Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1466c713-abfa-4fa8-86b5-f65fdc7f9e7b.roa
File:                     1466c713-abfa-4fa8-86b5-f65fdc7f9e7b.roa (raw, json)
Hash identifier:          3wdsGs6+936dqpvGJSX6n7bZSHGEMEEpitskues/kXA=
Subject key identifier:   13:59:88:EB:E8:D4:2C:BF:F4:DE:2C:BF:DF:65:C8:47:04:3B:55:7E
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2C727E7773CB00D5F35DEEE9BF1596969D1AFFD8
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1466c713-abfa-4fa8-86b5-f65fdc7f9e7b.roa
Signing time:             Tue 05 Aug 2025 17:02:00 +0000
ROA not before:           Tue 05 Aug 2025 17:02:00 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        52.94.22.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:72:7e:77:73:cb:00:d5:f3:5d:ee:e9:bf:15:96:96:9d:1a:ff:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Aug  5 17:02:00 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=c42e42b867b8ccc9dadf36952a685a1ad86d023145a045e128a3a101ff2a5fa3, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:35:fb:2b:19:84:cb:dd:7f:7f:cc:fe:6b:d9:
                    7b:51:41:33:95:f0:bd:44:73:0d:2f:ef:6e:b5:fd:
                    14:54:23:5e:98:8f:5d:53:ea:18:b4:2c:56:fc:7a:
                    a3:28:7a:a7:e3:1e:a3:35:96:58:51:1b:b9:6c:f0:
                    8a:a4:83:6d:84:b9:99:a1:e0:f0:2f:a4:f5:98:69:
                    d9:0d:84:4c:e2:40:49:4c:55:8d:ff:ce:2f:e6:da:
                    df:41:c0:9c:cb:e2:00:71:40:c5:ff:bd:0b:4b:aa:
                    db:cf:0a:57:81:08:1c:85:cb:c9:cf:76:34:74:20:
                    39:c7:46:7a:6f:e3:36:c1:4d:a7:21:95:24:9b:b8:
                    c1:50:f2:da:f3:42:72:61:94:27:e1:63:4a:a3:dc:
                    5a:db:44:76:b4:66:a1:6f:7e:12:c1:87:07:69:90:
                    e5:0d:35:c2:c9:f1:48:6d:bc:b9:b3:f3:49:38:88:
                    7d:96:68:de:25:be:42:0e:ae:f0:8a:9f:54:e4:1e:
                    7a:83:27:40:7e:2a:a5:4e:f7:81:1d:ce:24:e2:d6:
                    c8:a6:02:60:c1:28:83:de:73:29:9c:da:48:00:16:
                    ea:cf:c6:c2:7f:ec:d6:ba:da:e4:21:59:95:e5:4c:
                    3a:08:ce:3c:7a:8a:a6:19:31:85:b7:29:9c:92:17:
                    48:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:59:88:EB:E8:D4:2C:BF:F4:DE:2C:BF:DF:65:C8:47:04:3B:55:7E
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1466c713-abfa-4fa8-86b5-f65fdc7f9e7b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.94.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:1d:8e:22:e4:6f:3c:5d:d5:01:49:a2:e3:74:05:b8:16:6c:
         07:51:91:b6:58:94:db:6c:ef:09:34:5e:12:54:70:a5:1d:dd:
         cf:f4:1b:98:84:1e:df:84:b0:ac:e7:5f:9e:7e:e0:0e:f0:01:
         89:da:05:ce:9a:38:39:1c:10:9c:50:df:42:d8:aa:c5:20:75:
         61:f5:b1:12:94:a4:36:c2:50:f5:48:a5:a3:fa:8b:be:1c:6e:
         aa:27:76:53:12:af:c2:62:45:de:71:d6:87:75:44:37:10:b4:
         43:66:42:67:b1:85:77:92:03:5d:e9:84:74:96:69:1b:45:a5:
         01:47:8f:29:bb:b9:b4:80:d0:77:3e:81:7c:18:dc:4d:a4:24:
         d3:ce:ac:80:04:3a:ec:80:03:f7:27:a4:09:d1:dc:9b:99:9e:
         a7:c1:8a:63:3c:23:52:62:4b:1b:9f:7c:37:09:2f:28:e9:38:
         e9:da:15:49:71:66:78:e4:1b:02:b3:7a:54:4a:bb:0a:3f:09:
         45:65:05:b6:f1:a0:a3:71:35:26:9c:6f:89:e4:f5:f6:fc:9c:
         51:a9:40:73:44:55:32:f2:8d:3b:0d:3a:4e:68:5b:41:c0:2b:
         77:53:fc:11:25:8c:74:03:f0:28:32:ee:ea:8c:c2:38:cf:c8:
         4b:e4:16:33
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULHJ+d3PLANXzXe7pvxWWlp0a/9gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwODA1MTcwMjAwWhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BjNDJlNDJiODY3YjhjY2M5ZGFkZjM2OTUyYTY4NWExYWQ4
NmQwMjMxNDVhMDQ1ZTEyOGEzYTEwMWZmMmE1ZmEzMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDuNfsrGYTL3X9/zP5r2XtRQTOV8L1Ecw0v7261/RRUI16Y
j11T6hi0LFb8eqMoeqfjHqM1llhRG7ls8Iqkg22EuZmh4PAvpPWYadkNhEziQElM
VY3/zi/m2t9BwJzL4gBxQMX/vQtLqtvPCleBCByFy8nPdjR0IDnHRnpv4zbBTach
lSSbuMFQ8trzQnJhlCfhY0qj3FrbRHa0ZqFvfhLBhwdpkOUNNcLJ8UhtvLmz80k4
iH2WaN4lvkIOrvCKn1TkHnqDJ0B+KqVO94EdziTi1simAmDBKIPecymc2kgAFurP
xsJ/7Na62uQhWZXlTDoIzjx6iqYZMYW3KZySF0hXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUE1mI6+jULL/03iy/32XIRwQ7VX4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzE0NjZjNzEzLWFiZmEtNGZhOC04NmI1LWY2NWZkYzdmOWU3Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA0XhYwDQYJKoZIhvcNAQELBQADggEBADsdjiLkbzxd1QFJouN0BbgWbAdR
kbZYlNts7wk0XhJUcKUd3c/0G5iEHt+EsKznX55+4A7wAYnaBc6aODkcEJxQ30LY
qsUgdWH1sRKUpDbCUPVIpaP6i74cbqondlMSr8JiRd5x1od1RDcQtENmQmexhXeS
A13phHSWaRtFpQFHjym7ubSA0Hc+gXwY3E2kJNPOrIAEOuyAA/cnpAnR3JuZnqfB
imM8I1JiSxuffDcJLyjpOOnaFUlxZnjkGwKzelRKuwo/CUVlBbbxoKNxNSacb4nk
9fb8nFGpQHNEVTLyjTsNOk5oW0HAK3dT/BEljHQD8Cgy7uqMwjjPyEvkFjM=
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:51:01 2025 by rpki-client