Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5424daf6-c878-485e-a9cf-b13787850ac0.roa
File:                     5424daf6-c878-485e-a9cf-b13787850ac0.roa (raw, json)
Hash identifier:          +uB9mkdR3yH1tw3gGdyhVt+oPsF9V1GoNub1dcTe2E4=
Subject key identifier:   6C:9F:86:09:35:AD:89:E1:91:09:5B:07:DF:22:78:2D:9F:67:F9:6E
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       77535DE711CA9A7277A6C666888CD4700EB3AC2C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5424daf6-c878-485e-a9cf-b13787850ac0.roa
Signing time:             Thu 25 Sep 2025 19:51:58 +0000
ROA not before:           Thu 25 Sep 2025 19:51:58 +0000
ROA not after:            Thu 30 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.170.168.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:53:5d:e7:11:ca:9a:72:77:a6:c6:66:88:8c:d4:70:0e:b3:ac:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 25 19:51:58 2025 GMT
            Not After : Oct 30 23:59:59 2025 GMT
        Subject: serialNumber=91774caa078432fa2b82ad542b5386371858a65d7bddf4b6c48e2d842dd34810, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:b2:f0:e7:84:04:bb:6f:ae:8b:16:6c:3f:31:
                    85:f3:49:5f:88:ad:62:bf:65:21:4d:fd:5f:33:57:
                    73:ac:c9:ce:3c:5c:40:3c:9a:b7:ca:f3:ba:64:d0:
                    be:70:3a:73:ac:c2:17:37:6b:6d:90:b6:90:91:7b:
                    23:32:90:37:9f:49:79:ae:dd:82:73:8d:e9:1a:32:
                    e8:00:01:f0:33:4f:50:ce:21:da:1a:c3:4c:8e:ef:
                    9f:39:51:13:fa:28:9d:e6:34:e4:ed:1c:d0:9b:f5:
                    18:48:80:15:3c:f8:11:29:03:e7:1f:cf:cd:40:86:
                    66:94:92:34:a6:12:ba:f7:e8:09:61:11:9b:3c:5b:
                    69:42:63:f3:30:5b:3c:23:62:61:54:ee:85:bb:97:
                    4b:93:35:aa:ee:08:a2:1e:7e:ce:0d:cc:de:16:b1:
                    a9:ab:67:d3:87:0f:a6:d3:61:da:b6:a1:a5:48:81:
                    96:49:a9:16:2b:06:06:75:e5:6c:7c:d6:3b:bf:d0:
                    0a:23:fd:8e:99:e5:97:88:0e:7c:fa:07:4b:0b:af:
                    15:d8:a4:b0:3b:2b:4c:2e:7d:fe:d9:d9:e5:db:9f:
                    36:cb:0a:d7:0e:bc:7c:32:98:b8:df:ab:3c:41:56:
                    9c:c7:0a:0b:91:b5:1a:6f:cc:4d:74:5c:12:fe:f4:
                    b0:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:9F:86:09:35:AD:89:E1:91:09:5B:07:DF:22:78:2D:9F:67:F9:6E
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5424daf6-c878-485e-a9cf-b13787850ac0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.170.168.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:05:fe:a0:11:7c:c8:e5:54:18:68:2d:87:70:9f:9a:ab:84:
         f5:83:02:87:34:e9:d3:28:c3:e0:5e:1d:0f:c3:bc:26:78:dd:
         91:29:2e:bc:f2:fc:88:af:81:c1:dd:46:6a:5e:8d:25:c8:c0:
         30:19:65:5b:04:15:0e:e4:05:c3:be:4a:09:45:17:f4:eb:d9:
         d9:f6:87:89:c2:42:6e:bf:fd:ae:4d:21:01:41:3d:f5:38:64:
         79:a9:ac:5a:bb:71:ea:92:92:20:63:9a:da:6f:63:1b:d1:33:
         1a:a3:e9:0d:81:59:59:92:83:bc:ea:38:4b:92:56:88:a2:eb:
         39:cb:f5:77:f2:88:a3:fe:87:f3:15:96:12:c9:10:28:13:2b:
         38:44:4e:53:32:e4:14:3f:b3:8e:3f:a7:70:6a:51:23:27:30:
         2b:56:60:80:5a:ba:bd:a7:e9:22:f8:a5:f0:43:3b:e1:af:f5:
         3c:6b:9b:78:4a:3a:55:2d:3d:92:93:28:52:ce:41:de:b1:00:
         00:ec:e9:d4:fd:8d:42:03:6e:1e:88:11:22:33:a6:ac:a5:82:
         2d:f7:b5:01:24:99:90:cf:3b:14:d9:fa:b4:78:99:4a:fa:be:
         de:c0:79:e5:f2:a7:da:6f:a6:f4:be:63:1d:a2:94:81:a8:b1:
         bc:5f:52:ed
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUd1Nd5xHKmnJ3psZmiIzUcA6zrCwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI1MTk1MTU4WhcNMjUxMDMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MTc3NGNhYTA3ODQzMmZhMmI4MmFkNTQyYjUzODYzNzE4
NThhNjVkN2JkZGY0YjZjNDhlMmQ4NDJkZDM0ODEwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDNsvDnhAS7b66LFmw/MYXzSV+IrWK/ZSFN/V8zV3Osyc48
XEA8mrfK87pk0L5wOnOswhc3a22QtpCReyMykDefSXmu3YJzjekaMugAAfAzT1DO
Idoaw0yO7585URP6KJ3mNOTtHNCb9RhIgBU8+BEpA+cfz81AhmaUkjSmErr36Alh
EZs8W2lCY/MwWzwjYmFU7oW7l0uTNaruCKIefs4NzN4WsamrZ9OHD6bTYdq2oaVI
gZZJqRYrBgZ15Wx81ju/0Aoj/Y6Z5ZeIDnz6B0sLrxXYpLA7K0wuff7Z2eXbnzbL
CtcOvHwymLjfqzxBVpzHCguRtRpvzE10XBL+9LDdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUbJ+GCTWtieGRCVsH3yJ4LZ9n+W4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzU0MjRkYWY2LWM4NzgtNDg1ZS1hOWNmLWIxMzc4Nzg1MGFjMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAADqqgwDQYJKoZIhvcNAQELBQADggEBAEIF/qARfMjlVBhoLYdwn5qrhPWD
Aoc06dMow+BeHQ/DvCZ43ZEpLrzy/IivgcHdRmpejSXIwDAZZVsEFQ7kBcO+SglF
F/Tr2dn2h4nCQm6//a5NIQFBPfU4ZHmprFq7ceqSkiBjmtpvYxvRMxqj6Q2BWVmS
g7zqOEuSVoii6znL9XfyiKP+h/MVlhLJECgTKzhETlMy5BQ/s44/p3BqUSMnMCtW
YIBaur2n6SL4pfBDO+Gv9Txrm3hKOlUtPZKTKFLOQd6xAADs6dT9jUIDbh6IESIz
pqylgi33tQEkmZDPOxTZ+rR4mUr6vt7AeeXyp9pvpvS+Yx2ilIGosbxfUu0=
-----END CERTIFICATE-----
Generated at Sat Oct 18 02:16:30 2025 by rpki-client