Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0cc0188b-c73d-4012-97cb-683c9d07c483.roa
File:                     0cc0188b-c73d-4012-97cb-683c9d07c483.roa (raw, json)
Hash identifier:          bBNri912HgMzl+4TAWk3gPPSashUPd3vLQgbkloukOQ=
Subject key identifier:   15:06:56:52:28:08:21:12:99:63:28:F8:B1:4A:EE:8A:74:84:B9:2E
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7CEAA7D311D8B0A48BCBA007781E655DE58369D5
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0cc0188b-c73d-4012-97cb-683c9d07c483.roa
Signing time:             Wed 24 Sep 2025 22:09:52 +0000
ROA not before:           Wed 24 Sep 2025 22:09:52 +0000
ROA not after:            Wed 29 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.67.60.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:ea:a7:d3:11:d8:b0:a4:8b:cb:a0:07:78:1e:65:5d:e5:83:69:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 24 22:09:52 2025 GMT
            Not After : Oct 29 23:59:59 2025 GMT
        Subject: serialNumber=dc1723b84d62679b8be8764334c2cd9da75a4264d21ff4ceff6c58aaa19dbd86, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:f0:f9:ce:67:3e:c3:cd:d2:be:d6:0a:92:97:
                    b0:02:26:6a:cf:d7:f1:a4:0d:83:7d:48:04:e6:51:
                    c2:3b:2f:f5:47:79:1c:85:34:a6:1d:53:69:ec:de:
                    f5:10:94:8e:26:70:e9:40:8c:bf:51:17:2d:ee:c3:
                    d0:a1:3d:bf:39:12:4a:92:72:de:6e:e9:80:d0:c8:
                    c2:96:a9:f5:dc:6b:6d:34:ee:29:93:2c:8b:12:2a:
                    3f:7a:2a:b2:11:83:7a:92:09:65:63:e6:d3:92:76:
                    07:c7:c6:f6:23:6d:d4:96:ab:72:c7:02:fc:fb:61:
                    42:26:de:20:0b:91:30:15:a0:f4:63:9d:eb:db:81:
                    d6:ea:93:ae:30:9d:47:18:9a:71:f7:4f:53:28:35:
                    a8:1c:c1:0b:65:ee:ed:f8:23:92:13:7a:1e:ac:11:
                    c1:1e:d0:68:ae:53:26:35:55:a5:10:26:f8:bf:85:
                    f2:33:52:af:d6:6c:6a:92:af:9e:78:09:cc:fd:32:
                    4e:ca:19:cd:1c:45:2d:a7:f0:1c:51:00:71:9d:3f:
                    68:88:1e:50:a3:e1:63:2d:9a:45:25:3b:f2:6a:0b:
                    bc:60:de:e6:69:4a:1e:a7:c8:92:f6:fc:75:49:41:
                    9f:6a:7d:1b:0e:da:36:7d:f4:eb:69:18:73:66:6b:
                    72:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:06:56:52:28:08:21:12:99:63:28:F8:B1:4A:EE:8A:74:84:B9:2E
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0cc0188b-c73d-4012-97cb-683c9d07c483.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.67.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:cc:74:95:c9:c6:6f:35:02:d8:fb:43:11:6d:11:2d:c3:d0:
         90:9f:c1:4f:ae:9f:1a:b6:1d:5f:0b:b2:a3:8b:36:cd:72:99:
         1a:f9:8d:b3:ef:d8:f2:0e:d8:3d:61:aa:58:ec:3e:7a:ab:eb:
         5a:fb:27:cc:1a:4b:27:25:13:db:0a:3f:0d:44:f4:91:a5:7e:
         f1:09:94:d7:93:68:a3:35:a5:8b:50:10:81:fc:96:75:de:cb:
         27:6b:25:04:96:fb:5a:ce:3d:85:78:e2:ad:41:bb:fc:55:99:
         cb:e3:3b:9c:44:a3:47:b0:92:e3:28:02:6a:3e:bf:0b:c2:fc:
         d7:f6:ee:23:44:f5:5b:8a:b6:0b:e7:51:5e:aa:d1:8c:a8:c2:
         d8:33:4c:f6:7b:1c:cd:e4:78:7d:f3:f4:be:26:63:c5:2b:2b:
         d2:5a:ca:cf:b7:07:41:76:48:6a:d7:5e:45:9f:d1:07:79:c0:
         52:eb:2a:6c:b9:0b:8c:04:48:a3:64:6f:ce:78:88:11:ba:70:
         a5:c2:70:ff:57:d9:fd:55:6b:02:a3:da:e1:a3:5d:14:be:ce:
         77:3c:63:97:98:f3:ba:70:e3:83:c4:dc:ab:0b:de:4c:d9:6c:
         ec:16:98:9c:8c:29:e7:20:ec:c1:4c:35:6a:2c:c6:de:39:2f:
         f8:9f:fb:6d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfOqn0xHYsKSLy6AHeB5lXeWDadUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI0MjIwOTUyWhcNMjUxMDI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BkYzE3MjNiODRkNjI2NzliOGJlODc2NDMzNGMyY2Q5ZGE3
NWE0MjY0ZDIxZmY0Y2VmZjZjNThhYWExOWRiZDg2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDD8PnOZz7DzdK+1gqSl7ACJmrP1/GkDYN9SATmUcI7L/VH
eRyFNKYdU2ns3vUQlI4mcOlAjL9RFy3uw9ChPb85EkqSct5u6YDQyMKWqfXca200
7imTLIsSKj96KrIRg3qSCWVj5tOSdgfHxvYjbdSWq3LHAvz7YUIm3iALkTAVoPRj
nevbgdbqk64wnUcYmnH3T1MoNagcwQtl7u34I5ITeh6sEcEe0GiuUyY1VaUQJvi/
hfIzUq/WbGqSr554Ccz9Mk7KGc0cRS2n8BxRAHGdP2iIHlCj4WMtmkUlO/JqC7xg
3uZpSh6nyJL2/HVJQZ9qfRsO2jZ99OtpGHNma3J7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUFQZWUigIIRKZYyj4sUruinSEuS4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzBjYzAxODhiLWM3M2QtNDAxMi05N2NiLTY4M2M5ZDA3YzQ4My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAASQzwwDQYJKoZIhvcNAQELBQADggEBAFDMdJXJxm81Atj7QxFtES3D0JCf
wU+unxq2HV8LsqOLNs1ymRr5jbPv2PIO2D1hqljsPnqr61r7J8waSyclE9sKPw1E
9JGlfvEJlNeTaKM1pYtQEIH8lnXeyydrJQSW+1rOPYV44q1Bu/xVmcvjO5xEo0ew
kuMoAmo+vwvC/Nf27iNE9VuKtgvnUV6q0YyowtgzTPZ7HM3keH3z9L4mY8UrK9Ja
ys+3B0F2SGrXXkWf0Qd5wFLrKmy5C4wESKNkb854iBG6cKXCcP9X2f1VawKj2uGj
XRS+znc8Y5eY87pw44PE3KsL3kzZbOwWmJyMKecg7MFMNWosxt45L/if+20=
-----END CERTIFICATE-----
Generated at Sat Oct 18 00:13:34 2025 by rpki-client