Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/517f6795-b5bb-40f4-a088-82cdde724827.roa
File:                     517f6795-b5bb-40f4-a088-82cdde724827.roa (raw, json)
Hash identifier:          VxFHA4KdPYNJoItvRHQfaiV4q187GxQhoV6pfcnHUF4=
Subject key identifier:   E5:E0:2C:24:FF:67:A5:33:0C:F8:72:C2:F4:6F:3E:D8:59:FD:B2:0F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       36EE29E56F9FCBA5C1662FB2441EA10178745287
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/517f6795-b5bb-40f4-a088-82cdde724827.roa
Signing time:             Thu 25 Sep 2025 17:09:09 +0000
ROA not before:           Thu 25 Sep 2025 17:09:09 +0000
ROA not after:            Thu 30 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.161.43.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:ee:29:e5:6f:9f:cb:a5:c1:66:2f:b2:44:1e:a1:01:78:74:52:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 25 17:09:09 2025 GMT
            Not After : Oct 30 23:59:59 2025 GMT
        Subject: serialNumber=a13ebfc5c31c62022e25de4c57d44d3f213d951c05d1dea0430c8c566b58d085, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:75:ab:04:98:91:d1:f4:42:73:a4:42:8a:7c:
                    8c:ff:cd:14:d0:13:18:b4:91:28:ae:7a:5a:c0:9c:
                    ba:b1:6c:66:e8:16:47:ea:54:17:58:3d:08:a3:d2:
                    c1:f8:62:76:60:09:5e:47:50:b2:ae:0b:27:5b:e8:
                    b2:8b:6c:49:cb:35:5e:f6:8f:72:2b:e3:d7:6c:d3:
                    5f:7d:71:ee:30:c1:25:27:d1:cd:0f:2b:23:be:aa:
                    0c:61:7f:a6:84:90:af:0d:41:aa:46:08:c2:cc:bc:
                    e0:bd:41:ad:08:18:32:2d:8d:02:b0:d2:8e:90:2b:
                    3d:b5:cf:4f:32:18:28:48:a1:72:24:6d:c4:03:3b:
                    86:24:bb:65:fe:7f:fa:06:f9:84:a2:86:ff:1c:0f:
                    72:f0:0c:15:45:81:48:09:3d:4d:4f:3a:79:f6:01:
                    27:0b:17:f5:83:41:73:f1:90:a0:3d:46:41:db:51:
                    c2:fe:cc:9e:7d:5b:82:39:25:1f:d3:a2:24:a4:cd:
                    77:e5:58:4c:29:f9:01:32:38:4b:af:fd:fc:b8:e0:
                    56:cd:02:3f:65:4c:bd:ce:b3:d2:8b:59:40:ba:92:
                    21:47:e5:6d:76:2b:93:67:be:63:b4:96:da:89:d5:
                    f1:53:b2:7d:a6:ad:10:ee:05:f6:7a:16:fa:ff:48:
                    6e:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:E0:2C:24:FF:67:A5:33:0C:F8:72:C2:F4:6F:3E:D8:59:FD:B2:0F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/517f6795-b5bb-40f4-a088-82cdde724827.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.161.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:ff:a3:41:15:a2:16:79:5d:af:a9:ce:3b:57:1d:0b:31:f8:
         b1:44:ac:9f:62:20:3e:4d:a8:6a:47:eb:2c:0c:93:b8:c6:85:
         70:77:64:22:4e:eb:be:2d:7e:9a:41:0b:e6:58:82:7b:31:a5:
         8f:28:14:d5:b7:4d:b7:b8:85:9a:a6:25:47:12:2a:a7:f9:83:
         a7:0b:a6:03:5f:d4:a3:4c:58:a6:8c:fd:9a:f9:d5:45:de:60:
         16:ad:bc:68:21:d1:2b:70:49:ba:fd:8c:06:7a:19:65:c0:a0:
         15:56:b2:74:32:e1:63:cf:01:5d:9d:8f:0f:49:7a:16:0a:89:
         70:24:40:0b:5b:da:ee:a1:0e:6a:9a:52:44:e1:ef:d9:60:78:
         f3:4a:3b:3a:c0:26:17:22:55:4e:ed:41:1e:2b:fb:6a:06:ad:
         9e:59:93:f2:2f:92:2c:25:12:23:53:41:f6:28:42:a5:6b:03:
         ab:6f:86:1b:74:f6:ff:30:de:bf:f6:69:49:04:d2:8b:1f:d8:
         df:6a:6e:00:1c:bd:5b:b2:c4:58:50:9d:10:b5:60:5c:eb:34:
         6f:af:65:56:d4:5c:f7:69:6d:b8:44:15:5e:4c:8e:c1:7e:be:
         8d:61:bb:25:7f:bb:be:1f:c6:64:2d:5c:e5:92:09:ba:69:6b:
         3f:2f:02:38
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNu4p5W+fy6XBZi+yRB6hAXh0UocwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI1MTcwOTA5WhcNMjUxMDMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BhMTNlYmZjNWMzMWM2MjAyMmUyNWRlNGM1N2Q0NGQzZjIx
M2Q5NTFjMDVkMWRlYTA0MzBjOGM1NjZiNThkMDg1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDSdasEmJHR9EJzpEKKfIz/zRTQExi0kSiuelrAnLqxbGbo
FkfqVBdYPQij0sH4YnZgCV5HULKuCydb6LKLbEnLNV72j3Ir49ds0199ce4wwSUn
0c0PKyO+qgxhf6aEkK8NQapGCMLMvOC9Qa0IGDItjQKw0o6QKz21z08yGChIoXIk
bcQDO4Yku2X+f/oG+YSihv8cD3LwDBVFgUgJPU1POnn2AScLF/WDQXPxkKA9RkHb
UcL+zJ59W4I5JR/ToiSkzXflWEwp+QEyOEuv/fy44FbNAj9lTL3Os9KLWUC6kiFH
5W12K5NnvmO0ltqJ1fFTsn2mrRDuBfZ6Fvr/SG4JAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5eAsJP9npTMM+HLC9G8+2Fn9sg8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzUxN2Y2Nzk1LWI1YmItNDBmNC1hMDg4LTgyY2RkZTcyNDgyNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAADoSswDQYJKoZIhvcNAQELBQADggEBAC//o0EVohZ5Xa+pzjtXHQsx+LFE
rJ9iID5NqGpH6ywMk7jGhXB3ZCJO674tfppBC+ZYgnsxpY8oFNW3Tbe4hZqmJUcS
Kqf5g6cLpgNf1KNMWKaM/Zr51UXeYBatvGgh0StwSbr9jAZ6GWXAoBVWsnQy4WPP
AV2djw9JehYKiXAkQAtb2u6hDmqaUkTh79lgePNKOzrAJhciVU7tQR4r+2oGrZ5Z
k/IvkiwlEiNTQfYoQqVrA6tvhht09v8w3r/2aUkE0osf2N9qbgAcvVuyxFhQnRC1
YFzrNG+vZVbUXPdpbbhEFV5MjsF+vo1huyV/u74fxmQtXOWSCbppaz8vAjg=
-----END CERTIFICATE-----
Generated at Sat Oct 18 05:07:02 2025 by rpki-client