Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1dc57cf1-5299-4416-bd3e-e19246a55c3a.roa
File:                     1dc57cf1-5299-4416-bd3e-e19246a55c3a.roa (raw, json)
Hash identifier:          2PsLfwyijZazYZp8s7BCpLGyZmYhjZKL+d1e9uDVkLg=
Subject key identifier:   06:1F:74:F6:8A:28:72:AD:C9:05:FC:9A:32:70:F1:4E:DA:6C:99:D7
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       589576B2F05414F6E3FCFBF0864DA34591E471
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1dc57cf1-5299-4416-bd3e-e19246a55c3a.roa
Signing time:             Thu 25 Sep 2025 18:11:58 +0000
ROA not before:           Thu 25 Sep 2025 18:11:58 +0000
ROA not after:            Thu 30 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.165.111.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:95:76:b2:f0:54:14:f6:e3:fc:fb:f0:86:4d:a3:45:91:e4:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 25 18:11:58 2025 GMT
            Not After : Oct 30 23:59:59 2025 GMT
        Subject: serialNumber=ff8ead247a24e8a6cd3ad886294e0609046d3b10caa565b84b3317bc30735bcd, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:4a:53:11:16:6f:3d:d4:e9:e1:85:83:42:58:
                    43:fa:97:89:98:8c:85:39:84:ec:26:47:98:5b:ed:
                    8a:27:97:62:db:13:a9:86:7e:db:5b:20:56:05:39:
                    4d:f9:4d:09:7d:91:c8:f1:96:1f:19:71:e8:e1:ec:
                    21:1b:64:46:a6:66:fe:1f:18:39:44:3f:67:4f:af:
                    71:70:63:ca:cd:fc:8f:ca:82:c2:64:a4:85:0a:5c:
                    65:9b:aa:a8:a3:e0:d4:02:3c:1c:37:68:99:11:c8:
                    8f:49:68:5b:4c:16:ef:50:c9:39:37:b2:9b:56:fe:
                    1d:16:f9:f5:f8:db:e1:d0:91:08:09:10:67:d8:6e:
                    2b:3c:b4:c6:a1:a0:0c:3c:f3:f7:8e:b0:6d:89:31:
                    bc:fc:cf:9e:a9:4b:52:28:1a:b2:bf:a6:6b:aa:6c:
                    89:77:1c:0e:57:f5:ef:5a:48:b7:4b:4c:48:6d:28:
                    f2:c9:5d:d3:fe:16:71:b2:ec:d8:13:d4:82:f7:4b:
                    df:8f:56:55:9b:6e:d4:88:66:4f:c3:3b:08:fb:6c:
                    59:eb:cf:6c:81:9d:6e:2f:3b:e6:f9:21:39:d7:69:
                    01:b3:7d:e2:40:68:b3:9e:01:b1:63:ec:44:d7:af:
                    d5:13:1f:ad:58:b4:af:a4:76:0a:6f:9e:8d:9c:2c:
                    c0:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:1F:74:F6:8A:28:72:AD:C9:05:FC:9A:32:70:F1:4E:DA:6C:99:D7
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1dc57cf1-5299-4416-bd3e-e19246a55c3a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.165.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:97:eb:90:a2:2d:30:06:70:83:63:7e:77:d7:4f:6d:5c:8a:
         50:69:52:f3:2f:24:12:29:ab:d1:c2:b5:3b:0e:93:a3:fa:9c:
         ba:60:af:8a:0a:b8:67:99:9e:64:8e:ec:fa:4c:74:88:e7:1f:
         ed:70:2a:e4:39:43:37:29:20:f1:ba:96:73:a1:e1:df:64:c4:
         cd:98:34:a4:e6:73:10:43:da:31:90:1b:cb:8c:a5:0a:0c:4a:
         c4:f3:dc:64:bc:bb:a6:c5:8d:cf:05:39:db:e3:8a:47:16:15:
         63:7b:22:31:01:2b:77:5f:0f:78:13:4a:9c:ba:38:e3:36:f5:
         4d:8c:8f:1e:d4:66:71:8a:77:c2:da:90:da:0f:ae:dd:11:66:
         a2:33:ea:7e:fa:a4:e6:93:aa:8e:d2:bf:c1:1d:44:f7:c4:cb:
         3b:1a:62:ac:cd:c6:ac:15:12:b7:fd:9e:4b:bc:b1:61:89:52:
         da:e2:12:e9:ae:14:04:64:3b:a4:64:ef:3c:c9:2a:3e:d4:c9:
         b9:1f:31:b5:45:bf:b4:cb:c3:63:60:ca:63:07:f9:62:74:16:
         bd:57:d9:8f:7a:f8:ac:a2:71:47:00:f1:77:7d:39:71:96:31:
         66:1c:cc:ca:1a:82:15:2a:46:64:ee:ad:7c:25:6c:f8:eb:b7:
         63:5b:6e:b0
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITWJV2svBUFPbj/Pvwhk2jRZHkcTANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzJkZjZmM2IzYTM0YjYzODZkMWEzMmQ4ZjRmYTMxNzhlZjMx
ODg3ZDhiNDI4ZGZhYTQ3NjAeFw0yNTA5MjUxODExNThaFw0yNTEwMzAyMzU5NTla
MHoxSTBHBgNVBAUTQGZmOGVhZDI0N2EyNGU4YTZjZDNhZDg4NjI5NGUwNjA5MDQ2
ZDNiMTBjYWE1NjViODRiMzMxN2JjMzA3MzViY2QxLTArBgNVBAMTJDVmMjc2MDQ1
LTViOWYtNDVlZi05MjNkLWYzZmNlMjRhNjIyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANNKUxEWbz3U6eGFg0JYQ/qXiZiMhTmE7CZHmFvtiieXYtsT
qYZ+21sgVgU5TflNCX2RyPGWHxlx6OHsIRtkRqZm/h8YOUQ/Z0+vcXBjys38j8qC
wmSkhQpcZZuqqKPg1AI8HDdomRHIj0loW0wW71DJOTeym1b+HRb59fjb4dCRCAkQ
Z9huKzy0xqGgDDzz946wbYkxvPzPnqlLUigasr+ma6psiXccDlf171pIt0tMSG0o
8sld0/4WcbLs2BPUgvdL349WVZtu1IhmT8M7CPtsWevPbIGdbi875vkhOddpAbN9
4kBos54BsWPsRNev1RMfrVi0r6R2Cm+ejZwswNkCAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBQGH3T2iihyrckF/JoycPFO2myZ1zAfBgNVHSMEGDAWgBQlrdNCsB63pY6t
GZAmiLVLP4H0uDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzg1MWNlZjE3LTEz
MmEtNDMzNy1iN2QxLWJmMTZhNTJmZmQwMy9kZjZmM2IzYTM0YjYzODZkMWEzMmQ4
ZjRmYTMxNzhlZjMxODg3ZDhiNDI4ZGZhYTQ3Ni5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9mNzAzNjk2ZS1lNDdiLTRjMjAtYmQ5My02Zjgw
OTA0ZTQyZDIvMWRjNTdjZjEtNTI5OS00NDE2LWJkM2UtZTE5MjQ2YTU1YzNhLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMt
NmY4MDkwNGU0MmQyL3RqaHRHakxZOVBveGVPOHhpSDJMUW8zNnBIWS5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAAOlbzANBgkqhkiG9w0BAQsFAAOCAQEAD5frkKItMAZwg2N+d9dPbVyKUGlS
8y8kEimr0cK1Ow6To/qcumCvigq4Z5meZI7s+kx0iOcf7XAq5DlDNykg8bqWc6Hh
32TEzZg0pOZzEEPaMZAby4ylCgxKxPPcZLy7psWNzwU52+OKRxYVY3siMQErd18P
eBNKnLo44zb1TYyPHtRmcYp3wtqQ2g+u3RFmojPqfvqk5pOqjtK/wR1E98TLOxpi
rM3GrBUSt/2eS7yxYYlS2uIS6a4UBGQ7pGTvPMkqPtTJuR8xtUW/tMvDY2DKYwf5
YnQWvVfZj3r4rKJxRwDxd305cZYxZhzMyhqCFSpGZO6tfCVs+Ou3Y1tusA==
-----END CERTIFICATE-----
Generated at Fri Oct 17 22:17:39 2025 by rpki-client