Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/12e6bfb0-af47-4d54-aa49-53daf69805e9.roa
File:                     12e6bfb0-af47-4d54-aa49-53daf69805e9.roa (raw, json)
Hash identifier:          iSp9kMuL5xqDj6WuIcnJRSAnE+yThkgJxfYIMNQPfjA=
Subject key identifier:   CE:EE:14:B2:90:AC:36:47:9D:FB:79:DA:1E:92:19:E2:BF:B3:C9:2B
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       75B0DCAC985324FC17F44F0ADF9E99F2E6DD8AE3
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/12e6bfb0-af47-4d54-aa49-53daf69805e9.roa
Signing time:             Wed 24 Sep 2025 21:23:54 +0000
ROA not before:           Wed 24 Sep 2025 21:23:54 +0000
ROA not after:            Wed 29 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.64.99.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:b0:dc:ac:98:53:24:fc:17:f4:4f:0a:df:9e:99:f2:e6:dd:8a:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 24 21:23:54 2025 GMT
            Not After : Oct 29 23:59:59 2025 GMT
        Subject: serialNumber=dc51105bc562b62c24cfa14d27a72117d095f05a2107d62693f6536983058114, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:a3:63:f5:72:87:d4:4c:9d:2a:aa:72:a8:3f:
                    d9:c7:38:09:d3:ce:87:ce:11:48:a3:74:58:73:e1:
                    42:ce:07:98:d8:16:c6:23:d0:5b:88:ca:9f:db:2d:
                    c9:40:2f:8b:08:e1:66:8a:93:63:cb:dd:30:d6:5c:
                    03:ef:c8:ed:5b:ec:1b:b4:97:d8:7c:b2:b2:c0:ed:
                    bc:87:e7:f9:2f:e7:b7:d2:19:fa:01:33:7c:57:2d:
                    87:7b:53:d9:f0:45:85:42:37:37:75:2f:fe:54:a6:
                    b5:5b:50:c4:6c:9b:85:8c:2e:9d:78:41:45:d6:77:
                    93:74:2b:6b:e1:cb:79:f6:08:b0:a7:7a:d1:1f:5a:
                    2d:4d:e3:08:66:5c:3c:e9:cc:c0:95:35:c4:5f:c8:
                    05:9b:26:54:62:2d:11:2a:f7:55:31:9b:71:63:2e:
                    eb:89:d1:8a:1a:7e:d9:6f:85:ed:17:9d:74:90:c9:
                    a5:dc:c4:b6:2d:a1:91:59:7d:7f:fa:40:8d:6a:80:
                    a9:19:eb:9c:b1:2c:17:dd:c9:ed:1f:ae:90:de:53:
                    37:86:a0:03:65:71:dc:d0:b9:5c:98:90:1e:72:32:
                    49:09:f4:1a:09:54:ab:56:d9:2a:22:7f:03:54:76:
                    60:f9:05:cc:ee:ef:78:63:cd:54:bd:63:eb:1e:3c:
                    84:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:EE:14:B2:90:AC:36:47:9D:FB:79:DA:1E:92:19:E2:BF:B3:C9:2B
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/12e6bfb0-af47-4d54-aa49-53daf69805e9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.64.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:51:74:e6:49:25:5d:ae:14:ce:a3:dd:71:d1:7d:cf:dd:6c:
         fb:8f:c9:4b:27:df:c2:97:38:45:96:1f:8f:f4:d6:8b:cb:b1:
         13:0e:81:8b:bb:b6:08:04:f3:3a:4e:11:96:01:f7:1b:8a:8d:
         c7:6b:55:bc:ce:72:e1:63:71:be:9f:95:9b:5e:9b:28:e3:82:
         62:a9:00:6d:28:2a:29:db:78:98:c1:8e:ff:d0:2f:7c:61:b2:
         b0:34:36:e8:74:67:3f:c5:e1:62:a0:b3:ac:c0:08:34:21:b9:
         b6:ec:a7:b2:07:fd:68:74:e5:37:bc:da:74:da:7b:c3:38:7c:
         82:cf:18:9d:14:aa:a5:97:28:a0:ef:02:fb:d3:93:ab:4f:88:
         13:42:6c:dd:e1:b9:2e:35:62:c1:30:27:d6:a0:1f:78:37:b9:
         49:05:ff:c7:35:48:6b:c3:a4:bc:42:e6:40:60:d6:2c:1c:90:
         06:e0:02:bd:ba:ad:41:38:b2:07:a6:3b:12:85:bf:c3:d8:36:
         e5:67:20:86:21:9a:72:e7:10:a2:dc:92:0b:77:82:6a:a8:80:
         40:ec:e2:ec:3d:2b:18:31:00:8b:e3:46:d7:f9:28:c8:da:9a:
         5a:64:fc:99:1c:bd:f1:aa:bd:4a:0f:b5:06:dd:06:c5:b9:7f:
         5f:07:7f:87
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdbDcrJhTJPwX9E8K356Z8ubdiuMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI0MjEyMzU0WhcNMjUxMDI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BkYzUxMTA1YmM1NjJiNjJjMjRjZmExNGQyN2E3MjExN2Qw
OTVmMDVhMjEwN2Q2MjY5M2Y2NTM2OTgzMDU4MTE0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClo2P1cofUTJ0qqnKoP9nHOAnTzofOEUijdFhz4ULOB5jY
FsYj0FuIyp/bLclAL4sI4WaKk2PL3TDWXAPvyO1b7Bu0l9h8srLA7byH5/kv57fS
GfoBM3xXLYd7U9nwRYVCNzd1L/5UprVbUMRsm4WMLp14QUXWd5N0K2vhy3n2CLCn
etEfWi1N4whmXDzpzMCVNcRfyAWbJlRiLREq91Uxm3FjLuuJ0Yoaftlvhe0XnXSQ
yaXcxLYtoZFZfX/6QI1qgKkZ65yxLBfdye0frpDeUzeGoANlcdzQuVyYkB5yMkkJ
9BoJVKtW2SoifwNUdmD5Bczu73hjzVS9Y+sePISJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUzu4UspCsNked+3naHpIZ4r+zySswHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzEyZTZiZmIwLWFmNDctNGQ1NC1hYTQ5LTUzZGFmNjk4MDVlOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAASQGMwDQYJKoZIhvcNAQELBQADggEBAHZRdOZJJV2uFM6j3XHRfc/dbPuP
yUsn38KXOEWWH4/01ovLsRMOgYu7tggE8zpOEZYB9xuKjcdrVbzOcuFjcb6flZte
myjjgmKpAG0oKinbeJjBjv/QL3xhsrA0Nuh0Zz/F4WKgs6zACDQhubbsp7IH/Wh0
5Te82nTae8M4fILPGJ0UqqWXKKDvAvvTk6tPiBNCbN3huS41YsEwJ9agH3g3uUkF
/8c1SGvDpLxC5kBg1iwckAbgAr26rUE4sgemOxKFv8PYNuVnIIYhmnLnEKLckgt3
gmqogEDs4uw9KxgxAIvjRtf5KMjamlpk/JkcvfGqvUoPtQbdBsW5f18Hf4c=
-----END CERTIFICATE-----
Generated at Fri Oct 17 22:18:50 2025 by rpki-client