Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/36faf071-56c6-4e5d-a4cd-d75920b358f4.roa
File:                     36faf071-56c6-4e5d-a4cd-d75920b358f4.roa (raw, json)
Hash identifier:          /FF8B1s/TckDF/2tptlWn3iiIY7s0LYH89evJ9qYknc=
Subject key identifier:   97:1C:1D:BD:46:43:E5:0C:64:EB:13:A5:29:89:0F:20:20:9F:EC:57
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5F85004CCCB1F0773583AC0DAE6B96E7D1ECBB24
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/36faf071-56c6-4e5d-a4cd-d75920b358f4.roa
Signing time:             Wed 24 Sep 2025 20:51:53 +0000
ROA not before:           Wed 24 Sep 2025 20:51:53 +0000
ROA not after:            Wed 29 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.225.120.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:85:00:4c:cc:b1:f0:77:35:83:ac:0d:ae:6b:96:e7:d1:ec:bb:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 24 20:51:53 2025 GMT
            Not After : Oct 29 23:59:59 2025 GMT
        Subject: serialNumber=3357985634904c7da1445c7193e3034564dd6b69e77774956569bf762af6f550, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:f0:26:6f:ba:f8:e6:84:54:6a:f6:f6:a4:4e:
                    80:05:41:d3:e5:94:b4:ce:90:78:f9:fe:db:c7:c5:
                    74:94:86:48:bd:7c:90:57:9c:d1:fc:76:34:f6:8a:
                    25:b9:fc:d9:d7:c2:51:46:d1:64:b3:88:0b:6e:4c:
                    3d:35:4c:4c:e3:b6:ec:c0:26:0c:f1:e2:6b:d5:4b:
                    fd:14:05:d7:43:55:58:3d:f9:d0:82:e5:39:da:f5:
                    f5:b2:f6:1a:e0:a1:12:22:82:50:8a:77:d0:a3:92:
                    b4:7e:9d:4b:06:d0:2b:6d:fc:f1:d0:46:04:b3:45:
                    bb:b2:f8:bf:0c:36:ab:6d:35:10:07:c6:b6:81:14:
                    fd:d8:ca:a6:21:33:85:9c:50:c5:69:aa:f1:e3:e0:
                    5d:33:e6:dc:8c:ef:bd:54:c8:15:99:32:ce:a1:d3:
                    89:19:7f:b3:82:be:e4:bf:ab:d3:5f:b4:91:13:46:
                    26:56:e6:4e:aa:b4:b0:85:88:16:32:57:dd:d1:39:
                    b9:05:65:10:37:34:d7:0a:fe:31:b2:5f:8e:23:a4:
                    6e:9b:ed:48:65:c0:90:7e:04:7c:c8:a0:bc:f9:39:
                    90:3f:5e:99:25:f0:21:b4:83:31:03:0c:af:f9:b5:
                    a1:2c:86:cc:2a:ec:34:c6:08:26:37:7f:b0:cf:b8:
                    ca:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:1C:1D:BD:46:43:E5:0C:64:EB:13:A5:29:89:0F:20:20:9F:EC:57
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/36faf071-56c6-4e5d-a4cd-d75920b358f4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.225.120.0/21

    Signature Algorithm: sha256WithRSAEncryption
         0d:30:2d:f9:1b:5a:55:06:4d:bd:b2:e6:78:02:0a:28:a7:9b:
         08:91:8a:0a:9e:9b:60:68:da:fa:5b:59:33:a6:bf:4d:10:e0:
         9f:53:3b:ad:57:57:49:7d:3c:35:bc:08:54:1f:3b:bb:e4:9e:
         86:95:28:5e:b4:41:43:56:62:93:07:9a:f8:8d:d4:d6:1d:83:
         8e:e1:09:21:2c:6a:b2:3d:ff:4d:b1:6a:1f:be:27:15:90:96:
         24:33:dd:3d:be:8c:c2:40:59:72:6c:81:01:02:4a:25:af:23:
         bf:72:ea:18:95:e3:6d:8b:2b:1c:05:c8:04:f9:df:3d:be:59:
         b1:bb:bb:58:4a:86:22:17:be:a2:b7:a5:cb:90:0b:7d:f6:3d:
         9f:93:c7:db:76:a4:06:fe:f6:7b:af:6a:78:be:98:0a:60:0c:
         54:82:19:80:b4:9d:dd:3e:5d:09:b8:aa:74:bc:6b:71:b5:2d:
         9a:12:9f:e8:78:8c:87:96:fc:ec:76:cd:4b:fe:ba:c3:d3:4a:
         4f:0b:50:af:05:ef:b6:fc:06:33:38:8c:dc:e7:89:07:dc:3b:
         12:32:36:db:30:6b:2e:a0:93:c5:40:55:33:51:73:18:3d:b3:
         3d:0c:04:3e:0a:91:f4:29:7f:03:95:ab:b5:ee:56:b0:44:73:
         41:0e:a7:81
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUX4UATMyx8Hc1g6wNrmuW59HsuyQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI0MjA1MTUzWhcNMjUxMDI5MjM1OTU5
WjB6MUkwRwYDVQQFE0AzMzU3OTg1NjM0OTA0YzdkYTE0NDVjNzE5M2UzMDM0NTY0
ZGQ2YjY5ZTc3Nzc0OTU2NTY5YmY3NjJhZjZmNTUwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC78CZvuvjmhFRq9vakToAFQdPllLTOkHj5/tvHxXSUhki9
fJBXnNH8djT2iiW5/NnXwlFG0WSziAtuTD01TEzjtuzAJgzx4mvVS/0UBddDVVg9
+dCC5Tna9fWy9hrgoRIiglCKd9CjkrR+nUsG0Ctt/PHQRgSzRbuy+L8MNqttNRAH
xraBFP3YyqYhM4WcUMVpqvHj4F0z5tyM771UyBWZMs6h04kZf7OCvuS/q9NftJET
RiZW5k6qtLCFiBYyV93RObkFZRA3NNcK/jGyX44jpG6b7UhlwJB+BHzIoLz5OZA/
Xpkl8CG0gzEDDK/5taEshswq7DTGCCY3f7DPuMqZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUlxwdvUZD5Qxk6xOlKYkPICCf7FcwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzM2ZmFmMDcxLTU2YzYtNGU1ZC1hNGNkLWQ3NTkyMGIzNThmNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMN4XgwDQYJKoZIhvcNAQELBQADggEBAA0wLfkbWlUGTb2y5ngCCiinmwiR
igqem2Bo2vpbWTOmv00Q4J9TO61XV0l9PDW8CFQfO7vknoaVKF60QUNWYpMHmviN
1NYdg47hCSEsarI9/02xah++JxWQliQz3T2+jMJAWXJsgQECSiWvI79y6hiV422L
KxwFyAT53z2+WbG7u1hKhiIXvqK3pcuQC332PZ+Tx9t2pAb+9nuvani+mApgDFSC
GYC0nd0+XQm4qnS8a3G1LZoSn+h4jIeW/Ox2zUv+usPTSk8LUK8F77b8BjM4jNzn
iQfcOxIyNtsway6gk8VAVTNRcxg9sz0MBD4KkfQpfwOVq7XuVrBEc0EOp4E=
-----END CERTIFICATE-----
Generated at Fri Oct 17 22:18:13 2025 by rpki-client