Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d8103359-bba9-478d-a9d7-79e35e48424d.roa
File:                     d8103359-bba9-478d-a9d7-79e35e48424d.roa (raw, json)
Hash identifier:          +NuMLJ0eDjDj5f+iwPSF+6AvZC6ckcx9hiVokqya8yc=
Subject key identifier:   83:3E:B6:2C:D9:46:C8:4B:53:79:58:6C:47:D2:CE:6C:4E:9B:91:F6
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       031E5913DD3381F9391252C467DA4C12194AC5FA
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d8103359-bba9-478d-a9d7-79e35e48424d.roa
Signing time:             Mon 16 Jun 2025 17:30:27 +0000
ROA not before:           Mon 16 Jun 2025 17:30:27 +0000
ROA not after:            Mon 21 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.253.0.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 01 Jul 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:1e:59:13:dd:33:81:f9:39:12:52:c4:67:da:4c:12:19:4a:c5:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun 16 17:30:27 2025 GMT
            Not After : Jul 21 23:59:59 2025 GMT
        Subject: serialNumber=089d74c9c839eeea2ac6e7df7ff59a1adf87ba75c10689ee29eded37ad569787, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:2e:6e:6c:5c:d5:26:7a:95:4d:d6:b6:4c:b0:
                    0b:7a:b0:72:fe:3f:01:a3:70:34:13:97:60:a4:f6:
                    8e:e9:a5:17:cf:e4:d6:53:46:08:f7:29:62:dd:b2:
                    37:2d:71:d0:35:83:48:6f:aa:07:ea:02:89:f0:cc:
                    16:ab:0b:d8:f4:08:8d:ac:13:2d:a8:07:b8:0c:8f:
                    32:0e:6d:9c:19:ec:34:19:d1:88:8c:a9:91:77:c8:
                    a3:17:46:15:e3:23:da:e5:72:c7:9f:2b:77:9a:a9:
                    aa:72:1f:3e:32:04:c8:f9:ed:8a:73:c6:d2:01:6b:
                    0c:63:ff:42:8e:73:4d:1b:ac:e2:49:92:ff:4e:b2:
                    26:48:3d:24:bd:5c:7b:0b:4a:4f:e6:68:80:48:e4:
                    fb:df:81:51:2a:f4:8f:78:f1:56:e6:e3:e4:e1:26:
                    84:e1:45:95:b9:01:93:29:24:d6:b6:e6:a9:e5:a9:
                    33:66:fa:2d:12:32:e7:06:bb:96:4c:62:42:9e:8b:
                    45:6d:47:c3:47:45:b0:71:01:56:cd:da:95:0f:90:
                    e5:d1:f3:0a:25:6e:29:31:60:21:56:f1:01:47:d0:
                    38:72:87:9d:64:25:b3:00:69:e7:45:2f:aa:c2:3b:
                    6f:e8:04:e2:74:e3:dd:5f:f4:80:85:57:44:5b:be:
                    91:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:3E:B6:2C:D9:46:C8:4B:53:79:58:6C:47:D2:CE:6C:4E:9B:91:F6
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d8103359-bba9-478d-a9d7-79e35e48424d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.253.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:fa:96:cf:1b:75:f4:25:98:a7:73:26:2b:79:7d:79:48:7a:
         d8:61:7b:0e:a1:0b:9c:57:35:fb:c5:e2:3b:2a:2f:84:7a:cf:
         fd:25:7e:d9:14:57:a0:2a:7a:47:ce:fb:27:5d:dc:84:6d:60:
         d0:f4:92:af:6b:d4:86:d5:6b:f2:67:90:46:10:38:2e:fa:85:
         b4:cd:eb:b2:28:3e:bf:16:90:61:7e:c0:6a:95:79:43:1b:7c:
         c9:8c:06:2f:f1:4e:fc:98:d0:99:fd:18:9b:12:9e:14:60:5d:
         0d:65:49:bc:2e:a3:6c:49:0a:48:5f:be:24:40:26:2b:25:40:
         01:8e:77:41:f2:65:7f:8f:e7:c1:21:0c:20:3c:72:13:fc:a6:
         be:5b:f7:8f:53:48:15:75:7c:0f:c3:c1:de:53:c1:f8:38:6e:
         4d:d0:0e:6a:74:23:af:e4:b7:51:d6:44:dc:cb:d0:38:d7:86:
         dc:45:65:a6:40:ae:ee:fe:cd:46:8f:6b:f8:44:b1:59:a2:4e:
         2f:5f:c9:dc:ae:48:72:c7:e4:aa:0d:ce:63:1e:ea:e2:36:89:
         02:5a:a8:e7:f1:4c:fa:15:29:f7:27:43:67:81:57:ab:30:08:
         7b:83:78:d2:b1:ac:63:0b:8e:b3:c1:2f:cd:4a:db:4f:0c:14:
         ba:34:87:0c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAx5ZE90zgfk5ElLEZ9pMEhlKxfowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNjE2MTczMDI3WhcNMjUwNzIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AwODlkNzRjOWM4MzllZWVhMmFjNmU3ZGY3ZmY1OWExYWRm
ODdiYTc1YzEwNjg5ZWUyOWVkZWQzN2FkNTY5Nzg3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCnLm5sXNUmepVN1rZMsAt6sHL+PwGjcDQTl2Ck9o7ppRfP
5NZTRgj3KWLdsjctcdA1g0hvqgfqAonwzBarC9j0CI2sEy2oB7gMjzIObZwZ7DQZ
0YiMqZF3yKMXRhXjI9rlcsefK3eaqapyHz4yBMj57YpzxtIBawxj/0KOc00brOJJ
kv9OsiZIPSS9XHsLSk/maIBI5PvfgVEq9I948Vbm4+ThJoThRZW5AZMpJNa25qnl
qTNm+i0SMucGu5ZMYkKei0VtR8NHRbBxAVbN2pUPkOXR8wolbikxYCFW8QFH0Dhy
h51kJbMAaedFL6rCO2/oBOJ0491f9ICFV0RbvpFVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUgz62LNlGyEtTeVhsR9LObE6bkfYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2Q4MTAzMzU5LWJiYTktNDc4ZC1hOWQ3LTc5ZTM1ZTQ4NDI0ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAS/QAwDQYJKoZIhvcNAQELBQADggEBAHH6ls8bdfQlmKdzJit5fXlIethh
ew6hC5xXNfvF4jsqL4R6z/0lftkUV6AqekfO+ydd3IRtYND0kq9r1IbVa/JnkEYQ
OC76hbTN67IoPr8WkGF+wGqVeUMbfMmMBi/xTvyY0Jn9GJsSnhRgXQ1lSbwuo2xJ
CkhfviRAJislQAGOd0HyZX+P58EhDCA8chP8pr5b949TSBV1fA/Dwd5Twfg4bk3Q
Dmp0I6/kt1HWRNzL0DjXhtxFZaZAru7+zUaPa/hEsVmiTi9fydyuSHLH5KoNzmMe
6uI2iQJaqOfxTPoVKfcnQ2eBV6swCHuDeNKxrGMLjrPBL81K208MFLo0hww=
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:53:58 2025 by rpki-client