Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/425554a6-e598-4df5-a7fb-eb185dac45b5.roa
File:                     425554a6-e598-4df5-a7fb-eb185dac45b5.roa (raw, json)
Hash identifier:          Aq+96n51IVrbCPZgDvM3J72J5i6zCFdeOwDY7/khopk=
Subject key identifier:   45:BC:E9:9A:DE:BC:A9:2B:2D:D5:F2:8B:C6:36:32:EA:80:84:A7:8B
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5AB8203600EB3D0CEBE6894879B50F2666ECDD62
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/425554a6-e598-4df5-a7fb-eb185dac45b5.roa
Signing time:             Tue 03 Jun 2025 15:22:33 +0000
ROA not before:           Tue 03 Jun 2025 15:22:33 +0000
ROA not after:            Tue 08 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.19.254.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 01 Jul 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:b8:20:36:00:eb:3d:0c:eb:e6:89:48:79:b5:0f:26:66:ec:dd:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun  3 15:22:33 2025 GMT
            Not After : Jul  8 23:59:59 2025 GMT
        Subject: serialNumber=9d765d9c16f8d8b99b457c4b12f55df4288acdc31ad0db4d2ca244ca2e48c8fa, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:d3:8c:22:38:95:be:92:76:6c:30:3b:fc:02:
                    d2:f5:b6:22:c8:81:f1:d9:e9:71:5b:32:12:1c:94:
                    0f:48:b5:39:7e:6d:5d:66:97:11:18:e9:0c:b2:e8:
                    2e:8c:39:37:0c:d7:cb:59:11:3e:57:99:7d:33:50:
                    f0:f8:47:11:bc:4e:84:7e:20:39:96:65:f1:17:54:
                    0d:e6:28:cf:78:70:5b:76:37:0e:a8:1e:21:62:33:
                    48:5d:93:f2:7a:0f:ed:ae:55:b3:7e:50:f9:fa:c0:
                    e4:53:0c:1b:3a:4f:f7:7a:23:0c:d3:f4:b5:8d:2c:
                    02:ec:b5:d2:8e:74:8b:11:29:70:ec:7c:e1:82:ac:
                    24:4c:d4:4f:e2:ea:f1:68:2e:fd:9c:db:cf:82:47:
                    ef:34:52:ca:d4:f2:22:b1:47:42:50:98:cc:40:07:
                    8c:94:33:d9:6c:05:84:66:d0:6f:04:f9:47:73:9a:
                    31:5e:5d:a0:c2:4e:db:7b:34:28:09:a2:30:c4:ad:
                    56:da:da:25:a9:f5:e9:5d:8f:59:da:43:40:e9:42:
                    42:61:3b:db:71:c5:f5:59:42:fa:36:b2:c9:c7:18:
                    f3:9a:ef:5a:aa:9e:79:9b:2e:42:99:3a:57:70:91:
                    29:6c:16:74:8f:cd:ef:27:73:aa:da:ed:ce:d3:e4:
                    98:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:BC:E9:9A:DE:BC:A9:2B:2D:D5:F2:8B:C6:36:32:EA:80:84:A7:8B
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/425554a6-e598-4df5-a7fb-eb185dac45b5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.19.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:ad:02:7a:f2:55:c0:4f:d1:e5:cb:a2:75:d0:27:8c:e2:cb:
         dd:13:1a:8c:05:08:a6:38:80:24:e8:da:75:f8:07:1e:83:e5:
         b6:91:93:c8:84:a6:98:2f:ef:ba:5b:e1:67:ff:9a:4c:56:cd:
         5d:eb:07:82:03:c7:8b:6b:bc:f3:0c:28:1a:f5:9b:59:77:b2:
         a8:3b:64:38:05:11:f7:e9:e9:ac:ca:06:8e:fc:32:d3:f3:9f:
         7a:cf:22:40:e0:05:3c:ea:79:c3:a0:48:bd:58:72:bb:62:98:
         cc:7d:cb:75:50:65:4a:10:87:11:65:38:fc:52:d8:46:99:88:
         03:d8:a1:c3:56:ea:c0:65:21:75:92:9b:c6:56:70:f5:2d:2b:
         4b:7f:9e:26:ec:95:be:0d:9f:ec:ee:75:57:b3:a2:0f:61:1d:
         b9:58:37:72:f6:e1:f8:8e:11:38:72:54:99:71:bb:00:77:ab:
         d4:26:0d:57:68:aa:7a:de:71:a3:22:1f:b3:14:a3:dc:05:16:
         16:4b:b2:0b:2f:b8:66:37:7a:86:2c:d6:50:b4:cb:15:b0:e7:
         ae:a4:fb:29:79:77:17:28:68:77:7c:5a:06:fe:69:52:21:12:
         b5:29:63:ad:1f:04:59:f5:69:21:91:07:e9:e9:b1:f9:7a:80:
         49:45:b4:aa
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWrggNgDrPQzr5olIebUPJmbs3WIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNjAzMTUyMjMzWhcNMjUwNzA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZDc2NWQ5YzE2ZjhkOGI5OWI0NTdjNGIxMmY1NWRmNDI4
OGFjZGMzMWFkMGRiNGQyY2EyNDRjYTJlNDhjOGZhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJ04wiOJW+knZsMDv8AtL1tiLIgfHZ6XFbMhIclA9ItTl+
bV1mlxEY6Qyy6C6MOTcM18tZET5XmX0zUPD4RxG8ToR+IDmWZfEXVA3mKM94cFt2
Nw6oHiFiM0hdk/J6D+2uVbN+UPn6wORTDBs6T/d6IwzT9LWNLALstdKOdIsRKXDs
fOGCrCRM1E/i6vFoLv2c28+CR+80UsrU8iKxR0JQmMxAB4yUM9lsBYRm0G8E+Udz
mjFeXaDCTtt7NCgJojDErVba2iWp9eldj1naQ0DpQkJhO9txxfVZQvo2ssnHGPOa
71qqnnmbLkKZOldwkSlsFnSPze8nc6ra7c7T5JjRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQURbzpmt68qSst1fKLxjYy6oCEp4swHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzQyNTU1NGE2LWU1OTgtNGRmNS1hN2ZiLWViMTg1ZGFjNDViNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA0E/4wDQYJKoZIhvcNAQELBQADggEBABqtAnryVcBP0eXLonXQJ4ziy90T
GowFCKY4gCTo2nX4Bx6D5baRk8iEppgv77pb4Wf/mkxWzV3rB4IDx4trvPMMKBr1
m1l3sqg7ZDgFEffp6azKBo78MtPzn3rPIkDgBTzqecOgSL1YcrtimMx9y3VQZUoQ
hxFlOPxS2EaZiAPYocNW6sBlIXWSm8ZWcPUtK0t/nibslb4Nn+zudVezog9hHblY
N3L24fiOEThyVJlxuwB3q9QmDVdoqnrecaMiH7MUo9wFFhZLsgsvuGY3eoYs1lC0
yxWw566k+yl5dxcoaHd8Wgb+aVIhErUpY60fBFn1aSGRB+npsfl6gElFtKo=
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:08:47 2025 by rpki-client