROA not after:            Fri 07 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.240.48.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 07 Feb 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:f5:64:98:59:9f:16:69:28:3b:2e:2d:a1:39:1c:06:40:b4:48:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jan 31 00:00:00 2025 GMT
            Not After : Mar  7 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:41:d9:20:17:59:c9:87:b9:d5:8a:53:2f:71:
                    06:98:8c:08:0d:15:94:a9:67:8b:9c:62:36:f4:d5:
                    90:c2:c1:4c:b8:1b:b0:22:e1:f4:23:c1:11:90:bd:
                    60:6a:33:be:16:e8:43:b2:97:86:aa:02:eb:d4:ff:
                    15:53:fc:bf:31:5a:2f:a0:94:f0:56:ee:98:8b:3c:
                    a6:24:06:94:37:6c:7d:9a:af:39:d3:fa:b7:65:47:
                    0b:ef:3b:0a:71:7b:e5:6a:1e:e2:7e:64:fd:21:9e:
                    ab:50:bf:ed:ef:1d:bf:7a:42:b1:8e:b3:7c:bf:db:
                    c2:5f:4c:82:fc:ce:b3:f1:87:37:c4:9f:c4:32:c7:
                    ff:5a:fd:d7:a4:d6:7a:c3:f6:cc:8d:18:69:81:52:
                    77:dc:4d:99:44:01:bb:5e:04:56:62:be:20:c5:44:
                    87:d7:8d:f6:81:3f:57:d1:75:58:f0:6a:bf:82:0a:
                    ab:d3:f1:5a:4b:73:92:0d:8c:e6:30:62:e9:fe:a3:
                    d0:91:af:eb:fd:a1:fa:0f:71:24:53:f3:45:43:43:
                    07:6f:03:d5:45:d1:e9:38:e5:9a:35:03:4e:c4:07:
                    fd:72:f3:9e:8b:78:9e:89:66:11:1d:4c:68:8f:90:
                    13:87:81:6e:d0:bd:82:ee:49:66:09:8f:ad:39:95:
                    25:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:5E:C1:DE:22:B5:9B:BF:7D:4E:64:95:9D:BA:E4:1C:9A:8D:14:8A
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c0ac0970-c567-46ea-8f8d-81e4b79a1b45.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.240.48.0/23

    Signature Algorithm: sha256WithRSAEncryption
         81:b2:cc:ef:d9:e7:38:26:1e:84:cb:fb:39:a1:2e:69:90:7c:
         8b:9a:7c:b1:8f:f6:f5:4d:1d:d7:11:a2:b4:40:96:34:0d:6b:
         cf:91:0f:9e:d6:a0:32:c6:6d:21:8b:4f:66:5a:81:99:d7:5a:
         1b:05:cd:f3:de:41:64:ec:04:98:69:96:3c:1d:d9:d4:04:dd:
         86:10:d6:ea:50:ba:39:4b:f6:f1:af:f0:2e:10:bb:b1:bf:9a:
         4d:0b:3f:71:4d:a6:83:db:a8:d1:8c:b7:73:5f:6f:72:44:6b:
         d7:d3:5d:de:c7:27:a2:e7:01:15:9d:b3:83:8d:61:ac:62:14:
         82:cd:16:50:22:8e:70:25:b1:77:10:74:89:63:d2:72:bd:56:
         e4:6c:4f:4a:5e:08:d1:46:4c:fc:83:1d:c3:6f:1c:87:b9:95:
         00:b5:57:82:56:39:e1:9b:aa:bb:6f:0c:a0:d4:63:d4:cb:07:
         52:af:94:41:36:36:a6:3e:d1:f7:35:91:6d:eb:31:6c:e7:2c:
         d8:06:b6:ff:50:d3:87:d2:1b:f2:9d:f2:86:00:0d:75:93:58:
         0f:29:31:25:20:85:37:15:50:60:f8:58:f1:14:56:10:63:3b:
         04:ab:90:4c:f2:cc:89:dc:88:b4:09:88:89:51:e2:63:79:53:
         fa:91:64:3d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcvVkmFmfFmkoOy4toTkcBkC0SLcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMTMxMDAwMDAwWhcNMjUwMzA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkMTZkMzYzZTE2MzlhMTk2NjU0ZjQzMjIyODJhNzZlZjA1
OThiYjBjZjY0NzYxMzE5YjRlNzNiOWU0NjBmODRjMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAQdkgF1nJh7nVilMvcQaYjAgNFZSpZ4ucYjb01ZDCwUy4
G7Ai4fQjwRGQvWBqM74W6EOyl4aqAuvU/xVT/L8xWi+glPBW7piLPKYkBpQ3bH2a
rznT+rdlRwvvOwpxe+VqHuJ+ZP0hnqtQv+3vHb96QrGOs3y/28JfTIL8zrPxhzfE
n8Qyx/9a/dek1nrD9syNGGmBUnfcTZlEAbteBFZiviDFRIfXjfaBP1fRdVjwar+C
CqvT8VpLc5INjOYwYun+o9CRr+v9ofoPcSRT80VDQwdvA9VF0ek45Zo1A07EB/1y
856LeJ6JZhEdTGiPkBOHgW7QvYLuSWYJj605lSWjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUCF7B3iK1m799TmSVnbrkHJqNFIowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2MwYWMwOTcwLWM1NjctNDZlYS04ZjhkLTgxZTRiNzlhMWI0NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAE28DAwDQYJKoZIhvcNAQELBQADggEBAIGyzO/Z5zgmHoTL+zmhLmmQfIua
fLGP9vVNHdcRorRAljQNa8+RD57WoDLGbSGLT2ZagZnXWhsFzfPeQWTsBJhpljwd
2dQE3YYQ1upQujlL9vGv8C4Qu7G/mk0LP3FNpoPbqNGMt3Nfb3JEa9fTXd7HJ6Ln
ARWds4ONYaxiFILNFlAijnAlsXcQdIlj0nK9VuRsT0peCNFGTPyDHcNvHIe5lQC1
V4JWOeGbqrtvDKDUY9TLB1KvlEE2NqY+0fc1kW3rMWznLNgGtv9Q04fSG/Kd8oYA
DXWTWA8pMSUghTcVUGD4WPEUVhBjOwSrkEzyzInciLQJiIlR4mN5U/qRZD0=
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:57:59 2025 by rpki-client