Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/eca36373-2c2b-4810-b0c5-c530f9afed33.roa
File:                     eca36373-2c2b-4810-b0c5-c530f9afed33.roa (raw, json)
Hash identifier:          +0BJpyojHYJeDYOF3LA1duv6br30Wcprjen6SPmmJkQ=
Subject key identifier:   0F:80:A1:38:BE:FF:48:7A:9F:D3:F8:B3:6A:33:7A:EC:F1:46:16:D7
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       176C14950D80E61BB85173C4DB7BD820C8356ED5
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/eca36373-2c2b-4810-b0c5-c530f9afed33.roa
Signing time:             Mon 16 Jun 2025 16:41:42 +0000
ROA not before:           Mon 16 Jun 2025 16:41:42 +0000
ROA not after:            Mon 21 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.177.88.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 01 Jul 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:6c:14:95:0d:80:e6:1b:b8:51:73:c4:db:7b:d8:20:c8:35:6e:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun 16 16:41:42 2025 GMT
            Not After : Jul 21 23:59:59 2025 GMT
        Subject: serialNumber=61ade3f428ffeb48782f36895f8a82e15e42b357a08bc5518e023a1f93ed5c50, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:15:5f:62:b9:e4:ef:43:52:1a:bf:cc:8c:f1:
                    67:51:fe:cf:5f:7f:53:26:83:a9:6d:c8:a4:b8:0a:
                    d4:46:c1:bc:99:da:2f:09:70:98:ef:e3:42:fc:78:
                    08:c4:c4:25:4a:a8:c9:f7:0c:59:0d:29:c1:9c:fb:
                    e1:d3:01:7d:00:59:fc:98:b8:7c:33:54:92:af:40:
                    99:2a:0c:30:f0:4c:80:d5:41:ef:df:46:e0:41:82:
                    c6:5a:a6:d5:33:3b:e6:dc:ca:1c:f1:c0:1f:3f:6e:
                    41:fc:c0:f0:d2:a9:48:cd:e2:46:09:e5:e9:7f:68:
                    98:09:63:a3:10:70:e4:f3:02:c4:57:85:07:6c:63:
                    58:30:28:21:f1:86:8d:cc:19:ca:59:6d:ab:dc:4e:
                    35:6d:1d:bd:97:07:e5:59:1b:ec:a2:80:ed:2e:3d:
                    0b:3f:7a:c1:f5:4f:82:ab:79:84:70:6b:18:90:13:
                    c8:a4:52:84:e8:cc:77:12:b5:13:a5:e4:af:8a:a9:
                    0f:38:b3:04:42:c5:0b:92:36:4d:2b:06:79:99:3a:
                    f0:70:6b:26:6b:32:0f:1c:db:af:ad:f8:e9:72:0b:
                    93:72:c3:30:75:55:bd:02:7e:2f:da:b8:3d:4b:25:
                    19:11:d1:fc:1f:22:fc:bf:9f:10:27:d0:4d:66:1e:
                    bc:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:80:A1:38:BE:FF:48:7A:9F:D3:F8:B3:6A:33:7A:EC:F1:46:16:D7
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/eca36373-2c2b-4810-b0c5-c530f9afed33.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.177.88.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:1d:62:ac:19:f8:e1:a5:06:88:1b:cf:12:fa:f5:8f:89:86:
         7c:ff:47:6e:71:fe:a3:99:75:72:e2:32:c5:48:8b:9d:de:45:
         8f:88:0f:cf:37:e7:f3:cf:00:47:b8:b1:d4:51:2c:27:22:86:
         ad:26:3f:ae:62:37:17:d3:98:8f:57:fb:ca:a0:33:4d:42:51:
         87:4f:3a:03:2f:e0:9a:85:0d:65:e9:85:cd:c1:4b:fb:dd:1a:
         1f:82:37:5f:a4:5d:b5:b4:d4:aa:ef:8e:58:46:c0:64:bb:61:
         c1:b6:cb:a5:90:e8:75:a4:12:6a:75:94:0b:6c:61:3a:62:5c:
         85:12:8f:a5:af:0c:fe:56:20:5f:04:ec:e3:4c:07:56:f6:de:
         3f:75:ad:d3:5f:98:12:c9:5e:fc:41:51:ec:0d:8d:64:fb:90:
         e8:6a:ef:2f:a2:68:f4:fc:64:fc:b1:28:fd:43:9e:85:6d:f9:
         bd:24:62:05:eb:db:9e:7f:84:62:1b:1a:ca:aa:43:5f:77:da:
         05:46:f4:5f:01:fa:3d:a7:a4:03:5a:24:14:af:04:1b:29:f9:
         13:3a:0f:6a:00:e7:72:b5:34:a3:b5:37:9e:ec:d0:2b:d3:5f:
         82:bc:76:c5:e5:fa:7b:75:41:06:68:03:25:a6:f2:42:3f:72:
         48:f0:30:3c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUF2wUlQ2A5hu4UXPE23vYIMg1btUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNjE2MTY0MTQyWhcNMjUwNzIxMjM1OTU5
WjB6MUkwRwYDVQQFE0A2MWFkZTNmNDI4ZmZlYjQ4NzgyZjM2ODk1ZjhhODJlMTVl
NDJiMzU3YTA4YmM1NTE4ZTAyM2ExZjkzZWQ1YzUwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDuFV9iueTvQ1Iav8yM8WdR/s9ff1Mmg6ltyKS4CtRGwbyZ
2i8JcJjv40L8eAjExCVKqMn3DFkNKcGc++HTAX0AWfyYuHwzVJKvQJkqDDDwTIDV
Qe/fRuBBgsZaptUzO+bcyhzxwB8/bkH8wPDSqUjN4kYJ5el/aJgJY6MQcOTzAsRX
hQdsY1gwKCHxho3MGcpZbavcTjVtHb2XB+VZG+yigO0uPQs/esH1T4KreYRwaxiQ
E8ikUoTozHcStROl5K+KqQ84swRCxQuSNk0rBnmZOvBwayZrMg8c26+t+OlyC5Ny
wzB1Vb0Cfi/auD1LJRkR0fwfIvy/nxAn0E1mHrx9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUD4ChOL7/SHqf0/izajN67PFGFtcwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2VjYTM2MzczLTJjMmItNDgxMC1iMGM1LWM1MzBmOWFmZWQzMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAPsVgwDQYJKoZIhvcNAQELBQADggEBAGUdYqwZ+OGlBogbzxL69Y+Jhnz/
R25x/qOZdXLiMsVIi53eRY+ID8835/PPAEe4sdRRLCcihq0mP65iNxfTmI9X+8qg
M01CUYdPOgMv4JqFDWXphc3BS/vdGh+CN1+kXbW01KrvjlhGwGS7YcG2y6WQ6HWk
Emp1lAtsYTpiXIUSj6WvDP5WIF8E7ONMB1b23j91rdNfmBLJXvxBUewNjWT7kOhq
7y+iaPT8ZPyxKP1DnoVt+b0kYgXr255/hGIbGsqqQ1932gVG9F8B+j2npANaJBSv
BBsp+RM6D2oA53K1NKO1N57s0CvTX4K8dsXl+nt1QQZoAyWm8kI/ckjwMDw=
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:21:36 2025 by rpki-client