Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2b8ccb4f-0647-4860-bb15-14042040a7f2.roa
File:                     2b8ccb4f-0647-4860-bb15-14042040a7f2.roa (raw, json)
Hash identifier:          loFJtlRGg9X51nasdlcj8Qo+arTmwav0EN85S4JiQVk=
Subject key identifier:   05:F5:EF:E7:BB:D9:3A:31:2F:EA:4E:4E:4D:47:D6:22:77:04:24:BA
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       739117C5167FCA190530E3653DCA9F7FE1BE7D4C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2b8ccb4f-0647-4860-bb15-14042040a7f2.roa
Signing time:             Mon 15 Sep 2025 15:40:18 +0000
ROA not before:           Mon 15 Sep 2025 15:40:18 +0000
ROA not after:            Mon 20 Oct 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        3.83.168.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 19 Sep 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:91:17:c5:16:7f:ca:19:05:30:e3:65:3d:ca:9f:7f:e1:be:7d:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 15 15:40:18 2025 GMT
            Not After : Oct 20 23:59:59 2025 GMT
        Subject: serialNumber=725f1ba64b26d81bae00d5c2b2e548d7282620e62cf9d964c5f7cd9de5e74b54, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:58:29:89:fa:de:a6:a7:46:84:91:25:e4:7c:
                    2e:37:68:00:ce:7b:bd:43:0c:7e:43:d8:65:34:c8:
                    72:31:28:61:73:dc:e1:6c:17:bc:64:7d:e8:0e:03:
                    70:33:12:83:89:40:e8:e9:e7:8d:8d:5a:4c:74:c0:
                    69:5b:97:95:87:aa:d0:bf:3b:2d:74:ea:13:5e:96:
                    21:91:6d:53:73:dc:05:21:39:21:20:7e:89:8b:2e:
                    16:6d:b5:e2:e5:e1:44:28:fe:56:af:41:b0:4d:ae:
                    a0:e1:be:6f:64:69:71:d0:9c:90:84:d6:cb:9c:53:
                    43:de:d9:b1:63:bb:71:a4:92:30:55:a9:de:b2:5c:
                    61:d3:25:77:1d:87:28:c6:6f:6f:05:d8:4c:1c:4c:
                    20:f6:96:50:f4:f9:e9:83:b3:8e:43:98:33:34:e2:
                    68:17:44:d4:56:69:c5:58:51:5c:d0:93:d9:75:b8:
                    1d:a2:90:63:a4:1c:d7:74:e5:a3:26:fe:72:aa:f9:
                    58:b4:58:ba:95:a8:7c:ea:6b:40:9d:32:6f:4e:c3:
                    e5:f4:15:d2:4e:8a:37:1b:ab:c5:22:2e:5a:fb:1f:
                    1c:85:93:c1:b5:12:34:45:2b:2c:48:8e:0f:f5:00:
                    7d:17:72:be:f4:e2:a3:c1:a4:a7:9f:f5:70:0e:1b:
                    9c:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:F5:EF:E7:BB:D9:3A:31:2F:EA:4E:4E:4D:47:D6:22:77:04:24:BA
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2b8ccb4f-0647-4860-bb15-14042040a7f2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.83.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a0:c5:b2:44:39:9b:3f:99:6a:58:7b:16:1c:4f:30:d8:94:95:
         50:c3:63:13:9e:d3:d7:55:ee:c8:38:a4:a1:ef:ba:a2:10:f6:
         f9:6e:c3:1e:45:32:fb:a3:2c:2b:43:6d:cb:b9:19:90:0a:a4:
         8f:eb:72:00:85:84:75:df:91:e8:dc:86:79:5f:7a:a7:03:e0:
         1f:0b:61:56:26:cf:18:28:a1:b2:c8:34:76:fc:3d:aa:25:47:
         87:9e:61:58:7d:d4:fa:78:43:55:4f:66:0d:a9:b2:3b:84:f8:
         2e:7e:a4:24:a9:9d:51:45:6c:f1:14:d4:56:e2:94:26:de:e6:
         18:8f:6d:dd:7a:4e:77:99:8a:49:d2:82:50:3d:3f:10:6f:a9:
         59:2a:ca:65:46:56:ca:0a:70:50:de:e1:db:8e:1a:03:63:83:
         fe:d2:07:9d:73:f2:ea:c3:3e:77:50:9d:d2:e9:af:f8:16:d0:
         f3:95:ae:24:f8:40:a1:2f:4b:12:a2:f2:0f:31:d0:38:24:fd:
         b8:7f:f6:ae:49:99:1e:a5:b9:1a:ea:6c:ae:48:7b:9a:a9:c9:
         55:c1:72:26:0b:e8:12:c8:98:00:ce:18:78:7a:1f:1c:03:e7:
         43:15:31:a7:3c:36:ff:fb:a5:85:80:7e:42:d7:d3:9e:e0:79:
         98:17:82:35
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUc5EXxRZ/yhkFMONlPcqff+G+fUwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTE1MTU0MDE4WhcNMjUxMDIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A3MjVmMWJhNjRiMjZkODFiYWUwMGQ1YzJiMmU1NDhkNzI4
MjYyMGU2MmNmOWQ5NjRjNWY3Y2Q5ZGU1ZTc0YjU0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFWCmJ+t6mp0aEkSXkfC43aADOe71DDH5D2GU0yHIxKGFz
3OFsF7xkfegOA3AzEoOJQOjp542NWkx0wGlbl5WHqtC/Oy106hNeliGRbVNz3AUh
OSEgfomLLhZtteLl4UQo/lavQbBNrqDhvm9kaXHQnJCE1sucU0Pe2bFju3GkkjBV
qd6yXGHTJXcdhyjGb28F2EwcTCD2llD0+emDs45DmDM04mgXRNRWacVYUVzQk9l1
uB2ikGOkHNd05aMm/nKq+Vi0WLqVqHzqa0CdMm9Ow+X0FdJOijcbq8UiLlr7HxyF
k8G1EjRFKyxIjg/1AH0Xcr704qPBpKef9XAOG5x3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBfXv57vZOjEv6k5OTUfWIncEJLowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzJiOGNjYjRmLTA2NDctNDg2MC1iYjE1LTE0MDQyMDQwYTdmMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIDU6gwDQYJKoZIhvcNAQELBQADggEBAKDFskQ5mz+Zalh7FhxPMNiUlVDD
YxOe09dV7sg4pKHvuqIQ9vluwx5FMvujLCtDbcu5GZAKpI/rcgCFhHXfkejchnlf
eqcD4B8LYVYmzxgoobLINHb8PaolR4eeYVh91Pp4Q1VPZg2psjuE+C5+pCSpnVFF
bPEU1FbilCbe5hiPbd16TneZiknSglA9PxBvqVkqymVGVsoKcFDe4duOGgNjg/7S
B51z8urDPndQndLpr/gW0POVriT4QKEvSxKi8g8x0Dgk/bh/9q5JmR6luRrqbK5I
e5qpyVXBciYL6BLImADOGHh6HxwD50MVMac8Nv/7pYWAfkLX057geZgXgjU=
-----END CERTIFICATE-----
Generated at Thu Sep 18 00:29:55 2025 by rpki-client