Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4b00412d-b2ff-4e53-ab9a-362326924f13.roa
File:                     4b00412d-b2ff-4e53-ab9a-362326924f13.roa (raw, json)
Hash identifier:          7o4cBp448/0knVpk5VzfBy525yzyYbj2wwBUFGW6cDA=
Subject key identifier:   9F:21:27:82:52:DE:7E:10:62:76:18:3A:1F:A5:A8:E5:A0:D7:EC:31
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       32FCE349E37DFAF215BAA2B52ED55964249E868E
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4b00412d-b2ff-4e53-ab9a-362326924f13.roa
Signing time:             Fri 26 Sep 2025 01:39:24 +0000
ROA not before:           Fri 26 Sep 2025 01:39:24 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.174.144.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:fc:e3:49:e3:7d:fa:f2:15:ba:a2:b5:2e:d5:59:64:24:9e:86:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 26 01:39:24 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=59cb6fe91611027f30547aee1c090f1fdfbf451792cf96cb9b7d452bb2bb326b, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:ee:0a:74:56:3a:58:b6:9f:9f:c9:ca:fc:c7:
                    ff:25:77:f5:ec:7a:bc:9d:6e:89:93:cb:8f:7e:8d:
                    b8:e9:32:e1:30:bb:60:14:ae:33:0c:62:10:9d:92:
                    21:50:f1:43:54:b1:75:fb:f9:a4:56:04:b4:24:32:
                    78:3e:e2:3a:e0:65:8b:d7:9b:ec:e8:dd:4d:c2:12:
                    a9:c8:89:18:d3:1c:27:0c:2e:33:64:25:b6:c9:9f:
                    3a:21:1f:70:fe:ce:5d:5f:db:e1:e1:e3:e7:6b:a8:
                    4d:06:0d:0a:ee:f6:eb:be:61:95:16:d5:e5:2c:a9:
                    dd:74:02:4b:0d:3e:e3:4d:ce:ce:ab:c8:7a:6a:2e:
                    1a:1f:7d:ab:50:b3:87:63:29:43:48:61:48:0b:fe:
                    82:d9:be:f2:83:4f:32:86:0f:05:31:0c:a3:7b:03:
                    19:81:72:11:8e:84:cb:1c:69:ef:e9:1f:ed:c7:91:
                    1c:87:cf:71:8f:b2:c9:94:17:34:4e:05:0f:0c:26:
                    72:9a:04:00:3c:3c:15:38:c3:3a:b7:c7:5e:38:2a:
                    4b:ad:74:96:fc:e7:76:a8:2c:78:77:a6:6b:bb:20:
                    cb:30:c8:1c:bd:87:ff:24:df:d3:f2:43:48:05:93:
                    36:f7:a7:18:84:64:92:5f:53:a7:c9:e2:66:ad:60:
                    c2:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:21:27:82:52:DE:7E:10:62:76:18:3A:1F:A5:A8:E5:A0:D7:EC:31
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4b00412d-b2ff-4e53-ab9a-362326924f13.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.174.144.0/21

    Signature Algorithm: sha256WithRSAEncryption
         2b:e1:cf:33:06:48:31:e1:e7:61:10:c7:6b:03:cb:e4:a6:4f:
         62:73:93:2b:58:74:6d:0f:9a:c2:6c:14:1c:8d:95:43:68:67:
         10:81:ff:9d:73:26:d7:ed:06:a8:f3:1f:2a:d5:df:65:1f:f2:
         e7:90:7d:03:63:91:b6:10:ef:ae:f2:2d:28:0a:7b:70:2b:d8:
         09:30:8e:38:c1:d7:4f:a5:ff:91:91:eb:38:64:a7:7a:85:ee:
         90:4f:cd:79:c8:7c:3b:cc:bb:fd:e9:a5:7c:81:8f:ba:d4:37:
         62:f1:43:22:22:de:ab:44:bd:5b:67:cc:04:26:b9:b5:0e:36:
         cc:e9:b8:0f:01:65:01:14:aa:ae:ad:6a:e2:94:49:d3:c1:b8:
         14:cf:a2:09:71:15:9a:2b:54:9c:09:6a:e1:ec:12:83:2a:50:
         ee:4b:b6:46:4a:3f:59:f7:ff:90:ef:96:a9:98:0b:ef:4a:11:
         61:59:6c:68:34:a2:15:f7:be:90:77:73:85:83:c7:44:da:0a:
         22:e5:ee:1a:83:0d:d1:8b:37:2d:92:6a:00:96:51:d5:8a:fe:
         3c:12:c1:57:c7:cf:b8:59:ff:02:80:8a:54:9f:67:f0:06:81:
         47:b0:2f:5e:c1:fd:cb:f7:4f:4d:d9:ae:eb:de:a8:da:06:28:
         42:23:56:53
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMvzjSeN9+vIVuqK1LtVZZCSeho4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI2MDEzOTI0WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A1OWNiNmZlOTE2MTEwMjdmMzA1NDdhZWUxYzA5MGYxZmRm
YmY0NTE3OTJjZjk2Y2I5YjdkNDUyYmIyYmIzMjZiMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDF7gp0VjpYtp+fycr8x/8ld/XserydbomTy49+jbjpMuEw
u2AUrjMMYhCdkiFQ8UNUsXX7+aRWBLQkMng+4jrgZYvXm+zo3U3CEqnIiRjTHCcM
LjNkJbbJnzohH3D+zl1f2+Hh4+drqE0GDQru9uu+YZUW1eUsqd10AksNPuNNzs6r
yHpqLhoffatQs4djKUNIYUgL/oLZvvKDTzKGDwUxDKN7AxmBchGOhMscae/pH+3H
kRyHz3GPssmUFzROBQ8MJnKaBAA8PBU4wzq3x144KkutdJb853aoLHh3pmu7IMsw
yBy9h/8k39PyQ0gFkzb3pxiEZJJfU6fJ4matYML7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUnyEnglLefhBidhg6H6Wo5aDX7DEwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzRiMDA0MTJkLWIyZmYtNGU1My1hYjlhLTM2MjMyNjkyNGYxMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMDrpAwDQYJKoZIhvcNAQELBQADggEBACvhzzMGSDHh52EQx2sDy+SmT2Jz
kytYdG0PmsJsFByNlUNoZxCB/51zJtftBqjzHyrV32Uf8ueQfQNjkbYQ767yLSgK
e3Ar2AkwjjjB10+l/5GR6zhkp3qF7pBPzXnIfDvMu/3ppXyBj7rUN2LxQyIi3qtE
vVtnzAQmubUONszpuA8BZQEUqq6tauKUSdPBuBTPoglxFZorVJwJauHsEoMqUO5L
tkZKP1n3/5DvlqmYC+9KEWFZbGg0ohX3vpB3c4WDx0TaCiLl7hqDDdGLNy2SagCW
UdWK/jwSwVfHz7hZ/wKAilSfZ/AGgUewL17B/cv3T03ZruveqNoGKEIjVlM=
-----END CERTIFICATE-----
Generated at Sat Oct 18 00:13:34 2025 by rpki-client