Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/223e3fd9-a465-476d-be5e-f4b854af3f3c.roa
File:                     223e3fd9-a465-476d-be5e-f4b854af3f3c.roa (raw, json)
Hash identifier:          HloMR/w+FsDs9aGsPiooiq9IXuGA1T0r7gva85wBgF4=
Subject key identifier:   23:25:85:0A:FA:84:F8:55:3F:CC:53:55:C4:EF:C7:24:3F:BA:BC:2D
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       3DD29811187E3306ECCF2945A5F14C9861301F70
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/223e3fd9-a465-476d-be5e-f4b854af3f3c.roa
Signing time:             Tue 23 Sep 2025 00:09:15 +0000
ROA not before:           Tue 23 Sep 2025 00:09:15 +0000
ROA not after:            Tue 28 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.85.30.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:d2:98:11:18:7e:33:06:ec:cf:29:45:a5:f1:4c:98:61:30:1f:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 23 00:09:15 2025 GMT
            Not After : Oct 28 23:59:59 2025 GMT
        Subject: serialNumber=0688add1dc7c9e8dd66b7834ba6954acf676d274d6a1ea8165a09a8098d07528, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:94:3f:34:ca:4d:66:1a:30:11:c4:6b:8c:56:
                    98:56:7b:b1:06:7a:4f:83:02:87:8d:2b:3f:de:54:
                    f8:85:8b:fb:53:2c:ce:1d:2a:ff:a6:a3:f1:a5:f0:
                    2c:e7:a3:d4:cd:33:43:f7:84:0c:0e:7f:c2:6d:48:
                    6e:66:4b:da:b1:a6:8c:48:83:72:e8:b3:28:c9:69:
                    51:97:d9:3e:1d:dd:90:85:13:6a:41:12:10:40:a3:
                    b7:81:4e:77:2f:94:85:ba:46:65:41:b9:82:d8:97:
                    5b:65:76:a4:a6:51:14:b2:21:40:05:a9:bc:ff:07:
                    bd:d1:82:1f:90:65:9e:c5:4e:a1:10:4c:70:bc:cd:
                    90:66:42:63:8a:5d:0e:a6:80:37:d0:f5:0d:0e:dc:
                    9c:68:da:a7:06:0d:86:f2:52:93:e1:f0:e6:47:71:
                    a4:a9:c2:5a:a9:e1:0e:9f:ec:1b:dc:69:dd:d8:c4:
                    af:54:79:14:64:8a:45:a7:68:da:f9:a1:ed:68:3d:
                    3f:3e:0e:24:17:d0:b8:0e:da:0c:85:2c:a1:35:c1:
                    3f:8c:04:15:df:f6:3b:51:b6:18:8f:2e:6e:20:4f:
                    ee:4e:28:1f:c4:4b:03:da:e4:16:68:23:79:12:46:
                    86:24:62:e0:b4:11:c6:c9:2f:2d:fb:ad:49:a8:e1:
                    ec:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:25:85:0A:FA:84:F8:55:3F:CC:53:55:C4:EF:C7:24:3F:BA:BC:2D
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/223e3fd9-a465-476d-be5e-f4b854af3f3c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.85.30.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:8a:6d:e1:03:7c:44:09:7a:a6:a3:ba:16:30:50:d0:5b:53:
         fa:0c:2a:14:ef:43:7a:1d:87:04:4c:1e:91:c8:ec:59:90:32:
         1c:e2:e1:ae:28:4b:29:2f:08:32:a8:56:e7:85:1b:9f:a3:ca:
         a1:5c:ff:a0:2c:46:d0:0a:c3:c3:e5:21:ae:4d:db:73:e1:10:
         71:a0:a6:d0:7c:5b:c9:cb:12:21:62:e0:d7:95:df:2c:6a:c6:
         e8:51:70:69:8f:5b:5e:c0:bf:91:8c:70:95:fa:d3:c1:b1:9b:
         87:75:ec:ee:1e:c0:f9:62:c4:9d:bb:78:57:3e:68:f3:f2:6e:
         50:98:7c:86:6f:0c:40:f3:58:ef:d8:32:da:c1:c7:fe:e5:0a:
         1c:7d:83:7d:be:77:cc:4d:54:cf:20:31:0c:39:aa:e4:6b:00:
         1b:c0:59:c9:50:ea:ba:64:60:42:76:8c:4e:b1:f2:dd:a6:2c:
         f3:6b:98:ed:f8:c4:67:cc:fb:01:19:1e:8d:4e:8d:04:ea:4d:
         9e:23:cf:30:a2:68:30:44:4e:46:76:de:6c:be:c3:cd:42:15:
         a8:26:61:25:fb:28:70:64:62:e7:6e:4a:5d:86:82:69:2a:b2:
         52:af:d7:d2:65:24:0c:a7:53:e0:5a:85:e1:1f:84:24:5a:6b:
         5a:79:66:8b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPdKYERh+MwbszylFpfFMmGEwH3AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTIzMDAwOTE1WhcNMjUxMDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNjg4YWRkMWRjN2M5ZThkZDY2Yjc4MzRiYTY5NTRhY2Y2
NzZkMjc0ZDZhMWVhODE2NWEwOWE4MDk4ZDA3NTI4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCYlD80yk1mGjARxGuMVphWe7EGek+DAoeNKz/eVPiFi/tT
LM4dKv+mo/Gl8Czno9TNM0P3hAwOf8JtSG5mS9qxpoxIg3LosyjJaVGX2T4d3ZCF
E2pBEhBAo7eBTncvlIW6RmVBuYLYl1tldqSmURSyIUAFqbz/B73Rgh+QZZ7FTqEQ
THC8zZBmQmOKXQ6mgDfQ9Q0O3Jxo2qcGDYbyUpPh8OZHcaSpwlqp4Q6f7Bvcad3Y
xK9UeRRkikWnaNr5oe1oPT8+DiQX0LgO2gyFLKE1wT+MBBXf9jtRthiPLm4gT+5O
KB/ESwPa5BZoI3kSRoYkYuC0EcbJLy37rUmo4exDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUIyWFCvqE+FU/zFNVxO/HJD+6vC0wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzIyM2UzZmQ5LWE0NjUtNDc2ZC1iZTVlLWY0Yjg1NGFmM2YzYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA0VR4wDQYJKoZIhvcNAQELBQADggEBAFOKbeEDfEQJeqajuhYwUNBbU/oM
KhTvQ3odhwRMHpHI7FmQMhzi4a4oSykvCDKoVueFG5+jyqFc/6AsRtAKw8PlIa5N
23PhEHGgptB8W8nLEiFi4NeV3yxqxuhRcGmPW17Av5GMcJX608Gxm4d17O4ewPli
xJ27eFc+aPPyblCYfIZvDEDzWO/YMtrBx/7lChx9g32+d8xNVM8gMQw5quRrABvA
WclQ6rpkYEJ2jE6x8t2mLPNrmO34xGfM+wEZHo1OjQTqTZ4jzzCiaDBETkZ23my+
w81CFagmYSX7KHBkYuduSl2GgmkqslKv19JlJAynU+BaheEfhCRaa1p5Zos=
-----END CERTIFICATE-----
Generated at Sat Oct 18 02:14:15 2025 by rpki-client