Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/eba43604-9a87-4a97-9c71-09a2c1a87b9a.roa
File:                     eba43604-9a87-4a97-9c71-09a2c1a87b9a.roa (raw, json)
Hash identifier:          uTwaUw3SpzgDhH/UbVbGkw/BQ9aAMgIVdJLcrpmJurc=
Subject key identifier:   BD:39:59:3B:4B:44:71:EF:0B:84:B5:19:C0:24:4B:E8:94:E2:C3:53
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4B986790AD96010656226A352100CB9D0DE71698
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/eba43604-9a87-4a97-9c71-09a2c1a87b9a.roa
Signing time:             Tue 05 Aug 2025 17:11:44 +0000
ROA not before:           Tue 05 Aug 2025 17:11:44 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.93.64.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 22 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:98:67:90:ad:96:01:06:56:22:6a:35:21:00:cb:9d:0d:e7:16:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Aug  5 17:11:44 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=9730dfe2e69be26842929747e7b7e98f79a3430b6395f064146e0435af2747c4, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:28:31:e8:ce:c8:4f:0b:85:42:ec:05:99:b3:
                    13:0e:5c:35:a7:79:d7:9c:5b:5c:aa:f1:8b:e5:86:
                    ce:71:15:83:ef:95:f1:c1:6c:47:76:f1:b5:ac:44:
                    2d:71:d2:12:ac:78:b9:1e:27:9a:26:12:93:ff:f1:
                    31:bc:e4:dc:13:b6:ef:a9:90:ed:b8:94:e1:73:37:
                    e8:16:65:64:b1:ea:b2:4c:90:f1:eb:fd:fb:83:16:
                    c9:35:d1:17:d6:72:82:f4:99:7d:9c:84:b3:d3:68:
                    26:44:90:68:56:fd:dd:14:2c:e5:bb:8c:90:eb:ef:
                    96:01:6d:21:01:a8:34:2e:91:d2:b6:b8:f0:93:16:
                    b3:6e:55:f6:e5:c6:e6:99:90:7e:62:75:63:c2:f9:
                    90:95:db:a6:0a:70:1c:6d:fc:fd:a9:77:ce:56:e8:
                    3d:12:67:9c:e4:20:d1:fc:a1:bf:92:1a:ce:6a:46:
                    81:f8:21:22:f6:75:58:0b:48:76:56:06:e3:a6:54:
                    92:13:e1:66:03:bb:99:37:83:3e:3a:cb:b9:eb:34:
                    6c:78:1a:42:53:55:00:96:a5:94:5c:53:59:18:df:
                    de:6f:94:ce:fb:39:e8:0b:0c:e4:08:71:a8:26:cc:
                    26:86:6b:c5:dc:f2:b7:bf:6b:13:b6:67:11:50:ed:
                    97:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:39:59:3B:4B:44:71:EF:0B:84:B5:19:C0:24:4B:E8:94:E2:C3:53
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/eba43604-9a87-4a97-9c71-09a2c1a87b9a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.93.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:33:da:eb:9a:ee:da:07:e3:e0:4c:6e:8b:32:16:a0:4b:6c:
         52:43:a4:1a:77:04:5d:c3:70:2f:d6:f4:eb:20:1b:20:a7:30:
         64:a6:c4:2c:5d:66:d7:4a:ea:f8:fc:5a:e7:b9:10:ef:7e:29:
         ad:43:5f:fd:39:48:d2:09:73:6d:75:8a:c6:41:9b:71:12:10:
         8d:03:45:eb:92:3c:80:ff:3b:8b:59:ba:a0:bd:3d:87:e4:3d:
         30:98:6c:bf:4b:e8:48:88:87:e5:e6:48:38:7f:c4:80:a0:3a:
         4b:85:e3:89:f4:b9:bb:4c:5c:3e:68:dd:28:e4:e2:9b:bf:24:
         df:83:24:cf:87:c8:8d:8f:f5:3a:c2:27:a7:8b:f5:74:46:a3:
         6c:6c:93:03:cc:39:65:85:e7:8a:60:e1:28:c2:17:fa:f7:1a:
         c1:43:d2:4d:b6:7d:c7:aa:3f:6f:be:88:0f:55:6e:3e:ea:8a:
         96:27:8f:08:ac:ed:c4:44:0b:3b:20:2c:23:01:6d:d3:66:91:
         78:70:20:1f:39:78:49:00:bf:8d:fb:5d:2c:04:bc:33:82:cb:
         74:d8:0d:03:03:b2:36:4c:1b:c7:1b:e5:96:94:9a:f7:18:a4:
         36:ea:67:d1:b8:1e:8f:bf:4b:2f:d6:db:0d:f3:45:93:18:e1:
         41:bb:44:c0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUS5hnkK2WAQZWImo1IQDLnQ3nFpgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwODA1MTcxMTQ0WhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A5NzMwZGZlMmU2OWJlMjY4NDI5Mjk3NDdlN2I3ZTk4Zjc5
YTM0MzBiNjM5NWYwNjQxNDZlMDQzNWFmMjc0N2M0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOKDHozshPC4VC7AWZsxMOXDWnedecW1yq8Yvlhs5xFYPv
lfHBbEd28bWsRC1x0hKseLkeJ5omEpP/8TG85NwTtu+pkO24lOFzN+gWZWSx6rJM
kPHr/fuDFsk10RfWcoL0mX2chLPTaCZEkGhW/d0ULOW7jJDr75YBbSEBqDQukdK2
uPCTFrNuVfblxuaZkH5idWPC+ZCV26YKcBxt/P2pd85W6D0SZ5zkINH8ob+SGs5q
RoH4ISL2dVgLSHZWBuOmVJIT4WYDu5k3gz46y7nrNGx4GkJTVQCWpZRcU1kY395v
lM77OegLDOQIcagmzCaGa8Xc8re/axO2ZxFQ7Zc/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUvTlZO0tEce8LhLUZwCRL6JTiw1MwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2ViYTQzNjA0LTlhODctNGE5Ny05YzcxLTA5YTJjMWE4N2I5YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA0XUAwDQYJKoZIhvcNAQELBQADggEBABcz2uua7toH4+BMbosyFqBLbFJD
pBp3BF3DcC/W9OsgGyCnMGSmxCxdZtdK6vj8Wue5EO9+Ka1DX/05SNIJc211isZB
m3ESEI0DReuSPID/O4tZuqC9PYfkPTCYbL9L6EiIh+XmSDh/xICgOkuF44n0ubtM
XD5o3Sjk4pu/JN+DJM+HyI2P9TrCJ6eL9XRGo2xskwPMOWWF54pg4SjCF/r3GsFD
0k22fceqP2++iA9Vbj7qipYnjwis7cRECzsgLCMBbdNmkXhwIB85eEkAv437XSwE
vDOCy3TYDQMDsjZMG8cb5ZaUmvcYpDbqZ9G4Ho+/Sy/W2w3zRZMY4UG7RMA=
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:40:29 2025 by rpki-client