Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/51943a85-127f-47dd-9ced-6f72fa66caa9.roa
File:                     51943a85-127f-47dd-9ced-6f72fa66caa9.roa (raw, json)
Hash identifier:          zkJ4hjxZA7+kNX7VrN27NX1ed5NmY0Aj7dztAL4Xxtk=
Subject key identifier:   69:6D:1B:0E:B1:B1:C1:64:74:F3:D0:7F:7F:0D:C7:30:15:0D:4C:94
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7257B7D3D034DDD3933756C0EE7C3733C8768A7C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/51943a85-127f-47dd-9ced-6f72fa66caa9.roa
Signing time:             Thu 25 Sep 2025 19:02:44 +0000
ROA not before:           Thu 25 Sep 2025 19:02:44 +0000
ROA not after:            Thu 30 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.167.38.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:57:b7:d3:d0:34:dd:d3:93:37:56:c0:ee:7c:37:33:c8:76:8a:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 25 19:02:44 2025 GMT
            Not After : Oct 30 23:59:59 2025 GMT
        Subject: serialNumber=ffa2951aaf973db9e85d1f89ba4c9a6311d1337a8b242730d942efacdca47a19, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:79:66:ab:5c:9b:f0:67:14:27:5d:8e:97:b0:
                    a3:23:08:6a:a9:8d:96:5a:ba:5b:a8:7e:30:ab:41:
                    65:50:a3:ed:a4:1e:91:aa:74:f1:38:7f:02:e6:b7:
                    91:ea:d7:64:83:0e:f1:1b:4b:e9:0b:17:9e:a2:ba:
                    6b:8b:99:38:1d:60:33:66:bc:52:42:03:de:69:f3:
                    98:37:4d:0f:14:2a:b9:4d:2d:43:2a:65:62:26:2c:
                    3f:74:2b:26:4f:ac:64:9b:a1:7b:07:b9:60:f3:8c:
                    76:a8:ac:eb:2a:b7:28:68:ab:b8:53:9d:d2:4c:3c:
                    09:c5:1c:38:cb:03:b3:56:86:03:1c:0f:eb:21:35:
                    21:c5:28:f0:72:72:69:8f:42:29:6f:de:61:0d:e6:
                    2a:36:43:80:a4:b0:9f:79:6d:b6:ed:c6:14:b7:91:
                    fd:a7:40:25:bc:5d:c8:f5:9b:15:d7:14:0a:9e:48:
                    d9:cc:d1:f0:c7:b1:d3:2b:a9:a0:0d:8a:7b:49:0b:
                    65:b1:65:a4:e9:30:4f:f7:6d:25:fa:5d:a6:48:bc:
                    dc:55:d7:8b:c0:f0:a5:d3:e3:e3:c9:1c:eb:3f:72:
                    b5:df:f3:a7:b8:76:a8:e7:77:7a:6f:08:17:bd:4e:
                    92:e6:32:f5:ce:d4:42:12:9f:31:79:d9:90:e9:46:
                    37:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:6D:1B:0E:B1:B1:C1:64:74:F3:D0:7F:7F:0D:C7:30:15:0D:4C:94
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/51943a85-127f-47dd-9ced-6f72fa66caa9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.167.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:36:f6:f7:2a:a0:88:27:23:26:4d:6a:b6:49:a6:33:9f:34:
         ea:c8:44:eb:61:4a:9f:77:be:3e:64:40:c7:26:45:1d:18:88:
         16:cd:d1:93:1a:a7:da:8c:19:8c:9f:d1:67:b7:04:ff:24:c4:
         d2:22:68:59:0c:77:c5:c0:00:0e:04:9c:ed:7f:e2:06:ef:9f:
         8b:02:36:a3:76:00:2d:ca:30:4d:9c:a6:6d:fa:7c:59:86:17:
         de:59:8b:36:6b:29:b8:59:62:a0:46:a7:94:c2:2e:28:64:4b:
         b8:30:43:e6:40:cc:4c:2d:67:e4:62:c8:a9:9a:6a:45:1e:ac:
         30:2d:88:47:46:97:39:75:f9:0d:38:a8:ce:22:81:4e:e5:f0:
         81:d7:f8:2e:19:20:53:2e:48:b4:98:cc:b9:11:0c:79:cb:6d:
         27:94:4a:d2:ce:5f:5a:8e:15:b2:ae:68:c8:db:a2:2a:55:9a:
         ae:6d:49:14:14:3c:f8:ea:71:07:1d:5d:42:dc:0b:dc:99:14:
         ea:d9:05:c8:e6:b8:c6:32:dc:27:4f:a2:8b:b9:33:a0:f9:06:
         ec:09:9d:68:35:c3:88:5f:97:d9:a4:95:1e:f0:ef:d7:9b:ab:
         fe:5c:9a:af:f5:c8:59:d6:1a:a1:45:7c:fd:27:05:9b:d0:08:
         ef:a2:5d:0f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcle309A03dOTN1bA7nw3M8h2inwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI1MTkwMjQ0WhcNMjUxMDMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BmZmEyOTUxYWFmOTczZGI5ZTg1ZDFmODliYTRjOWE2MzEx
ZDEzMzdhOGIyNDI3MzBkOTQyZWZhY2RjYTQ3YTE5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDneWarXJvwZxQnXY6XsKMjCGqpjZZauluofjCrQWVQo+2k
HpGqdPE4fwLmt5Hq12SDDvEbS+kLF56iumuLmTgdYDNmvFJCA95p85g3TQ8UKrlN
LUMqZWImLD90KyZPrGSboXsHuWDzjHaorOsqtyhoq7hTndJMPAnFHDjLA7NWhgMc
D+shNSHFKPBycmmPQilv3mEN5io2Q4CksJ95bbbtxhS3kf2nQCW8Xcj1mxXXFAqe
SNnM0fDHsdMrqaANintJC2WxZaTpME/3bSX6XaZIvNxV14vA8KXT4+PJHOs/crXf
86e4dqjnd3pvCBe9TpLmMvXO1EISnzF52ZDpRjcjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUaW0bDrGxwWR089B/fw3HMBUNTJQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzUxOTQzYTg1LTEyN2YtNDdkZC05Y2VkLTZmNzJmYTY2Y2FhOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAADpyYwDQYJKoZIhvcNAQELBQADggEBACY29vcqoIgnIyZNarZJpjOfNOrI
ROthSp93vj5kQMcmRR0YiBbN0ZMap9qMGYyf0We3BP8kxNIiaFkMd8XAAA4EnO1/
4gbvn4sCNqN2AC3KME2cpm36fFmGF95ZizZrKbhZYqBGp5TCLihkS7gwQ+ZAzEwt
Z+RiyKmaakUerDAtiEdGlzl1+Q04qM4igU7l8IHX+C4ZIFMuSLSYzLkRDHnLbSeU
StLOX1qOFbKuaMjboipVmq5tSRQUPPjqcQcdXULcC9yZFOrZBcjmuMYy3CdPoou5
M6D5BuwJnWg1w4hfl9mklR7w79ebq/5cmq/1yFnWGqFFfP0nBZvQCO+iXQ8=
-----END CERTIFICATE-----
Generated at Sat Oct 18 02:35:31 2025 by rpki-client