Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/146eed79-5c64-4d12-bc84-f8517fe6e192.roa
File:                     146eed79-5c64-4d12-bc84-f8517fe6e192.roa (raw, json)
Hash identifier:          DRNIIE3gsGGYBdxsVU6wJ5lOmXmR00Z3y4u3pR+tfQU=
Subject key identifier:   2B:47:E3:C9:E1:F2:44:66:7D:39:B4:50:8C:F4:86:E0:89:8D:C6:19
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5A1847C7065DD66281739CAF1B84C5C8D1C6EE47
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/146eed79-5c64-4d12-bc84-f8517fe6e192.roa
Signing time:             Fri 19 Sep 2025 00:10:24 +0000
ROA not before:           Fri 19 Sep 2025 00:10:24 +0000
ROA not after:            Fri 24 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.158.97.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 21 Sep 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:18:47:c7:06:5d:d6:62:81:73:9c:af:1b:84:c5:c8:d1:c6:ee:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 19 00:10:24 2025 GMT
            Not After : Oct 24 23:59:59 2025 GMT
        Subject: serialNumber=008b79d1d77640eb151ff2315104657063b4af402058646e698c090134c73df7, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:b6:22:92:f2:1d:a1:16:e4:8b:d6:5f:ad:4b:
                    cc:d0:47:05:0d:2f:42:1c:26:73:26:22:2c:3f:93:
                    3c:15:9c:35:35:30:62:5f:4c:17:83:a1:f1:2c:a0:
                    03:be:71:ae:d0:f0:7a:44:bf:71:14:d3:58:1d:cc:
                    d4:e0:03:15:2a:fd:87:55:ab:08:4f:89:96:98:73:
                    d0:14:04:9f:5b:3b:2c:87:e1:3a:6a:76:44:f3:35:
                    22:23:dd:fd:b2:7f:28:ee:14:bc:2b:78:50:5d:41:
                    d4:fb:5a:91:ca:93:28:48:34:0d:db:09:3a:68:5a:
                    c2:cf:be:31:39:38:2f:87:74:db:c3:24:39:0a:8b:
                    bb:6b:ff:27:bf:8e:04:0d:c3:f8:12:78:c3:14:9c:
                    cc:8d:26:c5:d4:ce:15:a5:ee:b9:41:bd:13:aa:49:
                    25:95:ae:d5:ea:31:ed:d7:49:6b:24:dd:06:91:d6:
                    01:53:9f:5a:05:c0:31:7a:6c:21:07:73:b2:6a:43:
                    b4:0a:5d:33:a0:46:7e:20:40:60:3a:a0:04:a8:c5:
                    64:84:d5:29:13:63:f1:e3:3e:bf:c6:6f:14:f3:e8:
                    98:22:85:cb:cf:71:50:02:29:60:2c:fc:11:04:46:
                    d7:4c:9f:7c:a2:7f:b1:0c:58:d1:a2:46:df:0b:d2:
                    d9:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:47:E3:C9:E1:F2:44:66:7D:39:B4:50:8C:F4:86:E0:89:8D:C6:19
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/146eed79-5c64-4d12-bc84-f8517fe6e192.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.158.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:1a:8c:18:23:93:17:ab:91:25:36:1e:9b:dd:2b:8d:e4:5a:
         2b:b8:0c:ac:0a:ff:88:2a:af:59:09:a9:4f:d7:27:b0:20:99:
         81:10:c8:18:c9:f9:6e:84:44:49:a1:4e:c4:fe:1b:7b:3d:91:
         50:44:57:be:ba:82:91:50:d3:aa:15:ba:83:b9:ee:f2:ae:15:
         8d:b5:9f:71:4c:60:0d:66:cb:d8:24:80:97:ce:3a:9e:34:fb:
         03:db:96:d2:88:6b:79:06:5f:10:4f:af:61:cb:fc:d0:16:c3:
         64:54:80:e3:a2:43:c6:c1:fd:f1:b6:a4:29:16:13:21:f5:0c:
         f8:d0:77:0c:19:fb:2d:d6:b6:6d:67:60:63:f9:65:1b:84:f2:
         c4:31:47:c5:d6:3f:dc:4a:99:eb:f2:b3:e6:cc:2e:ac:9f:bf:
         22:04:09:c7:7d:75:ba:0f:e0:2e:f6:f7:8f:7f:e2:24:31:13:
         81:40:51:92:6d:11:26:70:27:6a:fa:45:be:3b:31:7e:66:79:
         c9:5b:5c:e6:e9:54:c1:3e:16:e1:6c:87:f3:40:8c:6b:2c:87:
         be:b4:42:3b:17:8e:43:f7:f3:e4:3d:3b:b7:ff:84:08:4e:a5:
         d9:c2:64:68:5f:00:1c:ff:4d:21:dc:48:05:7d:c0:e0:e5:ea:
         fb:96:4b:d4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWhhHxwZd1mKBc5yvG4TFyNHG7kcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTE5MDAxMDI0WhcNMjUxMDI0MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMDhiNzlkMWQ3NzY0MGViMTUxZmYyMzE1MTA0NjU3MDYz
YjRhZjQwMjA1ODY0NmU2OThjMDkwMTM0YzczZGY3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDtiKS8h2hFuSL1l+tS8zQRwUNL0IcJnMmIiw/kzwVnDU1
MGJfTBeDofEsoAO+ca7Q8HpEv3EU01gdzNTgAxUq/YdVqwhPiZaYc9AUBJ9bOyyH
4TpqdkTzNSIj3f2yfyjuFLwreFBdQdT7WpHKkyhINA3bCTpoWsLPvjE5OC+HdNvD
JDkKi7tr/ye/jgQNw/gSeMMUnMyNJsXUzhWl7rlBvROqSSWVrtXqMe3XSWsk3QaR
1gFTn1oFwDF6bCEHc7JqQ7QKXTOgRn4gQGA6oASoxWSE1SkTY/HjPr/GbxTz6Jgi
hcvPcVACKWAs/BEERtdMn3yif7EMWNGiRt8L0tkpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUK0fjyeHyRGZ9ObRQjPSG4ImNxhkwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzE0NmVlZDc5LTVjNjQtNGQxMi1iYzg0LWY4NTE3ZmU2ZTE5Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAPnmEwDQYJKoZIhvcNAQELBQADggEBAAAajBgjkxerkSU2HpvdK43kWiu4
DKwK/4gqr1kJqU/XJ7AgmYEQyBjJ+W6EREmhTsT+G3s9kVBEV766gpFQ06oVuoO5
7vKuFY21n3FMYA1my9gkgJfOOp40+wPbltKIa3kGXxBPr2HL/NAWw2RUgOOiQ8bB
/fG2pCkWEyH1DPjQdwwZ+y3Wtm1nYGP5ZRuE8sQxR8XWP9xKmevys+bMLqyfvyIE
Ccd9dboP4C72949/4iQxE4FAUZJtESZwJ2r6Rb47MX5meclbXObpVME+FuFsh/NA
jGssh760QjsXjkP38+Q9O7f/hAhOpdnCZGhfABz/TSHcSAV9wODl6vuWS9Q=
-----END CERTIFICATE-----
Generated at Fri Sep 19 09:37:22 2025 by rpki-client