Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/00d9fc11-51ce-43e5-9948-cda203ed3512.roa
File:                     00d9fc11-51ce-43e5-9948-cda203ed3512.roa (raw, json)
Hash identifier:          q+WbARG3ry1Wys09SZRdbiXAT9xSUF73sFlt/6sBfrk=
Subject key identifier:   C2:FB:CF:97:A9:FA:DD:97:38:9E:7E:04:6A:50:A2:49:FE:89:2D:51
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       676A272D75C71D73E337C994A921217274348376
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/00d9fc11-51ce-43e5-9948-cda203ed3512.roa
Signing time:             Mon 16 Jun 2025 17:31:05 +0000
ROA not before:           Mon 16 Jun 2025 17:31:05 +0000
ROA not after:            Mon 21 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.212.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 01 Jul 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:6a:27:2d:75:c7:1d:73:e3:37:c9:94:a9:21:21:72:74:34:83:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun 16 17:31:05 2025 GMT
            Not After : Jul 21 23:59:59 2025 GMT
        Subject: serialNumber=fa6ddd2e6c840d078f6972543b0fc2eaff662986293ce84afb76088a69712399, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:33:fb:75:9f:94:0c:c6:c0:50:85:be:41:62:
                    77:b3:fe:c6:41:54:a6:ba:6a:0c:bf:b8:45:22:45:
                    84:6e:6d:9a:f5:11:62:a9:27:b6:ed:33:ef:5c:94:
                    27:89:aa:ac:cd:55:83:66:16:75:9b:41:59:75:74:
                    b4:31:c5:61:84:75:51:82:46:d7:4f:2f:0c:01:92:
                    c1:16:f5:f5:e1:1f:f2:de:99:05:f8:d7:a2:71:24:
                    59:ed:b8:db:9e:90:c2:8c:a3:57:0d:a8:cf:8d:04:
                    70:a4:78:86:b0:25:a6:78:51:29:25:82:25:0d:18:
                    59:67:ec:31:fb:cc:70:57:dd:62:3f:34:b4:f3:ac:
                    f1:b6:30:e1:fe:38:d6:d1:ee:e5:6c:23:0c:9c:65:
                    d3:29:86:25:ec:c7:3e:05:fd:a5:51:28:e3:db:03:
                    60:89:54:df:60:6e:ae:f6:5e:51:c9:26:81:e4:4c:
                    d0:e0:34:fd:3d:56:84:3e:55:07:0b:00:f8:af:7e:
                    7f:68:69:74:d7:be:d4:88:4d:a8:52:1a:93:6a:5b:
                    19:ca:93:8e:29:2d:f0:8f:34:34:2a:14:a3:57:e9:
                    bf:de:e5:49:c5:a9:f6:ea:ac:8f:17:de:a3:bc:07:
                    5d:90:6b:36:36:46:6c:c7:10:f4:6f:53:b3:be:69:
                    68:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:FB:CF:97:A9:FA:DD:97:38:9E:7E:04:6A:50:A2:49:FE:89:2D:51
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/00d9fc11-51ce-43e5-9948-cda203ed3512.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.212.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         63:b7:32:ea:07:89:17:5a:14:a7:38:9b:55:d0:8e:9a:4e:fd:
         f4:0b:34:85:20:fb:06:2a:04:4a:23:14:41:5a:97:48:3c:5f:
         76:1b:81:f6:0b:87:be:5a:49:57:e9:41:0e:5f:4a:59:e2:41:
         dc:ee:10:d6:28:85:ad:c2:45:86:3a:d0:46:d0:81:c5:09:84:
         4a:fa:54:43:a4:db:f4:5b:43:51:c4:4e:b4:bb:a8:ee:1e:f8:
         ba:3b:04:95:04:94:e1:c8:b8:35:7c:c4:de:c9:0c:99:8f:7c:
         06:02:e0:9e:34:3c:99:36:2a:42:42:d9:df:c1:ee:bf:2b:96:
         56:0b:1a:fa:5a:a0:1e:30:72:c0:90:b5:91:9f:0f:06:b9:57:
         f4:88:a2:cf:a3:e0:0a:07:38:45:f9:7b:00:d4:f8:f0:3f:d8:
         47:bb:3f:38:73:14:b5:93:3e:af:5a:a0:7d:0e:52:f5:c0:8c:
         49:a7:65:57:c7:d0:2e:5b:64:5e:4d:7d:14:e6:49:1c:ae:b3:
         2e:2d:bc:0f:b6:44:8f:6e:af:d6:a0:b0:0f:f0:d4:0a:22:bd:
         c4:64:c2:d1:e6:ba:7e:fe:59:1a:fe:27:47:18:92:1f:3c:ff:
         99:f9:12:b5:cd:36:5f:c4:04:63:5c:d6:e5:dc:d6:da:de:dc:
         53:1c:5a:de
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUZ2onLXXHHXPjN8mUqSEhcnQ0g3YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNjE2MTczMTA1WhcNMjUwNzIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BmYTZkZGQyZTZjODQwZDA3OGY2OTcyNTQzYjBmYzJlYWZm
NjYyOTg2MjkzY2U4NGFmYjc2MDg4YTY5NzEyMzk5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD4M/t1n5QMxsBQhb5BYnez/sZBVKa6agy/uEUiRYRubZr1
EWKpJ7btM+9clCeJqqzNVYNmFnWbQVl1dLQxxWGEdVGCRtdPLwwBksEW9fXhH/Le
mQX416JxJFntuNuekMKMo1cNqM+NBHCkeIawJaZ4USklgiUNGFln7DH7zHBX3WI/
NLTzrPG2MOH+ONbR7uVsIwycZdMphiXsxz4F/aVRKOPbA2CJVN9gbq72XlHJJoHk
TNDgNP09VoQ+VQcLAPivfn9oaXTXvtSITahSGpNqWxnKk44pLfCPNDQqFKNX6b/e
5UnFqfbqrI8X3qO8B12QazY2RmzHEPRvU7O+aWiTAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUwvvPl6n63Zc4nn4EalCiSf6JLVEwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzAwZDlmYzExLTUxY2UtNDNlNS05OTQ4LWNkYTIwM2VkMzUxMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAP1DANBgkqhkiG9w0BAQsFAAOCAQEAY7cy6geJF1oUpzibVdCOmk799As0
hSD7BioESiMUQVqXSDxfdhuB9guHvlpJV+lBDl9KWeJB3O4Q1iiFrcJFhjrQRtCB
xQmESvpUQ6Tb9FtDUcROtLuo7h74ujsElQSU4ci4NXzE3skMmY98BgLgnjQ8mTYq
QkLZ38HuvyuWVgsa+lqgHjBywJC1kZ8PBrlX9Iiiz6PgCgc4Rfl7ANT48D/YR7s/
OHMUtZM+r1qgfQ5S9cCMSadlV8fQLltkXk19FOZJHK6zLi28D7ZEj26v1qCwD/DU
CiK9xGTC0ea6fv5ZGv4nRxiSHzz/mfkStc02X8QEY1zW5dzW2t7cUxxa3g==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:07:28 2025 by rpki-client