Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ccb7305a-92e5-4144-81b3-6e7d6cf8d1a1.roa
File:                     ccb7305a-92e5-4144-81b3-6e7d6cf8d1a1.roa (raw, json)
Hash identifier:          cC3Zuljgj3p12wra0TuL8kCuf30FXN9ZO0pr4c2+5is=
Subject key identifier:   4C:85:4D:07:9D:68:AF:07:88:FA:88:95:05:EE:EC:D1:F4:24:41:56
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       3EB3BF1DFC6BE36511FE485304CECCC4638ABBAC
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ccb7305a-92e5-4144-81b3-6e7d6cf8d1a1.roa
Signing time:             Fri 25 Apr 2025 16:31:19 +0000
ROA not before:           Fri 25 Apr 2025 16:31:19 +0000
ROA not after:            Fri 30 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.232.0.0/14 maxlen: 14
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 06 May 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:b3:bf:1d:fc:6b:e3:65:11:fe:48:53:04:ce:cc:c4:63:8a:bb:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr 25 16:31:19 2025 GMT
            Not After : May 30 23:59:59 2025 GMT
        Subject: serialNumber=665cceefc1dddc7afa5a3576be4b3cec0650049ed3b9c440aa224d9c98c2a4fc, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:49:9f:d1:6b:84:e5:5d:09:0c:2f:35:3d:51:
                    e6:ee:9d:64:62:89:4c:36:b9:d4:a9:bb:dd:34:e1:
                    e4:99:94:80:e1:87:ad:94:1a:14:39:b4:51:88:6e:
                    cd:e1:07:5b:ac:75:8d:82:52:10:8a:45:d2:ba:12:
                    b2:a9:57:48:f1:82:03:b8:a2:64:34:48:39:44:8f:
                    c9:bf:e8:41:37:87:5d:a7:e5:1a:22:71:9d:47:ed:
                    9f:db:8f:b6:ed:eb:ed:32:5f:09:e0:65:71:66:d8:
                    fd:6c:30:d5:9a:5f:24:50:e3:e5:1b:38:8f:52:f2:
                    a1:39:cf:fd:d1:f6:2f:1b:c1:0b:5b:6c:1c:cc:b4:
                    cd:2c:98:1e:4c:99:cc:8f:8e:fd:80:3f:d8:38:c7:
                    7a:48:81:d3:0f:f1:78:ee:de:10:c6:fb:62:81:db:
                    08:15:f3:ff:3d:75:fa:de:f4:ab:62:8c:da:f3:92:
                    15:ee:97:57:b1:c8:15:14:06:72:cc:61:70:f1:d5:
                    ae:eb:0b:b4:2f:20:8e:3f:b6:fe:fa:7e:47:89:84:
                    a0:a2:a1:52:41:19:c1:c4:7e:48:cb:03:df:3a:05:
                    0d:2e:9d:ce:0e:59:47:67:f2:75:7d:77:88:27:a6:
                    b0:7a:00:d5:1c:92:62:28:7a:3b:ea:1f:35:6c:0b:
                    ec:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:85:4D:07:9D:68:AF:07:88:FA:88:95:05:EE:EC:D1:F4:24:41:56
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ccb7305a-92e5-4144-81b3-6e7d6cf8d1a1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.232.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         a7:ac:12:06:d3:15:cf:96:c4:6c:10:94:e7:e1:2b:bc:5e:a9:
         50:c1:2d:25:c3:31:c0:4c:46:fd:71:6b:9f:50:c2:9c:5c:96:
         16:b4:19:41:88:6c:9b:a9:13:1e:d3:1e:4e:90:6b:8e:59:f6:
         b3:65:3a:09:1a:e7:5b:c3:dd:b6:de:af:1d:d5:1c:bd:36:7d:
         46:5f:ca:71:1a:c3:39:dc:fe:3a:1a:b1:c9:b8:85:ed:76:0d:
         a3:46:a3:44:55:e5:29:ed:5e:63:4d:fa:7c:35:c4:83:e6:5c:
         67:50:97:43:dc:ee:4e:9b:74:ca:2f:6f:a1:5a:af:cb:86:e0:
         91:f7:54:84:5d:e4:30:17:89:d5:38:97:4c:94:c7:1b:fa:98:
         f0:ed:da:61:9d:cc:87:96:e6:58:a6:dd:f7:5f:3e:b7:8e:27:
         72:05:9a:73:4d:3b:52:2a:cc:3c:3a:60:30:04:4b:51:44:c4:
         b4:c8:92:6c:3a:5b:ce:c6:f3:a5:9f:fd:cd:b6:99:80:f9:01:
         72:2a:16:80:47:af:20:a4:9b:87:b8:3b:b9:7a:f3:6a:09:f1:
         36:1f:a1:a2:78:33:69:33:be:d9:59:9a:27:22:23:8b:03:ba:
         f0:75:41:2f:a4:07:4d:b2:54:a1:89:4d:2f:a3:fb:b3:35:d5:
         0a:bd:79:d3
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPrO/Hfxr42UR/khTBM7MxGOKu6wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDI1MTYzMTE5WhcNMjUwNTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A2NjVjY2VlZmMxZGRkYzdhZmE1YTM1NzZiZTRiM2NlYzA2
NTAwNDllZDNiOWM0NDBhYTIyNGQ5Yzk4YzJhNGZjMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgSZ/Ra4TlXQkMLzU9UebunWRiiUw2udSpu9004eSZlIDh
h62UGhQ5tFGIbs3hB1usdY2CUhCKRdK6ErKpV0jxggO4omQ0SDlEj8m/6EE3h12n
5RoicZ1H7Z/bj7bt6+0yXwngZXFm2P1sMNWaXyRQ4+UbOI9S8qE5z/3R9i8bwQtb
bBzMtM0smB5MmcyPjv2AP9g4x3pIgdMP8Xju3hDG+2KB2wgV8/89dfre9KtijNrz
khXul1exyBUUBnLMYXDx1a7rC7QvII4/tv76fkeJhKCioVJBGcHEfkjLA986BQ0u
nc4OWUdn8nV9d4gnprB6ANUckmIoejvqHzVsC+ynAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUTIVNB51orweI+oiVBe7s0fQkQVYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2NjYjczMDVhLTkyZTUtNDE0NC04MWIzLTZlN2Q2Y2Y4ZDFhMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwIS6DANBgkqhkiG9w0BAQsFAAOCAQEAp6wSBtMVz5bEbBCU5+ErvF6pUMEt
JcMxwExG/XFrn1DCnFyWFrQZQYhsm6kTHtMeTpBrjln2s2U6CRrnW8Pdtt6vHdUc
vTZ9Rl/KcRrDOdz+OhqxybiF7XYNo0ajRFXlKe1eY036fDXEg+ZcZ1CXQ9zuTpt0
yi9voVqvy4bgkfdUhF3kMBeJ1TiXTJTHG/qY8O3aYZ3Mh5bmWKbd918+t44ncgWa
c007UirMPDpgMARLUUTEtMiSbDpbzsbzpZ/9zbaZgPkBcioWgEevIKSbh7g7uXrz
agnxNh+hongzaTO+2VmaJyIjiwO68HVBL6QHTbJUoYlNL6P7szXVCr150w==
-----END CERTIFICATE-----
Generated at Mon May 5 10:50:23 2025 by rpki-client