Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/29917126-e581-485b-9882-dc7d77dd69c9.roa
File:                     29917126-e581-485b-9882-dc7d77dd69c9.roa (raw, json)
Hash identifier:          sbV7gbWngk0yAoZOmgOwzlwGoG8vS7s9DEifZFbEW5Q=
Subject key identifier:   C3:7D:31:65:0B:2D:4E:71:3B:36:28:8C:37:02:8D:27:72:AA:3A:E1
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       258B09DE23923AEB6A645DA721AE23AAC802C67F
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/29917126-e581-485b-9882-dc7d77dd69c9.roa
Signing time:             Thu 25 Sep 2025 22:29:31 +0000
ROA not before:           Thu 25 Sep 2025 22:29:31 +0000
ROA not after:            Thu 30 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.166.66.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:8b:09:de:23:92:3a:eb:6a:64:5d:a7:21:ae:23:aa:c8:02:c6:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 25 22:29:31 2025 GMT
            Not After : Oct 30 23:59:59 2025 GMT
        Subject: serialNumber=d36574c9e597bb914e3f55285dc5156bb9db57ebdd83f52f9f5e649e7e330ada, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:26:19:33:36:46:f2:6f:74:26:22:c5:32:57:
                    ab:1c:fb:99:8c:8f:91:7f:59:b9:71:37:b3:10:5a:
                    9d:86:5b:9a:20:5b:89:6d:6f:3e:f0:bc:88:d2:52:
                    32:4e:ed:d3:d0:c8:5f:10:de:ed:92:1c:c1:e7:ae:
                    36:aa:98:5e:c4:0e:c3:1a:c5:e6:76:ba:40:8b:3e:
                    59:00:76:08:32:4f:f4:51:c0:0c:12:e1:9a:53:c0:
                    9f:6c:95:dc:f7:83:c8:7a:14:da:77:c9:88:78:43:
                    3c:50:6a:d7:64:bb:7e:c2:67:9f:87:0e:52:e4:14:
                    11:cd:1a:79:54:4b:9f:5f:e2:45:0c:33:18:88:48:
                    7d:30:3b:d6:af:3a:0d:e4:e8:d7:d5:26:c4:3c:78:
                    a2:b1:f1:a2:ae:62:8a:8d:27:50:d8:98:a4:33:b3:
                    2e:a8:df:a4:87:f8:94:0c:40:a4:5e:6c:2b:23:08:
                    4d:d0:64:07:c9:9b:ff:4d:b8:50:ee:67:42:26:16:
                    e5:e2:a3:04:99:e4:15:01:a3:19:34:bb:82:a3:ea:
                    4d:d2:66:9e:ee:91:1e:9e:53:65:83:44:0c:93:a3:
                    19:13:bc:c8:e4:29:10:bc:8d:bc:fc:ce:9d:47:c8:
                    61:2c:f0:e7:f6:e4:fa:fa:9f:ec:c8:ae:67:7f:7d:
                    eb:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:7D:31:65:0B:2D:4E:71:3B:36:28:8C:37:02:8D:27:72:AA:3A:E1
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/29917126-e581-485b-9882-dc7d77dd69c9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.166.66.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a2:64:28:81:d9:a8:a0:c8:b5:19:6c:f4:4a:f6:bb:35:b8:01:
         0d:d2:68:5d:56:26:e6:2d:03:17:09:37:7d:a0:4f:78:07:3e:
         b3:28:8e:60:6f:ee:1c:24:ac:19:c7:8c:c5:34:73:99:57:93:
         6a:ba:08:cd:a2:34:35:8b:8f:55:5a:36:c7:93:3d:88:70:ec:
         2c:54:a1:59:a8:f3:98:3b:d7:e2:a8:8b:a9:b2:1d:17:7f:22:
         16:71:4a:fc:40:6b:fe:3f:ed:31:cb:cf:1f:a0:98:b5:ab:6a:
         e9:ad:56:ec:c8:0f:f8:1f:65:c8:02:9f:92:2b:4d:59:ad:0c:
         e9:51:72:b5:03:ef:28:e7:ee:f1:88:0d:59:c1:46:0b:d0:64:
         02:f1:e8:75:28:9e:c3:a7:f3:5f:43:ab:45:73:88:de:ad:a4:
         2a:22:50:14:95:2d:a7:7b:16:46:ee:7a:53:ea:18:c7:1a:ea:
         86:a0:88:13:57:2d:0d:32:fc:b7:11:f5:23:09:d1:60:dd:b5:
         44:d8:33:d2:28:bb:52:4c:d0:c7:e8:c2:2b:d5:df:b9:f5:c2:
         f9:61:96:f8:d2:17:be:8a:67:e6:a5:09:09:38:b4:f6:8a:37:
         b0:b1:c5:08:81:20:0a:60:53:ad:e2:d8:3b:56:4b:4a:fa:e2:
         b7:d3:dc:86
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJYsJ3iOSOutqZF2nIa4jqsgCxn8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI1MjIyOTMxWhcNMjUxMDMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkMzY1NzRjOWU1OTdiYjkxNGUzZjU1Mjg1ZGM1MTU2YmI5
ZGI1N2ViZGQ4M2Y1MmY5ZjVlNjQ5ZTdlMzMwYWRhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCeJhkzNkbyb3QmIsUyV6sc+5mMj5F/WblxN7MQWp2GW5og
W4ltbz7wvIjSUjJO7dPQyF8Q3u2SHMHnrjaqmF7EDsMaxeZ2ukCLPlkAdggyT/RR
wAwS4ZpTwJ9sldz3g8h6FNp3yYh4QzxQatdku37CZ5+HDlLkFBHNGnlUS59f4kUM
MxiISH0wO9avOg3k6NfVJsQ8eKKx8aKuYoqNJ1DYmKQzsy6o36SH+JQMQKRebCsj
CE3QZAfJm/9NuFDuZ0ImFuXiowSZ5BUBoxk0u4Kj6k3SZp7ukR6eU2WDRAyToxkT
vMjkKRC8jbz8zp1HyGEs8Of25Pr6n+zIrmd/fetLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUw30xZQstTnE7NiiMNwKNJ3KqOuEwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzI5OTE3MTI2LWU1ODEtNDg1Yi05ODgyLWRjN2Q3N2RkNjljOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEDpkIwDQYJKoZIhvcNAQELBQADggEBAKJkKIHZqKDItRls9Er2uzW4AQ3S
aF1WJuYtAxcJN32gT3gHPrMojmBv7hwkrBnHjMU0c5lXk2q6CM2iNDWLj1VaNseT
PYhw7CxUoVmo85g71+Koi6myHRd/IhZxSvxAa/4/7THLzx+gmLWraumtVuzID/gf
ZcgCn5IrTVmtDOlRcrUD7yjn7vGIDVnBRgvQZALx6HUonsOn819Dq0VziN6tpCoi
UBSVLad7FkbuelPqGMca6oagiBNXLQ0y/LcR9SMJ0WDdtUTYM9Iou1JM0MfowivV
37n1wvlhlvjSF76KZ+alCQk4tPaKN7CxxQiBIApgU63i2DtWS0r64rfT3IY=
-----END CERTIFICATE-----
Generated at Sat Oct 18 05:10:16 2025 by rpki-client