Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/256a2c9b-80ed-4f8b-8c4d-4ba9c96bcccf.roa
File:                     256a2c9b-80ed-4f8b-8c4d-4ba9c96bcccf.roa (raw, json)
Hash identifier:          Evl8CkZZiWgfQG0BWihoX27/v5cTWXlXPONDATgXuv0=
Subject key identifier:   14:27:0B:FE:01:84:53:0F:61:B7:51:BB:D8:F5:FF:40:36:16:DA:45
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0D9405028DA851B405A6FB71F0021F4BE5482D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/256a2c9b-80ed-4f8b-8c4d-4ba9c96bcccf.roa
Signing time:             Wed 24 Sep 2025 19:32:52 +0000
ROA not before:           Wed 24 Sep 2025 19:32:52 +0000
ROA not after:            Wed 29 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.226.166.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:94:05:02:8d:a8:51:b4:05:a6:fb:71:f0:02:1f:4b:e5:48:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 24 19:32:52 2025 GMT
            Not After : Oct 29 23:59:59 2025 GMT
        Subject: serialNumber=c925233d664cfa4d9c15483b69fad4dffe62099ee1ea2fccbd6f359bbf3cfbc8, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:fc:14:88:a4:51:87:f9:93:a8:2d:ec:c1:c4:
                    9c:49:55:e6:d4:7a:07:5d:dd:f4:54:1e:22:96:a1:
                    c7:cc:72:a3:15:7b:9d:83:43:6e:77:0a:3f:5b:6c:
                    be:da:47:69:b6:5d:ce:6e:64:a2:b9:31:d3:5f:cd:
                    12:6e:15:27:56:5e:d6:17:38:24:ec:01:f8:11:b1:
                    d9:6b:45:11:0c:22:b8:3f:e7:f5:56:85:0a:a8:d4:
                    72:90:bd:42:bb:b6:f1:1b:d5:ec:86:c1:ff:fd:d3:
                    58:53:ad:fc:87:80:ec:0f:11:93:96:e5:2e:28:84:
                    87:30:48:4e:76:54:49:39:a3:dd:05:d8:3d:29:ef:
                    17:de:a4:1c:4b:44:dd:b4:a4:b5:88:e1:a3:e3:1b:
                    03:67:83:c5:f0:ab:fb:65:36:25:b7:86:35:ca:37:
                    50:0e:de:22:8a:e5:e0:8d:fa:8c:47:5d:56:f5:0b:
                    a5:2a:49:86:b5:18:74:02:d6:a6:19:85:ab:a7:4f:
                    22:43:8f:06:08:a6:c9:3e:18:7f:ae:8b:34:fe:b8:
                    70:de:0f:e5:f8:ae:ae:80:c2:a7:51:f4:8a:5a:7a:
                    69:0e:dc:1b:e5:07:10:c5:70:c2:6c:82:a9:73:16:
                    ba:39:14:b3:28:d3:c9:75:da:70:52:c7:be:f1:ea:
                    12:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:27:0B:FE:01:84:53:0F:61:B7:51:BB:D8:F5:FF:40:36:16:DA:45
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/256a2c9b-80ed-4f8b-8c4d-4ba9c96bcccf.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.226.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b3:0f:fe:26:cc:f1:c5:7c:84:5b:27:ad:cf:e2:a8:e1:31:94:
         98:29:57:81:ff:3a:8a:17:50:5c:e1:f5:d7:2c:3c:6b:76:25:
         d1:01:d0:a9:dc:fc:5a:94:11:a2:e2:5d:08:38:df:5d:7d:d8:
         6f:f4:7e:98:ac:39:61:d0:de:48:68:01:5e:8a:fa:a3:ff:9f:
         05:9e:e9:5b:08:b1:62:37:b5:a9:bf:57:bc:4e:25:42:1a:51:
         58:f2:d4:8c:b0:c5:46:31:5f:7b:bb:68:07:48:0c:65:5b:42:
         b9:bd:9c:26:36:0a:a7:ff:44:6d:7c:d6:7d:dc:04:96:e5:02:
         65:94:e5:61:05:56:48:5b:6f:e7:a2:d9:de:83:e9:74:e5:61:
         35:26:b7:34:e1:ac:b7:b4:5b:e7:58:1f:4a:01:09:ac:98:22:
         81:b6:62:64:03:8c:a5:b7:be:2f:33:ca:34:e0:39:b9:bd:9b:
         71:02:33:da:0f:46:98:b0:27:96:de:ea:e9:a9:e8:30:3a:cd:
         9f:88:58:16:c8:80:b9:58:2d:e5:a6:f4:cb:30:4d:34:ed:b2:
         aa:63:74:18:ab:7c:41:5d:97:8c:14:19:af:be:cf:7a:95:49:
         e9:81:bc:fe:cb:4b:71:c1:89:19:6d:65:bc:2a:ed:3a:9d:61:
         07:01:1f:b0
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITDZQFAo2oUbQFpvtx8AIfS+VILTANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzJkZjZmM2IzYTM0YjYzODZkMWEzMmQ4ZjRmYTMxNzhlZjMx
ODg3ZDhiNDI4ZGZhYTQ3NjAeFw0yNTA5MjQxOTMyNTJaFw0yNTEwMjkyMzU5NTla
MHoxSTBHBgNVBAUTQGM5MjUyMzNkNjY0Y2ZhNGQ5YzE1NDgzYjY5ZmFkNGRmZmU2
MjA5OWVlMWVhMmZjY2JkNmYzNTliYmYzY2ZiYzgxLTArBgNVBAMTJDVmMjc2MDQ1
LTViOWYtNDVlZi05MjNkLWYzZmNlMjRhNjIyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL78FIikUYf5k6gt7MHEnElV5tR6B13d9FQeIpahx8xyoxV7
nYNDbncKP1tsvtpHabZdzm5korkx01/NEm4VJ1Ze1hc4JOwB+BGx2WtFEQwiuD/n
9VaFCqjUcpC9Qru28RvV7IbB//3TWFOt/IeA7A8Rk5blLiiEhzBITnZUSTmj3QXY
PSnvF96kHEtE3bSktYjho+MbA2eDxfCr+2U2JbeGNco3UA7eIorl4I36jEddVvUL
pSpJhrUYdALWphmFq6dPIkOPBgimyT4Yf66LNP64cN4P5fiuroDCp1H0ilp6aQ7c
G+UHEMVwwmyCqXMWujkUsyjTyXXacFLHvvHqEn8CAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBQUJwv+AYRTD2G3UbvY9f9ANhbaRTAfBgNVHSMEGDAWgBQlrdNCsB63pY6t
GZAmiLVLP4H0uDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzg1MWNlZjE3LTEz
MmEtNDMzNy1iN2QxLWJmMTZhNTJmZmQwMy9kZjZmM2IzYTM0YjYzODZkMWEzMmQ4
ZjRmYTMxNzhlZjMxODg3ZDhiNDI4ZGZhYTQ3Ni5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9mNzAzNjk2ZS1lNDdiLTRjMjAtYmQ5My02Zjgw
OTA0ZTQyZDIvMjU2YTJjOWItODBlZC00ZjhiLThjNGQtNGJhOWM5NmJjY2NmLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMt
NmY4MDkwNGU0MmQyL3RqaHRHakxZOVBveGVPOHhpSDJMUW8zNnBIWS5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAA3ipjANBgkqhkiG9w0BAQsFAAOCAQEAsw/+JszxxXyEWyetz+Ko4TGUmClX
gf86ihdQXOH11yw8a3Yl0QHQqdz8WpQRouJdCDjfXX3Yb/R+mKw5YdDeSGgBXor6
o/+fBZ7pWwixYje1qb9XvE4lQhpRWPLUjLDFRjFfe7toB0gMZVtCub2cJjYKp/9E
bXzWfdwEluUCZZTlYQVWSFtv56LZ3oPpdOVhNSa3NOGst7Rb51gfSgEJrJgigbZi
ZAOMpbe+LzPKNOA5ub2bcQIz2g9GmLAnlt7q6anoMDrNn4hYFsiAuVgt5ab0yzBN
NO2yqmN0GKt8QV2XjBQZr77PepVJ6YG8/stLccGJGW1lvCrtOp1hBwEfsA==
-----END CERTIFICATE-----
Generated at Sat Oct 18 02:14:19 2025 by rpki-client