Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0cb5656b-2458-49cf-9227-b1bc2b0bf219.roa
File:                     0cb5656b-2458-49cf-9227-b1bc2b0bf219.roa (raw, json)
Hash identifier:          t2EHmpgCiSK/Yg9wWw7GoErijOCFUwbAUTCcHQ+wD2s=
Subject key identifier:   2A:C6:41:02:67:76:B6:ED:BD:34:A0:60:32:80:87:89:E4:DF:62:6E
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4CBC7AF16C9E2158205AFA7AEEF261ECE5AD6B75
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0cb5656b-2458-49cf-9227-b1bc2b0bf219.roa
Signing time:             Fri 26 Sep 2025 02:02:11 +0000
ROA not before:           Fri 26 Sep 2025 02:02:11 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.163.160.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:bc:7a:f1:6c:9e:21:58:20:5a:fa:7a:ee:f2:61:ec:e5:ad:6b:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 26 02:02:11 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=6fd46f48d595d9a2ec3c5c8252d51e3a6bb4720aa9d563b14f47f2c961b53a4a, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:21:e8:91:9f:0b:09:4f:0d:03:39:8f:72:47:
                    55:8e:8b:d5:0b:09:71:7f:ad:61:d5:27:d1:29:55:
                    be:5c:80:9b:3a:c8:6b:de:4a:13:a0:61:5b:bc:d0:
                    fb:89:53:9b:16:26:90:ea:44:a9:72:b2:ec:c8:aa:
                    84:4f:e5:77:f4:c2:cc:60:2b:82:ae:58:b6:44:b0:
                    15:33:dd:43:63:c3:83:83:a0:45:17:d0:1c:e5:f1:
                    bb:b1:0b:66:00:52:03:f2:8c:81:65:9e:26:96:c1:
                    10:58:e8:cc:09:46:23:7a:0b:53:57:d3:cc:e5:3b:
                    1f:03:71:1a:a9:16:c1:be:69:4a:b8:36:fa:2e:01:
                    08:bf:f5:f7:b4:17:4e:18:a2:82:7c:30:20:25:82:
                    81:80:6e:fd:e3:7d:e1:11:25:e3:80:59:44:2f:9d:
                    ca:8a:cb:41:1d:70:c0:3c:88:26:1c:55:b6:4d:11:
                    db:c6:fe:13:07:90:11:88:9b:f0:c6:a3:37:b7:ad:
                    0a:dd:a9:43:75:6c:e0:e7:ac:5d:46:13:ea:47:11:
                    27:fe:46:dd:cd:af:1f:31:17:e4:be:05:5b:fd:14:
                    32:9a:7d:d0:d4:07:c7:5d:49:37:f8:bd:77:e6:35:
                    84:95:12:75:31:12:30:69:d7:9b:8d:6a:64:9b:7c:
                    6b:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:C6:41:02:67:76:B6:ED:BD:34:A0:60:32:80:87:89:E4:DF:62:6E
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0cb5656b-2458-49cf-9227-b1bc2b0bf219.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.163.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         02:a2:bb:df:59:0b:24:a4:a2:36:40:19:ad:bd:92:a6:a7:bd:
         67:65:22:d8:61:b2:2d:58:b0:21:0b:5a:33:1e:56:eb:eb:0c:
         30:e3:6d:8b:fc:c1:c9:d2:85:d4:18:c0:87:0a:96:e5:55:63:
         9d:8f:d2:2d:60:7a:2d:c4:f3:b8:96:d4:92:a3:bd:23:37:c6:
         b2:63:ab:0b:03:5c:cf:f3:58:8f:c6:ad:fa:f2:41:d7:a7:d1:
         54:59:b1:95:43:67:53:07:62:ba:a7:31:5c:e7:59:e4:3f:ee:
         19:9a:67:5d:d1:83:77:76:f1:3f:5f:79:d8:30:3d:d8:d5:fb:
         a2:8a:99:63:7c:23:17:bb:79:f8:ba:ac:a2:33:4d:c0:a4:f8:
         28:1f:a5:c9:42:7a:fb:57:9f:57:3b:82:e5:71:32:ea:c7:31:
         94:c7:27:fa:00:ef:d4:69:b0:d5:5c:d1:76:ae:f0:51:84:4f:
         ff:5e:45:28:4f:0d:9d:27:13:ed:ce:3f:96:4e:af:03:c3:9b:
         33:49:da:7c:1e:2b:fc:fc:58:60:12:83:b6:38:4d:90:4e:9b:
         fd:9f:03:a1:90:f6:f9:e2:f6:42:0c:b7:80:9c:87:8a:ca:29:
         90:0b:c2:65:06:50:23:b4:7c:72:0a:c9:31:13:23:7c:c1:d1:
         2b:42:c3:5c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTLx68WyeIVggWvp67vJh7OWta3UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI2MDIwMjExWhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A2ZmQ0NmY0OGQ1OTVkOWEyZWMzYzVjODI1MmQ1MWUzYTZi
YjQ3MjBhYTlkNTYzYjE0ZjQ3ZjJjOTYxYjUzYTRhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCoIeiRnwsJTw0DOY9yR1WOi9ULCXF/rWHVJ9EpVb5cgJs6
yGveShOgYVu80PuJU5sWJpDqRKlysuzIqoRP5Xf0wsxgK4KuWLZEsBUz3UNjw4OD
oEUX0Bzl8buxC2YAUgPyjIFlniaWwRBY6MwJRiN6C1NX08zlOx8DcRqpFsG+aUq4
NvouAQi/9fe0F04YooJ8MCAlgoGAbv3jfeERJeOAWUQvncqKy0EdcMA8iCYcVbZN
EdvG/hMHkBGIm/DGoze3rQrdqUN1bODnrF1GE+pHESf+Rt3Nrx8xF+S+BVv9FDKa
fdDUB8ddSTf4vXfmNYSVEnUxEjBp15uNamSbfGt1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUKsZBAmd2tu29NKBgMoCHieTfYm4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzBjYjU2NTZiLTI0NTgtNDljZi05MjI3LWIxYmMyYjBiZjIxOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAUDo6AwDQYJKoZIhvcNAQELBQADggEBAAKiu99ZCySkojZAGa29kqanvWdl
Ithhsi1YsCELWjMeVuvrDDDjbYv8wcnShdQYwIcKluVVY52P0i1gei3E87iW1JKj
vSM3xrJjqwsDXM/zWI/GrfryQden0VRZsZVDZ1MHYrqnMVznWeQ/7hmaZ13Rg3d2
8T9fedgwPdjV+6KKmWN8Ixe7efi6rKIzTcCk+CgfpclCevtXn1c7guVxMurHMZTH
J/oA79RpsNVc0Xau8FGET/9eRShPDZ0nE+3OP5ZOrwPDmzNJ2nweK/z8WGASg7Y4
TZBOm/2fA6GQ9vni9kIMt4Cch4rKKZALwmUGUCO0fHIKyTETI3zB0StCw1w=
-----END CERTIFICATE-----
Generated at Sat Oct 18 00:16:02 2025 by rpki-client