Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5cf11082-1370-44e1-bed0-1f06f6b28255.roa
File:                     5cf11082-1370-44e1-bed0-1f06f6b28255.roa (raw, json)
Hash identifier:          ZAFOGYO2vY4nVc8psdQwCs5U/6h8l02MqRAoIUNHbn0=
Subject key identifier:   B5:98:97:1A:EB:47:11:EA:1A:1C:D3:88:FA:8C:3A:19:4A:EA:A2:8D
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4B765D6DFBC06118C514C1DFBFD79980F977E694
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5cf11082-1370-44e1-bed0-1f06f6b28255.roa
Signing time:             Wed 24 Sep 2025 19:26:30 +0000
ROA not before:           Wed 24 Sep 2025 19:26:30 +0000
ROA not after:            Wed 29 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.225.5.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:76:5d:6d:fb:c0:61:18:c5:14:c1:df:bf:d7:99:80:f9:77:e6:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 24 19:26:30 2025 GMT
            Not After : Oct 29 23:59:59 2025 GMT
        Subject: serialNumber=2717ce28a3117c04067dc82ce38ab7e42dd811398d8a0463ca8c9648ec564207, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:98:c2:4f:72:12:3c:aa:42:14:85:73:79:df:
                    cb:ec:d2:97:e3:4e:cc:bd:22:db:51:43:cc:06:f8:
                    b9:2c:3e:a5:67:27:8e:a8:ec:be:02:6e:ae:27:2f:
                    eb:0c:3c:cd:83:9e:17:b6:06:f8:37:6d:01:d0:b4:
                    cd:4d:e2:98:ed:45:aa:14:7e:93:24:5c:42:c8:b9:
                    01:61:a2:50:15:52:da:30:83:b6:8a:c4:f1:28:1c:
                    0f:04:d2:e2:62:da:bf:22:e7:3f:e9:89:e3:1a:44:
                    15:af:b0:87:51:e2:53:b2:21:08:a8:93:f5:86:0c:
                    a3:19:5a:ec:90:54:3c:13:53:b6:0c:6a:fb:ee:02:
                    2a:24:04:84:e3:3c:87:07:fc:98:21:27:36:91:0f:
                    1b:d9:98:81:f6:ea:bc:16:43:80:d4:74:b2:ae:04:
                    9d:36:7e:b3:f9:30:91:99:03:4e:f8:17:c4:e0:bf:
                    c3:62:2c:70:a3:26:a5:31:d7:a1:82:80:7f:fc:67:
                    f5:33:2f:eb:52:ec:70:a5:93:7c:d6:fb:c1:b9:08:
                    79:19:a2:aa:db:1b:32:82:32:f6:84:a6:42:f6:61:
                    c7:50:83:71:5e:c4:32:3d:15:d1:68:8c:9f:cc:c3:
                    eb:97:13:c0:cb:f1:2e:f3:28:84:97:7f:21:3b:5f:
                    1b:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:98:97:1A:EB:47:11:EA:1A:1C:D3:88:FA:8C:3A:19:4A:EA:A2:8D
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5cf11082-1370-44e1-bed0-1f06f6b28255.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.225.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:d3:db:8c:c6:1f:d1:f5:4a:a9:c0:12:62:75:39:2d:35:b0:
         43:39:f7:0e:76:ec:f1:af:47:cf:9d:e3:c9:5f:da:6b:6c:9d:
         88:62:0a:9d:6c:58:6f:df:97:a7:19:17:e5:ed:db:af:aa:6f:
         e1:59:b6:28:f3:40:58:38:c9:4d:63:b6:46:0c:db:98:63:27:
         ec:6b:37:56:06:b3:21:99:8b:6a:0e:10:aa:2c:8b:94:1e:57:
         79:9b:0b:cd:cd:a1:89:26:74:53:41:81:34:9f:1b:a5:2f:93:
         c1:8a:ab:75:25:3d:c4:d0:6d:cf:08:eb:e1:3a:ca:52:aa:b7:
         98:90:66:ca:5f:b7:55:f1:df:e6:49:68:e5:77:7c:19:ab:17:
         cb:4d:bc:02:d0:44:81:80:32:bf:a9:b7:7f:8f:8b:c2:58:4a:
         f7:d7:07:c6:62:c2:bb:91:28:b8:0d:e1:7c:f5:8f:45:0c:ce:
         c7:2a:bd:4f:88:df:61:f1:eb:78:d4:d0:3c:78:d5:e4:d1:14:
         ae:59:de:04:d5:cb:2e:51:8e:0f:0c:71:6e:bc:af:30:49:02:
         c4:48:26:d4:c4:5f:1a:0d:41:69:f7:04:8e:81:19:7d:d2:d6:
         05:92:f3:8a:b4:6b:77:7e:82:4b:a7:e1:07:78:a7:7c:8f:33:
         75:2b:ec:3d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUS3ZdbfvAYRjFFMHfv9eZgPl35pQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI0MTkyNjMwWhcNMjUxMDI5MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNzE3Y2UyOGEzMTE3YzA0MDY3ZGM4MmNlMzhhYjdlNDJk
ZDgxMTM5OGQ4YTA0NjNjYThjOTY0OGVjNTY0MjA3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDpmMJPchI8qkIUhXN538vs0pfjTsy9IttRQ8wG+LksPqVn
J46o7L4Cbq4nL+sMPM2Dnhe2Bvg3bQHQtM1N4pjtRaoUfpMkXELIuQFholAVUtow
g7aKxPEoHA8E0uJi2r8i5z/pieMaRBWvsIdR4lOyIQiok/WGDKMZWuyQVDwTU7YM
avvuAiokBITjPIcH/JghJzaRDxvZmIH26rwWQ4DUdLKuBJ02frP5MJGZA074F8Tg
v8NiLHCjJqUx16GCgH/8Z/UzL+tS7HClk3zW+8G5CHkZoqrbGzKCMvaEpkL2YcdQ
g3FexDI9FdFojJ/Mw+uXE8DL8S7zKISXfyE7Xxs7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUtZiXGutHEeoaHNOI+ow6GUrqoo0wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzVjZjExMDgyLTEzNzAtNDRlMS1iZWQwLTFmMDZmNmIyODI1NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAN4QUwDQYJKoZIhvcNAQELBQADggEBAFzT24zGH9H1SqnAEmJ1OS01sEM5
9w527PGvR8+d48lf2mtsnYhiCp1sWG/fl6cZF+Xt26+qb+FZtijzQFg4yU1jtkYM
25hjJ+xrN1YGsyGZi2oOEKosi5QeV3mbC83NoYkmdFNBgTSfG6Uvk8GKq3UlPcTQ
bc8I6+E6ylKqt5iQZspft1Xx3+ZJaOV3fBmrF8tNvALQRIGAMr+pt3+Pi8JYSvfX
B8ZiwruRKLgN4Xz1j0UMzscqvU+I32Hx63jU0Dx41eTRFK5Z3gTVyy5Rjg8McW68
rzBJAsRIJtTEXxoNQWn3BI6BGX3S1gWS84q0a3d+gkun4Qd4p3yPM3Ur7D0=
-----END CERTIFICATE-----
Generated at Fri Oct 17 22:04:25 2025 by rpki-client