Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/657b8f0b-b2e9-4e87-a8a3-6d964e5fabc3.roa
File:                     657b8f0b-b2e9-4e87-a8a3-6d964e5fabc3.roa (raw, json)
Hash identifier:          /V8LHSAGu4owYrC9iYD2Ir/F0AMNO9zr2TZp81cd65M=
Subject key identifier:   B2:3E:3A:17:8B:E5:5B:55:7A:61:22:6E:2A:84:8B:12:3C:38:5F:B8
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4DB482E0FB4C5EA42762645FE85EE0A9F4DE1F04
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/657b8f0b-b2e9-4e87-a8a3-6d964e5fabc3.roa
Signing time:             Fri 26 Sep 2025 00:42:19 +0000
ROA not before:           Fri 26 Sep 2025 00:42:19 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.170.184.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:b4:82:e0:fb:4c:5e:a4:27:62:64:5f:e8:5e:e0:a9:f4:de:1f:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 26 00:42:19 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=badb1a95f9e70bbe4cbc88762cd880d41a41ac725b56b8a0daac6d38f907dffb, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:d9:47:9d:8b:3e:0e:79:39:01:f2:1c:b6:81:
                    d3:f0:15:0f:f6:13:8d:98:ff:0f:f4:70:04:b5:2a:
                    f7:2f:ba:dc:47:a8:89:cd:5b:eb:b5:9c:73:d9:ba:
                    aa:30:30:7c:3f:f3:5c:09:58:ed:34:8c:b1:62:a2:
                    f7:33:de:35:9c:73:74:87:10:3e:81:e6:c7:e7:6b:
                    ab:a6:e3:f4:66:17:fc:a1:78:37:84:75:51:e8:61:
                    de:c3:fa:a4:29:7b:c1:ea:dd:87:07:1c:e4:36:cb:
                    c9:4f:a4:a1:a9:e2:28:69:de:c2:3c:13:cb:80:2d:
                    f1:56:37:f0:b3:d1:f4:0f:45:cf:6d:87:2f:03:32:
                    38:ef:1f:41:93:83:86:aa:ce:53:b9:dc:37:6e:40:
                    18:6a:c1:33:61:e8:ab:a4:63:9a:76:54:32:6a:57:
                    46:14:24:bc:2f:8f:5b:9d:69:92:db:15:24:74:76:
                    2b:38:14:3a:76:ec:60:0c:3f:c2:41:be:41:d9:6c:
                    a9:8f:c2:18:99:ec:a5:d7:b7:44:a9:87:d1:b6:c9:
                    75:c2:23:61:b4:b2:72:f4:61:b7:e1:cb:bf:a1:28:
                    bf:66:ea:34:b3:01:7b:23:de:4f:bb:b2:e4:18:b0:
                    f0:e2:71:31:5d:bc:2f:db:e3:0d:35:9e:9b:ad:5b:
                    a4:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:3E:3A:17:8B:E5:5B:55:7A:61:22:6E:2A:84:8B:12:3C:38:5F:B8
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/657b8f0b-b2e9-4e87-a8a3-6d964e5fabc3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.170.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         88:94:24:e1:b8:ee:c8:7c:5f:a3:d2:7a:61:31:31:61:3d:a5:
         1d:99:e0:8f:dc:4f:d2:ac:3d:e6:e2:f4:7c:ec:90:38:cc:8f:
         a9:12:f5:81:d2:85:38:0d:81:ed:35:22:cc:c5:b2:3f:e9:68:
         ee:06:0a:67:e8:30:3a:6e:7d:c7:2f:c0:07:fd:5f:8b:52:28:
         85:f4:dd:3c:d4:71:83:24:58:bc:e4:54:34:3d:bb:c5:86:10:
         72:7d:28:49:64:3a:24:39:ca:4a:1c:2f:f1:d4:71:2b:82:e5:
         f6:58:e2:de:70:a5:e7:c5:36:7c:cf:aa:1a:e2:ba:6c:f8:69:
         cc:4c:32:97:4d:b5:cc:80:9d:db:e4:a3:c8:50:bf:4d:61:1f:
         a3:06:2f:e4:b5:95:25:88:ac:8f:65:7a:4b:eb:b0:fd:61:b0:
         2a:7d:78:06:fd:92:1a:bd:7d:40:c3:3a:ea:7c:3e:ba:a9:ff:
         eb:34:2f:b5:a7:66:70:32:5a:65:b7:c1:cf:0a:49:cb:6e:a5:
         15:37:db:49:e8:8f:1a:48:77:9b:93:60:3e:55:0f:93:de:e8:
         8d:2e:fd:72:16:1c:a5:5c:5e:f1:bc:90:30:a0:53:10:d2:bf:
         56:f5:04:cc:cb:3d:6d:d0:ac:75:fe:f2:3c:6e:fd:4b:50:e3:
         f8:e0:43:f0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTbSC4PtMXqQnYmRf6F7gqfTeHwQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI2MDA0MjE5WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiYWRiMWE5NWY5ZTcwYmJlNGNiYzg4NzYyY2Q4ODBkNDFh
NDFhYzcyNWI1NmI4YTBkYWFjNmQzOGY5MDdkZmZiMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCo2Uediz4OeTkB8hy2gdPwFQ/2E42Y/w/0cAS1KvcvutxH
qInNW+u1nHPZuqowMHw/81wJWO00jLFiovcz3jWcc3SHED6B5sfna6um4/RmF/yh
eDeEdVHoYd7D+qQpe8Hq3YcHHOQ2y8lPpKGp4ihp3sI8E8uALfFWN/Cz0fQPRc9t
hy8DMjjvH0GTg4aqzlO53DduQBhqwTNh6KukY5p2VDJqV0YUJLwvj1udaZLbFSR0
dis4FDp27GAMP8JBvkHZbKmPwhiZ7KXXt0Sph9G2yXXCI2G0snL0Ybfhy7+hKL9m
6jSzAXsj3k+7suQYsPDicTFdvC/b4w01nputW6TZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUsj46F4vlW1V6YSJuKoSLEjw4X7gwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzY1N2I4ZjBiLWIyZTktNGU4Ny1hOGEzLTZkOTY0ZTVmYWJjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIDqrgwDQYJKoZIhvcNAQELBQADggEBAIiUJOG47sh8X6PSemExMWE9pR2Z
4I/cT9KsPebi9HzskDjMj6kS9YHShTgNge01IszFsj/paO4GCmfoMDpufccvwAf9
X4tSKIX03TzUcYMkWLzkVDQ9u8WGEHJ9KElkOiQ5ykocL/HUcSuC5fZY4t5wpefF
NnzPqhriumz4acxMMpdNtcyAndvko8hQv01hH6MGL+S1lSWIrI9lekvrsP1hsCp9
eAb9khq9fUDDOup8Prqp/+s0L7WnZnAyWmW3wc8KSctupRU320nojxpId5uTYD5V
D5Pe6I0u/XIWHKVcXvG8kDCgUxDSv1b1BMzLPW3QrHX+8jxu/UtQ4/jgQ/A=
-----END CERTIFICATE-----
Generated at Sat Oct 18 04:54:56 2025 by rpki-client