Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5f0772d8-f455-463e-9417-4ddc13856c48.roa
File:                     5f0772d8-f455-463e-9417-4ddc13856c48.roa (raw, json)
Hash identifier:          x6YTVGq0Hw90Lkx7iniRiKglRaXPJkKVBdylO+6w/Q8=
Subject key identifier:   8D:EE:FE:51:43:BC:21:78:AB:C8:B8:C6:69:86:40:F9:D2:F8:C2:F1
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0E84408E8E88E73B5F6B6D2DD37FBB41C46333CF
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5f0772d8-f455-463e-9417-4ddc13856c48.roa
Signing time:             Mon 01 Sep 2025 17:01:15 +0000
ROA not before:           Mon 01 Sep 2025 17:01:15 +0000
ROA not after:            Mon 06 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.148.0.0/14 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 19 Sep 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:84:40:8e:8e:88:e7:3b:5f:6b:6d:2d:d3:7f:bb:41:c4:63:33:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep  1 17:01:15 2025 GMT
            Not After : Oct  6 23:59:59 2025 GMT
        Subject: serialNumber=2112bead452767ab8f3ff7d5f2096843568917543fa606f451f769845c218f99, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:00:2f:d5:75:bd:89:93:57:f2:83:f9:86:99:
                    24:8e:51:1b:32:a6:38:81:03:ce:f3:71:ba:0f:60:
                    65:96:30:3b:fa:b6:a6:df:d1:ad:ba:f1:d6:3d:6e:
                    c5:ae:9b:0b:c2:73:c2:db:c6:71:aa:5a:c0:3b:9a:
                    f1:4b:03:c6:72:0a:8e:6e:3a:a0:b4:47:02:16:f9:
                    0e:ad:c3:c4:a6:cf:3d:9a:26:bc:dd:06:9d:35:c1:
                    dd:10:26:4b:90:c5:07:aa:06:6c:b7:30:c6:a1:68:
                    85:dc:cf:7d:e1:13:99:8b:a1:9b:99:21:10:4a:56:
                    f6:48:5a:25:cc:a5:30:a5:9a:cf:56:7c:8e:ac:f8:
                    f3:ca:e6:e1:35:27:3a:5a:60:b9:d4:18:ea:b8:46:
                    54:68:a2:07:3c:26:0e:97:8f:c5:f7:fc:29:b0:f0:
                    6d:a7:b0:89:48:ee:c3:fc:9a:1a:a4:81:72:50:b1:
                    ea:47:30:95:0c:fa:f7:85:b7:3a:71:66:a6:b9:1c:
                    01:74:9f:b1:1b:de:23:ba:06:20:f9:7a:4b:0c:79:
                    81:8d:d2:5d:29:d6:99:03:62:39:10:be:a3:d5:8e:
                    70:53:af:6a:a8:ba:65:fc:b0:64:04:43:88:db:46:
                    88:01:6e:86:c4:11:3f:9a:1b:f4:1b:68:83:93:95:
                    6c:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:EE:FE:51:43:BC:21:78:AB:C8:B8:C6:69:86:40:F9:D2:F8:C2:F1
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5f0772d8-f455-463e-9417-4ddc13856c48.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.148.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         b1:3e:60:81:21:aa:1f:45:6a:5b:6a:fc:c4:48:03:56:61:4a:
         02:99:fd:46:84:a9:f5:65:27:9a:d5:35:88:96:cd:cb:36:44:
         73:85:b5:f0:8e:18:b8:72:dc:8f:34:5c:44:97:2b:a8:ed:32:
         07:69:37:bf:49:06:5f:55:5e:ff:4c:3f:78:21:b3:c7:f7:0b:
         9e:d3:2d:27:61:a3:0a:12:0f:b5:8f:fa:d3:45:b3:bb:2f:cb:
         09:5b:27:ed:cb:41:78:c3:f0:00:55:cc:7c:ae:8a:14:b8:75:
         88:a4:5b:80:d2:0e:52:59:ce:34:95:d7:f2:44:9e:a9:0e:39:
         dd:b1:77:e8:5e:b4:14:7e:cc:d0:9b:bf:d4:48:d3:8d:8c:3f:
         39:af:8e:8e:9a:c6:f5:b4:c3:21:3d:5f:3b:ef:6d:34:de:5b:
         15:75:e6:73:4e:bd:d2:c0:8c:16:3e:41:0d:b0:6e:98:be:f6:
         b6:c7:38:0d:10:17:22:9f:09:31:b8:42:01:12:de:04:f4:30:
         ce:96:8e:70:eb:ac:84:91:58:72:7a:73:8d:a4:56:90:07:90:
         dd:42:18:9e:a0:27:4f:56:60:43:d0:36:53:9b:bd:12:bb:6b:
         6d:15:2b:51:a1:44:2f:68:1c:19:33:96:1c:fa:df:f0:3f:d6:
         6e:72:c7:2c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUDoRAjo6I5ztfa20t03+7QcRjM88wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTAxMTcwMTE1WhcNMjUxMDA2MjM1OTU5
WjB6MUkwRwYDVQQFE0AyMTEyYmVhZDQ1Mjc2N2FiOGYzZmY3ZDVmMjA5Njg0MzU2
ODkxNzU0M2ZhNjA2ZjQ1MWY3Njk4NDVjMjE4Zjk5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCuAC/Vdb2Jk1fyg/mGmSSOURsypjiBA87zcboPYGWWMDv6
tqbf0a268dY9bsWumwvCc8LbxnGqWsA7mvFLA8ZyCo5uOqC0RwIW+Q6tw8Smzz2a
JrzdBp01wd0QJkuQxQeqBmy3MMahaIXcz33hE5mLoZuZIRBKVvZIWiXMpTClms9W
fI6s+PPK5uE1JzpaYLnUGOq4RlRoogc8Jg6Xj8X3/Cmw8G2nsIlI7sP8mhqkgXJQ
sepHMJUM+veFtzpxZqa5HAF0n7Eb3iO6BiD5eksMeYGN0l0p1pkDYjkQvqPVjnBT
r2qoumX8sGQEQ4jbRogBbobEET+aG/QbaIOTlWyfAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUje7+UUO8IXiryLjGaYZA+dL4wvEwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzVmMDc3MmQ4LWY0NTUtNDYzZS05NDE3LTRkZGMxMzg1NmM0OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwISlDANBgkqhkiG9w0BAQsFAAOCAQEAsT5ggSGqH0VqW2r8xEgDVmFKApn9
RoSp9WUnmtU1iJbNyzZEc4W18I4YuHLcjzRcRJcrqO0yB2k3v0kGX1Ve/0w/eCGz
x/cLntMtJ2GjChIPtY/600Wzuy/LCVsn7ctBeMPwAFXMfK6KFLh1iKRbgNIOUlnO
NJXX8kSeqQ453bF36F60FH7M0Ju/1EjTjYw/Oa+OjprG9bTDIT1fO+9tNN5bFXXm
c0690sCMFj5BDbBumL72tsc4DRAXIp8JMbhCARLeBPQwzpaOcOushJFYcnpzjaRW
kAeQ3UIYnqAnT1ZgQ9A2U5u9ErtrbRUrUaFEL2gcGTOWHPrf8D/WbnLHLA==
-----END CERTIFICATE-----
Generated at Thu Sep 18 09:16:13 2025 by rpki-client