Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/649f2979-0d30-4d68-9a9a-fc3bc8451042.roa
File:                     649f2979-0d30-4d68-9a9a-fc3bc8451042.roa (raw, json)
Hash identifier:          Hj8Sal8G+tM4LQ/OqDkMaH8Uf5s4Nq0sQDpV/Kjd600=
Subject key identifier:   27:17:92:0E:3A:DB:32:BD:EE:0B:D6:85:9E:42:15:9E:5E:24:3D:16
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5E0E2B02EE465AD0F27088E6D492090EBFEB64F6
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/649f2979-0d30-4d68-9a9a-fc3bc8451042.roa
Signing time:             Fri 19 Sep 2025 00:40:38 +0000
ROA not before:           Fri 19 Sep 2025 00:40:38 +0000
ROA not after:            Fri 24 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.68.90.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 21 Sep 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:0e:2b:02:ee:46:5a:d0:f2:70:88:e6:d4:92:09:0e:bf:eb:64:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 19 00:40:38 2025 GMT
            Not After : Oct 24 23:59:59 2025 GMT
        Subject: serialNumber=9f9614b7668d217e253a588f56af46abd33885c9e29f9d9fc3bd53a497ebddd7, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:36:80:bd:8f:62:f9:0b:d1:bc:15:ab:39:eb:
                    2c:d7:1f:92:21:e8:9e:ba:14:23:a5:57:0c:0c:e0:
                    00:56:55:64:b4:3e:b9:5c:fc:7a:a9:ea:4d:19:27:
                    82:ba:79:cc:0b:2f:0b:43:ff:84:9e:89:e9:93:67:
                    df:7d:24:98:09:ce:70:30:30:56:d7:c2:f2:7a:da:
                    f0:b5:34:e1:2a:68:0c:44:d2:31:c9:87:24:6b:c5:
                    28:7b:19:ad:7b:11:a9:9e:bc:8e:4b:70:ab:ee:60:
                    86:37:82:d1:95:95:90:b1:c7:d4:bd:da:b2:35:be:
                    6d:d4:c1:89:03:0c:c2:e5:67:b3:2f:89:d0:24:ad:
                    65:30:00:9c:2b:07:f8:8e:d7:23:3a:88:41:f4:c8:
                    a1:50:2f:01:89:47:c2:d7:88:6d:86:9c:c2:bf:97:
                    ad:71:7a:3d:83:cb:e4:98:a5:5d:e8:bc:d0:96:3a:
                    99:c1:a2:52:a5:e7:fb:ad:ed:6b:dc:ff:e4:a2:43:
                    11:17:de:0a:98:28:6f:a5:d6:dd:08:41:fe:ee:f7:
                    c1:a6:c5:78:61:84:1f:60:b4:27:0a:6e:b6:5a:8d:
                    ee:e1:0e:59:24:af:74:db:8b:10:9d:50:18:37:1b:
                    05:c3:6d:67:eb:d7:34:78:e5:d0:ed:99:4e:cd:df:
                    e0:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:17:92:0E:3A:DB:32:BD:EE:0B:D6:85:9E:42:15:9E:5E:24:3D:16
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/649f2979-0d30-4d68-9a9a-fc3bc8451042.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.68.90.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:65:86:c4:06:d0:52:81:3f:73:f1:ca:67:63:cc:eb:ef:fb:
         f2:58:8f:7f:02:f6:dd:3b:bc:2c:81:e1:a5:f5:c9:f6:78:c7:
         43:e6:a8:b7:40:f8:35:20:77:5a:91:92:98:37:46:5f:e0:80:
         3b:e0:24:c2:63:44:f4:02:c5:8f:67:02:90:9b:21:06:f2:98:
         d1:7b:2f:5f:90:c1:2a:6a:a4:c0:60:98:74:02:6f:9b:fc:ed:
         2d:6c:b8:4b:ec:23:8b:94:7a:c0:00:d7:01:b3:98:94:84:f7:
         36:34:89:e8:87:9a:c7:27:58:81:09:fb:d5:e0:89:88:98:69:
         e5:1e:ec:11:4e:95:91:8c:d1:89:e6:a4:0a:cc:ef:07:f6:d3:
         d7:ef:ad:39:87:47:8b:c0:0c:ec:a4:7a:e6:78:65:1e:84:82:
         2d:7b:d8:2a:e0:83:ab:aa:aa:ff:13:7e:82:e1:dc:1b:26:1f:
         e6:1f:36:90:84:fc:54:81:2a:55:ec:43:07:31:be:78:fa:58:
         2c:10:e9:44:48:66:dc:23:83:04:10:86:49:66:c2:93:76:c7:
         4b:0a:9f:33:a1:b0:c8:98:56:1f:b6:0b:ab:73:39:bf:49:e9:
         19:bd:16:e7:52:8f:78:4c:a1:a9:28:b8:c1:ae:c4:5c:22:71:
         2c:be:a4:6b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXg4rAu5GWtDycIjm1JIJDr/rZPYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTE5MDA0MDM4WhcNMjUxMDI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A5Zjk2MTRiNzY2OGQyMTdlMjUzYTU4OGY1NmFmNDZhYmQz
Mzg4NWM5ZTI5ZjlkOWZjM2JkNTNhNDk3ZWJkZGQ3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqNoC9j2L5C9G8Fas56yzXH5Ih6J66FCOlVwwM4ABWVWS0
Prlc/Hqp6k0ZJ4K6ecwLLwtD/4SeiemTZ999JJgJznAwMFbXwvJ62vC1NOEqaAxE
0jHJhyRrxSh7Ga17EamevI5LcKvuYIY3gtGVlZCxx9S92rI1vm3UwYkDDMLlZ7Mv
idAkrWUwAJwrB/iO1yM6iEH0yKFQLwGJR8LXiG2GnMK/l61xej2Dy+SYpV3ovNCW
OpnBolKl5/ut7Wvc/+SiQxEX3gqYKG+l1t0IQf7u98GmxXhhhB9gtCcKbrZaje7h
Dlkkr3TbixCdUBg3GwXDbWfr1zR45dDtmU7N3+AhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUJxeSDjrbMr3uC9aFnkIVnl4kPRYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzY0OWYyOTc5LTBkMzAtNGQ2OC05YTlhLWZjM2JjODQ1MTA0Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAASRFowDQYJKoZIhvcNAQELBQADggEBAFZlhsQG0FKBP3PxymdjzOvv+/JY
j38C9t07vCyB4aX1yfZ4x0PmqLdA+DUgd1qRkpg3Rl/ggDvgJMJjRPQCxY9nApCb
IQbymNF7L1+QwSpqpMBgmHQCb5v87S1suEvsI4uUesAA1wGzmJSE9zY0ieiHmscn
WIEJ+9XgiYiYaeUe7BFOlZGM0YnmpArM7wf209fvrTmHR4vADOykeuZ4ZR6Egi17
2Crgg6uqqv8TfoLh3BsmH+YfNpCE/FSBKlXsQwcxvnj6WCwQ6URIZtwjgwQQhklm
wpN2x0sKnzOhsMiYVh+2C6tzOb9J6Rm9FudSj3hMoakouMGuxFwicSy+pGs=
-----END CERTIFICATE-----
Generated at Fri Sep 19 06:04:05 2025 by rpki-client