Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/443a63bf-e448-4c2c-945a-49c6d479f649.roa
File:                     443a63bf-e448-4c2c-945a-49c6d479f649.roa (raw, json)
Hash identifier:          mtGmiZAwRVEvMHhcJ+hjJtYfcT8nJ0YwVo0jt+TosGM=
Subject key identifier:   79:EA:6D:BA:8B:3F:A8:04:D1:09:EC:38:88:B3:0C:7F:71:F8:E2:69
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       3E77D86628C4719F73BF06282755F2A490F6D187
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/443a63bf-e448-4c2c-945a-49c6d479f649.roa
Signing time:             Fri 26 Sep 2025 03:07:11 +0000
ROA not before:           Fri 26 Sep 2025 03:07:11 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.230.160.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:77:d8:66:28:c4:71:9f:73:bf:06:28:27:55:f2:a4:90:f6:d1:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 26 03:07:11 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=2b43cad7039d25e311b02b2432d7db1589817965e9df99c00191e7db02256fc8, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:e6:df:2c:c7:d5:ab:b3:81:a5:ab:f1:85:5e:
                    42:cc:8c:4f:3a:62:88:b2:69:0c:2d:af:5b:01:a0:
                    95:63:ec:6f:9a:78:23:e5:ac:45:30:c5:16:9f:33:
                    1c:fc:05:95:1d:00:8d:98:4b:e6:5a:49:27:c4:4b:
                    85:19:59:5d:22:a4:70:4e:a9:fa:cb:0e:dd:fb:e0:
                    5b:f7:0e:3d:14:2d:04:72:24:2d:6c:31:1f:03:2b:
                    b3:6f:43:41:12:93:19:d4:b1:80:34:39:a9:66:32:
                    5b:29:ff:71:83:13:ab:e0:15:71:f2:f9:d2:15:b5:
                    4a:11:b1:c9:85:95:ae:6a:a8:83:04:81:66:a2:e5:
                    c7:56:2e:fa:53:90:29:f5:6f:81:f7:48:68:de:a6:
                    26:7f:9d:c3:d4:04:73:51:86:f4:e7:4e:76:a0:3d:
                    6d:89:25:ca:c1:b6:24:93:db:29:25:b7:b9:1a:1c:
                    80:87:97:62:46:33:9e:f8:4c:55:2b:a3:5e:e7:3a:
                    ca:7b:5b:c6:c2:8f:06:5c:ec:31:3d:43:76:f4:ec:
                    14:b5:ea:61:58:b8:57:ce:a5:9e:4a:ee:da:de:94:
                    7b:cd:98:33:81:0f:55:2a:cf:31:c1:68:7b:77:09:
                    72:12:4f:76:4c:51:24:ac:8d:6c:d8:b0:68:19:59:
                    50:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:EA:6D:BA:8B:3F:A8:04:D1:09:EC:38:88:B3:0C:7F:71:F8:E2:69
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/443a63bf-e448-4c2c-945a-49c6d479f649.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.230.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         6d:0b:bd:4a:7f:5c:76:25:10:b9:83:06:3d:ce:47:6c:4e:9b:
         52:0f:5b:eb:b2:86:b6:27:00:72:48:d4:94:ca:c8:8c:88:13:
         17:e6:dc:04:d2:e0:68:c7:e6:49:19:9e:f2:6c:e7:12:57:c1:
         8c:6d:f3:73:53:83:c6:51:6d:8a:45:4c:3a:11:98:c3:11:2c:
         95:a0:2f:03:9b:d6:ac:4c:50:5a:51:22:43:fe:e2:a0:f7:ae:
         4a:02:8f:fd:41:7f:8f:a0:ae:b0:0d:78:8c:de:4f:70:11:16:
         c3:c6:fb:02:c1:99:b4:42:2b:81:e2:d6:b9:e8:aa:c2:92:9c:
         9e:15:de:41:04:7b:43:e2:c7:8b:dd:5e:b3:b9:e1:d0:e2:c9:
         1d:56:f2:05:df:8b:42:dc:e5:31:d1:5c:0b:f6:c9:b9:b1:73:
         39:e9:36:4b:90:43:78:b0:cb:a5:ef:27:d1:da:29:a4:a6:5b:
         c7:70:b6:cd:ba:82:8b:33:ff:2a:0c:36:aa:d7:27:85:95:e0:
         b4:ad:0c:54:6b:65:b1:16:0b:a2:62:35:bb:e1:a1:aa:ee:20:
         b6:b4:73:3e:dd:fd:d8:92:53:d1:a8:4d:b7:35:55:04:b0:91:
         84:29:dc:2c:77:03:ec:a3:ea:c0:ca:0b:5a:80:15:e6:0a:aa:
         0a:ed:43:f5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPnfYZijEcZ9zvwYoJ1XypJD20YcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI2MDMwNzExWhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AyYjQzY2FkNzAzOWQyNWUzMTFiMDJiMjQzMmQ3ZGIxNTg5
ODE3OTY1ZTlkZjk5YzAwMTkxZTdkYjAyMjU2ZmM4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCk5t8sx9Wrs4Glq/GFXkLMjE86YoiyaQwtr1sBoJVj7G+a
eCPlrEUwxRafMxz8BZUdAI2YS+ZaSSfES4UZWV0ipHBOqfrLDt374Fv3Dj0ULQRy
JC1sMR8DK7NvQ0ESkxnUsYA0OalmMlsp/3GDE6vgFXHy+dIVtUoRscmFla5qqIME
gWai5cdWLvpTkCn1b4H3SGjepiZ/ncPUBHNRhvTnTnagPW2JJcrBtiST2yklt7ka
HICHl2JGM574TFUro17nOsp7W8bCjwZc7DE9Q3b07BS16mFYuFfOpZ5K7trelHvN
mDOBD1UqzzHBaHt3CXIST3ZMUSSsjWzYsGgZWVAvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUeeptuos/qATRCew4iLMMf3H44mkwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzQ0M2E2M2JmLWU0NDgtNGMyYy05NDVhLTQ5YzZkNDc5ZjY0OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU25qAwDQYJKoZIhvcNAQELBQADggEBAG0LvUp/XHYlELmDBj3OR2xOm1IP
W+uyhrYnAHJI1JTKyIyIExfm3ATS4GjH5kkZnvJs5xJXwYxt83NTg8ZRbYpFTDoR
mMMRLJWgLwOb1qxMUFpRIkP+4qD3rkoCj/1Bf4+grrANeIzeT3ARFsPG+wLBmbRC
K4Hi1rnoqsKSnJ4V3kEEe0Pix4vdXrO54dDiyR1W8gXfi0Lc5THRXAv2ybmxcznp
NkuQQ3iwy6XvJ9HaKaSmW8dwts26gosz/yoMNqrXJ4WV4LStDFRrZbEWC6JiNbvh
oaruILa0cz7d/diSU9GoTbc1VQSwkYQp3Cx3A+yj6sDKC1qAFeYKqgrtQ/U=
-----END CERTIFICATE-----
Generated at Sat Oct 18 02:37:58 2025 by rpki-client