Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/43fbd2ec-b4d4-47b6-a839-8141fcf26700.roa
File:                     43fbd2ec-b4d4-47b6-a839-8141fcf26700.roa (raw, json)
Hash identifier:          R85U6uq7Z/Ctkufyv8rlY011OicOR6fzCrzMh1ZgRVM=
Subject key identifier:   50:FB:25:8B:FC:CD:ED:46:0D:84:6A:A7:FC:B0:70:9A:4C:32:8E:9B
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       38E38FA7973B1AB37C9A70B3CCDA159A0E9D3C8B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/43fbd2ec-b4d4-47b6-a839-8141fcf26700.roa
Signing time:             Fri 17 Oct 2025 22:20:17 +0000
ROA not before:           Fri 17 Oct 2025 22:20:17 +0000
ROA not after:            Fri 21 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.253.0.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:e3:8f:a7:97:3b:1a:b3:7c:9a:70:b3:cc:da:15:9a:0e:9d:3c:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 17 22:20:17 2025 GMT
            Not After : Nov 21 23:59:59 2025 GMT
        Subject: serialNumber=013cfe415a06fa38157505b8c2b9b088e3d534d148dcac6d1c6620ea00a2122c, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:c8:a7:50:c3:e5:a8:95:a5:e7:8d:d2:74:6d:
                    30:ca:e6:5d:ea:0c:2a:e9:37:76:7e:ac:0f:0d:90:
                    47:1e:ab:83:38:27:e0:1c:da:ea:e7:c2:2b:47:fe:
                    1e:40:ad:8b:1b:0c:f7:66:af:2e:c0:be:be:99:ad:
                    51:a8:8b:df:6a:60:6c:83:9b:44:30:ce:54:eb:21:
                    e7:52:87:9c:a3:ef:c3:2e:79:03:ba:8f:89:ba:f4:
                    bd:55:fd:68:db:14:20:96:8a:26:a4:48:ce:2e:0c:
                    e7:81:58:9d:cc:4c:7f:30:e4:1e:41:0f:25:65:e6:
                    73:17:f1:56:1c:f4:fd:26:61:f5:4a:f4:ee:fb:32:
                    fc:dd:64:0c:37:0c:db:db:c2:f1:e2:82:42:18:be:
                    7d:96:18:dc:78:ea:ea:ff:81:78:d9:d2:16:bb:c6:
                    2a:01:03:a7:99:44:17:33:82:68:82:a6:a0:ad:c5:
                    a3:4a:b0:5c:18:ec:3d:ae:a3:32:5c:c8:06:56:31:
                    da:c5:18:1c:87:91:72:dd:ae:b4:b9:20:73:b7:dd:
                    e4:12:8e:ea:ab:e8:04:22:1b:90:66:0d:aa:7e:f2:
                    6f:68:dc:7c:85:aa:c3:f7:90:84:72:b6:6d:a6:c2:
                    73:aa:e9:d0:25:56:76:d6:df:64:0c:b4:44:30:33:
                    db:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:FB:25:8B:FC:CD:ED:46:0D:84:6A:A7:FC:B0:70:9A:4C:32:8E:9B
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/43fbd2ec-b4d4-47b6-a839-8141fcf26700.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.253.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         3b:e4:d4:ed:32:60:7a:ec:70:01:2e:6d:f3:e6:e3:34:a4:21:
         28:72:8a:13:49:23:ea:38:32:66:e4:e7:40:b5:bc:6b:0f:29:
         01:98:0a:75:b4:f9:e2:1f:ab:6f:6b:cf:03:1c:57:30:8d:3b:
         68:1c:26:b0:18:f1:5c:2e:b5:bc:81:3b:34:fd:34:63:4a:ae:
         be:cf:ef:08:0a:20:8b:02:17:c1:74:2f:10:9f:e9:de:ae:af:
         66:0d:cf:9c:da:26:90:97:8e:f3:a5:2d:dc:54:a7:95:8b:1a:
         96:32:a8:f7:f6:db:63:15:59:36:b8:95:fb:d7:78:70:73:45:
         45:16:f6:4b:39:e6:0d:fd:c1:79:79:4a:6b:43:f6:55:7c:c8:
         47:c6:89:b9:e0:0e:b0:cb:ec:1a:97:92:24:7b:91:2d:d9:de:
         1a:c6:3d:33:4f:2f:3d:d1:46:0a:7e:33:5d:4a:c3:95:ce:64:
         61:be:ab:b6:24:dd:7d:23:e6:10:2e:ec:79:3a:fc:eb:37:f1:
         af:4b:14:94:9f:84:5c:5e:e9:34:eb:a9:24:bd:35:60:f8:e7:
         00:fb:0b:d8:63:2a:18:5c:8a:73:8a:0f:33:78:8e:9a:e1:7f:
         ec:ac:5f:c1:ec:65:a1:12:1e:c4:a2:ac:d6:ec:1c:a7:7a:57:
         a5:7c:b1:f4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOOOPp5c7GrN8mnCzzNoVmg6dPIswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE3MjIyMDE3WhcNMjUxMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AwMTNjZmU0MTVhMDZmYTM4MTU3NTA1YjhjMmI5YjA4OGUz
ZDUzNGQxNDhkY2FjNmQxYzY2MjBlYTAwYTIxMjJjMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8yKdQw+WolaXnjdJ0bTDK5l3qDCrpN3Z+rA8NkEceq4M4
J+Ac2urnwitH/h5ArYsbDPdmry7Avr6ZrVGoi99qYGyDm0QwzlTrIedSh5yj78Mu
eQO6j4m69L1V/WjbFCCWiiakSM4uDOeBWJ3MTH8w5B5BDyVl5nMX8VYc9P0mYfVK
9O77MvzdZAw3DNvbwvHigkIYvn2WGNx46ur/gXjZ0ha7xioBA6eZRBczgmiCpqCt
xaNKsFwY7D2uozJcyAZWMdrFGByHkXLdrrS5IHO33eQSjuqr6AQiG5BmDap+8m9o
3HyFqsP3kIRytm2mwnOq6dAlVnbW32QMtEQwM9vDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUUPsli/zN7UYNhGqn/LBwmkwyjpswHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzQzZmJkMmVjLWI0ZDQtNDdiNi1hODM5LTgxNDFmY2YyNjcwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAc2/QAwDQYJKoZIhvcNAQELBQADggEBADvk1O0yYHrscAEubfPm4zSkIShy
ihNJI+o4Mmbk50C1vGsPKQGYCnW0+eIfq29rzwMcVzCNO2gcJrAY8VwutbyBOzT9
NGNKrr7P7wgKIIsCF8F0LxCf6d6ur2YNz5zaJpCXjvOlLdxUp5WLGpYyqPf222MV
WTa4lfvXeHBzRUUW9ks55g39wXl5SmtD9lV8yEfGibngDrDL7BqXkiR7kS3Z3hrG
PTNPLz3RRgp+M11Kw5XOZGG+q7Yk3X0j5hAu7Hk6/Os38a9LFJSfhFxe6TTrqSS9
NWD45wD7C9hjKhhcinOKDzN4jprhf+ysX8HsZaESHsSirNbsHKd6V6V8sfQ=
-----END CERTIFICATE-----
Generated at Sat Oct 18 00:18:16 2025 by rpki-client