Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/05d77566-f204-42b4-b2e2-f7a8e8157582.roa
File:                     05d77566-f204-42b4-b2e2-f7a8e8157582.roa (raw, json)
Hash identifier:          U4GnB3AkktKNmFNzzpNDI//6faJt6F69kVyTX7QGkfw=
Subject key identifier:   33:17:0C:4E:1F:A5:AA:EE:01:51:1A:45:F9:9B:13:29:6A:74:86:FF
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4F8AD56BBCF0EE231FC317C71623DF3AF0CB1ACE
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/05d77566-f204-42b4-b2e2-f7a8e8157582.roa
Signing time:             Fri 10 Oct 2025 15:09:08 +0000
ROA not before:           Fri 10 Oct 2025 15:09:08 +0000
ROA not after:            Fri 14 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.132.0.0/14 maxlen: 14
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:8a:d5:6b:bc:f0:ee:23:1f:c3:17:c7:16:23:df:3a:f0:cb:1a:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 10 15:09:08 2025 GMT
            Not After : Nov 14 23:59:59 2025 GMT
        Subject: serialNumber=0b791308f405b43c27db4dbc7ba0c23c16e23bf5345661810c27dbdc0dba7fc7, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:f4:28:e3:6a:2b:66:be:f5:77:b0:75:e4:5f:
                    26:59:23:5e:6a:90:4c:32:71:8e:c2:c5:e2:34:9c:
                    65:e3:b4:3d:c8:26:5a:79:77:9d:16:b3:b6:07:2a:
                    62:b4:89:ab:f6:8f:be:62:b9:94:5b:a1:b5:c3:3a:
                    10:fc:0e:3b:b1:ce:39:8a:5c:91:bd:c0:4b:a5:3a:
                    49:f6:b3:e5:ea:20:ee:e1:7b:7a:9f:19:bb:e3:b2:
                    28:12:88:fe:28:ac:02:84:fd:38:a8:d4:b6:91:04:
                    1f:7c:34:58:ce:d7:6a:9f:94:1b:29:ad:2e:d3:a9:
                    be:cf:9e:4b:e4:3b:2b:34:32:c8:9b:b6:43:43:3e:
                    f0:c7:9f:8a:c6:5e:6f:3b:12:d0:05:1c:40:d2:8a:
                    fb:2a:8f:13:0a:9a:9b:15:1b:99:c0:41:2b:88:63:
                    8e:88:91:45:a6:0e:0d:54:6f:7f:97:c8:4c:71:48:
                    72:1a:a4:c5:8c:a1:c8:f3:b9:b8:ee:08:1d:19:f8:
                    6d:14:67:5d:27:29:78:a3:04:5a:8b:12:ba:da:8b:
                    6e:5f:ae:b1:55:d9:95:2a:e9:f0:85:fd:28:ec:fc:
                    4d:f2:5c:af:d7:a9:39:38:98:08:43:0b:b4:e8:e3:
                    59:e1:46:e7:f3:38:ac:f6:48:22:6b:96:4f:49:5f:
                    1c:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:17:0C:4E:1F:A5:AA:EE:01:51:1A:45:F9:9B:13:29:6A:74:86:FF
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/05d77566-f204-42b4-b2e2-f7a8e8157582.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.132.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         00:6c:e5:09:39:ce:b2:e9:35:79:30:3d:98:eb:58:e9:1c:20:
         9b:89:77:20:26:0d:58:98:3a:a3:46:8f:a6:0f:93:2d:da:5f:
         1f:fb:70:95:93:89:9c:6a:c3:81:f2:2d:3b:69:c2:8a:f4:63:
         de:b7:79:2d:14:25:24:e1:9c:44:be:a1:c9:c0:b9:30:07:c7:
         af:73:3c:d7:78:72:13:fe:cc:8f:6b:6d:ca:38:16:4e:2b:c6:
         ed:d1:dd:b9:98:4a:0c:15:e0:a4:5e:6f:4d:1b:0d:1c:55:85:
         35:91:c3:b7:88:f3:37:3a:75:26:e6:77:cc:99:b4:dc:17:a6:
         30:f2:ce:45:e6:d1:b5:8d:db:65:d5:0b:8a:9e:c2:eb:e2:ad:
         d8:50:54:ac:f5:ee:34:9a:02:e6:2e:88:b5:89:85:f7:dc:e0:
         95:e3:00:6e:aa:d1:25:1c:e3:ad:3d:e8:59:55:01:da:13:6b:
         81:3f:37:4a:ac:13:76:4c:03:5f:85:df:2d:fa:89:f7:83:47:
         d1:95:48:61:35:3e:49:73:eb:9b:7d:c7:22:65:f2:06:ad:e8:
         3a:0e:5f:3b:57:0a:11:be:e3:23:91:7b:c3:e8:93:ab:32:ac:
         7a:33:71:11:5a:ec:07:10:a0:49:be:a8:34:c1:23:9a:0b:f2:
         b1:f2:a7:a9
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUT4rVa7zw7iMfwxfHFiPfOvDLGs4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDEwMTUwOTA4WhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AwYjc5MTMwOGY0MDViNDNjMjdkYjRkYmM3YmEwYzIzYzE2
ZTIzYmY1MzQ1NjYxODEwYzI3ZGJkYzBkYmE3ZmM3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCb9CjjaitmvvV3sHXkXyZZI15qkEwycY7CxeI0nGXjtD3I
Jlp5d50Ws7YHKmK0iav2j75iuZRbobXDOhD8DjuxzjmKXJG9wEulOkn2s+XqIO7h
e3qfGbvjsigSiP4orAKE/Tio1LaRBB98NFjO12qflBsprS7Tqb7PnkvkOys0Msib
tkNDPvDHn4rGXm87EtAFHEDSivsqjxMKmpsVG5nAQSuIY46IkUWmDg1Ub3+XyExx
SHIapMWMocjzubjuCB0Z+G0UZ10nKXijBFqLErrai25frrFV2ZUq6fCF/Sjs/E3y
XK/XqTk4mAhDC7To41nhRufzOKz2SCJrlk9JXxx5AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUMxcMTh+lqu4BURpF+ZsTKWp0hv8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzA1ZDc3NTY2LWYyMDQtNDJiNC1iMmUyLWY3YThlODE1NzU4Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwIDhDANBgkqhkiG9w0BAQsFAAOCAQEAAGzlCTnOsuk1eTA9mOtY6Rwgm4l3
ICYNWJg6o0aPpg+TLdpfH/twlZOJnGrDgfItO2nCivRj3rd5LRQlJOGcRL6hycC5
MAfHr3M813hyE/7Mj2ttyjgWTivG7dHduZhKDBXgpF5vTRsNHFWFNZHDt4jzNzp1
JuZ3zJm03BemMPLORebRtY3bZdULip7C6+Kt2FBUrPXuNJoC5i6ItYmF99zgleMA
bqrRJRzjrT3oWVUB2hNrgT83SqwTdkwDX4XfLfqJ94NH0ZVIYTU+SXPrm33HImXy
Bq3oOg5fO1cKEb7jI5F7w+iTqzKsejNxEVrsBxCgSb6oNMEjmgvysfKnqQ==
-----END CERTIFICATE-----
Generated at Sat Oct 18 02:41:58 2025 by rpki-client