Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/490da442-9a78-4422-8ee9-ded4482ab131.roa
File:                     490da442-9a78-4422-8ee9-ded4482ab131.roa (raw, json)
Hash identifier:          qkHbUXdljYQ+GPKEXUWUOXH4VNPwZM1vwj+ASVEQ5xY=
Subject key identifier:   4E:77:00:B8:29:A1:1D:46:60:C2:C2:EC:45:46:23:64:0F:72:49:4E
Certificate issuer:       /CN=c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173
Certificate serial:       4F95C396062DF2CD30FD5E49286CA02934A214A5
Authority key identifier: CC:10:61:27:3F:FF:76:3F:76:D2:DE:E2:85:83:E8:BA:3B:05:C4:30
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/490da442-9a78-4422-8ee9-ded4482ab131.roa
Signing time:             Sat 14 Jun 2025 00:10:03 +0000
ROA not before:           Sat 14 Jun 2025 00:10:03 +0000
ROA not after:            Sat 19 Jul 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        198.41.96.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 02 Jul 2025 19:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:95:c3:96:06:2d:f2:cd:30:fd:5e:49:28:6c:a0:29:34:a2:14:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173
        Validity
            Not Before: Jun 14 00:10:03 2025 GMT
            Not After : Jul 19 23:59:59 2025 GMT
        Subject: serialNumber=cda1d2233a209b1741e239664b779291cde7e19caf297cd766edd5884e9975ae, CN=88af7b95-2ef7-49fc-a37d-1b8f0547180d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:45:b3:8a:d6:b3:03:c9:b5:e1:96:6e:99:60:
                    76:d3:1c:cd:28:c1:c0:04:34:1e:fb:76:1d:c2:9a:
                    5c:77:85:80:d7:42:84:3a:82:bc:3a:0f:21:dd:81:
                    95:87:16:1d:ca:23:fb:64:61:72:cd:1c:a7:e6:9f:
                    39:e7:2d:3f:a9:1d:0b:99:db:16:6e:c3:48:9a:43:
                    15:2c:a5:69:da:21:58:d0:b2:9c:fc:8f:0a:b5:4e:
                    a8:84:58:6e:50:cb:b5:7e:b7:e2:ca:3e:e8:aa:23:
                    c7:68:05:c8:43:d3:3a:9b:20:b3:b7:bd:cc:3e:b7:
                    1c:bd:5f:37:84:44:8e:46:2d:b4:2e:97:e7:97:21:
                    9f:01:9d:d0:9d:a1:61:a1:d9:64:a9:d2:bd:fc:d3:
                    fc:3a:92:67:99:7a:c4:11:a0:d3:48:42:18:a1:4c:
                    0c:d3:e6:ca:9f:65:af:d1:ba:a6:11:17:5b:7c:e0:
                    b6:64:02:69:8f:51:52:d3:1a:0f:18:c4:2d:73:a3:
                    bb:10:e7:eb:2f:58:45:82:31:38:bf:c3:2b:12:aa:
                    f5:d7:1d:89:2d:87:6c:b3:d0:72:c8:e2:5d:c5:c4:
                    85:a1:e3:3e:68:9b:c2:e2:28:86:35:e5:ce:7a:6a:
                    14:18:ec:f4:64:5d:b8:5a:9a:33:6a:bf:22:e2:4d:
                    58:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:77:00:B8:29:A1:1D:46:60:C2:C2:EC:45:46:23:64:0F:72:49:4E
            X509v3 Authority Key Identifier:
                keyid:CC:10:61:27:3F:FF:76:3F:76:D2:DE:E2:85:83:E8:BA:3B:05:C4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/490da442-9a78-4422-8ee9-ded4482ab131.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  198.41.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         76:94:2c:1a:8a:b4:6f:1b:c3:66:d9:aa:15:d2:9e:67:0b:63:
         fe:9c:aa:21:df:f2:db:ea:df:b7:86:77:cb:7c:b4:e4:3c:81:
         eb:7a:5f:ea:a2:38:9d:ed:78:c7:9c:23:b9:03:67:da:ab:09:
         00:9c:e2:0e:b5:25:49:e6:8c:61:1d:2a:12:11:b2:ae:1e:e6:
         a3:9e:65:8e:3e:35:a7:1c:3a:2c:7e:df:0e:8f:26:49:4e:56:
         84:c3:63:31:94:6a:46:b1:37:5e:f0:26:45:0b:91:84:f9:cb:
         85:a1:2f:b1:31:34:6b:32:7c:f4:69:9f:59:62:87:ef:24:03:
         91:dc:b1:16:c9:c4:bd:0e:cb:3f:7e:1c:b4:ec:37:fa:ae:ac:
         5f:83:4e:95:47:ec:e5:69:74:54:25:dd:bc:13:17:7c:3d:cd:
         06:19:74:1a:1b:b5:b7:c0:a8:24:41:b5:2b:4b:10:9d:95:4f:
         5f:47:c8:54:7e:7f:62:c0:e4:2a:37:9f:65:66:04:d9:a8:76:
         17:03:82:95:ab:75:39:10:d3:b0:fa:04:e2:2f:2a:a9:4b:dd:
         96:e3:24:51:27:9c:4a:22:ec:a1:58:1d:3a:ac:1b:ed:39:45:
         50:3c:08:3e:13:e0:90:8e:df:3e:ea:1d:bc:a7:e9:b7:f9:79:
         7e:25:07:9a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUT5XDlgYt8s0w/V5JKGygKTSiFKUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzMxOTQyNGUwMzlmODZkNmFkOWZjNGU3MjIzZGY4NDFk
MjBhZTZkMGZmMTI0MjgxNzMwHhcNMjUwNjE0MDAxMDAzWhcNMjUwNzE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BjZGExZDIyMzNhMjA5YjE3NDFlMjM5NjY0Yjc3OTI5MWNk
ZTdlMTljYWYyOTdjZDc2NmVkZDU4ODRlOTk3NWFlMS0wKwYDVQQDEyQ4OGFmN2I5
NS0yZWY3LTQ5ZmMtYTM3ZC0xYjhmMDU0NzE4MGQwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQChRbOK1rMDybXhlm6ZYHbTHM0owcAENB77dh3Cmlx3hYDX
QoQ6grw6DyHdgZWHFh3KI/tkYXLNHKfmnznnLT+pHQuZ2xZuw0iaQxUspWnaIVjQ
spz8jwq1TqiEWG5Qy7V+t+LKPuiqI8doBchD0zqbILO3vcw+txy9XzeERI5GLbQu
l+eXIZ8BndCdoWGh2WSp0r380/w6kmeZesQRoNNIQhihTAzT5sqfZa/RuqYRF1t8
4LZkAmmPUVLTGg8YxC1zo7sQ5+svWEWCMTi/wysSqvXXHYkth2yz0HLI4l3FxIWh
4z5om8LiKIY15c56ahQY7PRkXbhamjNqvyLiTVjlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTncAuCmhHUZgwsLsRUYjZA9ySU4wHwYDVR0jBBgwFoAUzBBhJz//dj92
0t7ihYPoujsFxDAwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Q2YjVhZDI4LTFjYmMtNDdhYi05MDRlLTQ1MzYxYTU0ODdjMy9lNWRlYTY2MC1i
ZjU5LTRiNGMtYjlhZC00YTY3ODdlMDNmY2UvYzMxOTQyNGUwMzlmODZkNmFkOWZj
NGU3MjIzZGY4NDFkMjBhZTZkMGZmMTI0MjgxNzMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmRmNTFjZDItZTZhZi00OTNhLWE4OGEtMzIy
MWQwMWY3ZDkwLzQ5MGRhNDQyLTlhNzgtNDQyMi04ZWU5LWRlZDQ0ODJhYjEzMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJkZjUxY2QyLWU2YWYtNDkzYS1hODhh
LTMyMjFkMDFmN2Q5MC9uNGJXclpfRTV5STktRUhTQ3ViUV94SkNnWE0uY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXGKWAwDQYJKoZIhvcNAQELBQADggEBAHaULBqKtG8bw2bZqhXSnmcLY/6c
qiHf8tvq37eGd8t8tOQ8get6X+qiOJ3teMecI7kDZ9qrCQCc4g61JUnmjGEdKhIR
sq4e5qOeZY4+NaccOix+3w6PJklOVoTDYzGUakaxN17wJkULkYT5y4WhL7ExNGsy
fPRpn1lih+8kA5HcsRbJxL0Oyz9+HLTsN/qurF+DTpVH7OVpdFQl3bwTF3w9zQYZ
dBobtbfAqCRBtStLEJ2VT19HyFR+f2LA5Co3n2VmBNmodhcDgpWrdTkQ07D6BOIv
KqlL3ZbjJFEnnEoi7KFYHTqsG+05RVA8CD4T4JCO3z7qHbyn6bf5eX4lB5o=
-----END CERTIFICATE-----
Generated at Tue Jul 1 16:45:47 2025 by rpki-client