Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6eb3e47f-40dd-4a48-a537-43a219132313.roa
File:                     6eb3e47f-40dd-4a48-a537-43a219132313.roa (raw, json)
Hash identifier:          Nmyqat4VADoG2SbLD39Y5Yx3WsSX/c+6v1zLjyXLH9g=
Subject key identifier:   D7:25:1E:BD:11:4E:80:F5:3C:E7:B6:85:8D:C5:2C:C7:8B:5E:56:50
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       77EC84E1D3349BE8B81DE2B139C316576AD150F6
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6eb3e47f-40dd-4a48-a537-43a219132313.roa
Signing time:             Wed 24 Sep 2025 23:11:32 +0000
ROA not before:           Wed 24 Sep 2025 23:11:32 +0000
ROA not after:            Wed 29 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.66.48.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:ec:84:e1:d3:34:9b:e8:b8:1d:e2:b1:39:c3:16:57:6a:d1:50:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 24 23:11:32 2025 GMT
            Not After : Oct 29 23:59:59 2025 GMT
        Subject: serialNumber=6385a36a9d74407d1fe0b8ff571673ce13e8cb8635cb1076242b935b53b9bd42, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:f5:4f:23:f1:cb:fc:7a:34:bf:dd:c0:37:17:
                    ef:50:7e:54:fa:e9:c0:d8:3d:6d:8b:9c:c9:2a:6a:
                    ce:39:cf:7b:dd:04:9e:97:f3:94:1a:40:4f:77:4e:
                    20:d8:c3:79:ed:4f:66:b4:ca:03:9b:ec:37:a5:69:
                    e8:cd:5e:c4:8a:39:ef:f9:bc:eb:da:89:4e:1d:aa:
                    e5:d8:08:53:61:7c:54:85:01:d9:a9:02:f9:99:4d:
                    35:ad:af:a4:d0:8f:b7:af:ba:c3:d2:1c:e3:22:13:
                    83:dd:b7:7d:68:34:15:b1:45:a8:43:5f:79:e2:a1:
                    2c:1a:46:8c:92:07:73:43:a0:ff:74:15:da:e7:22:
                    77:27:47:13:e3:e9:7d:91:48:de:9b:a2:ac:d2:56:
                    43:b3:a2:a7:65:f0:9e:e0:49:60:62:ca:91:0c:a1:
                    8a:8f:18:fe:7a:58:a4:d2:17:16:71:1b:9a:fc:af:
                    65:21:fc:b3:9b:fa:16:0a:6f:58:df:43:6b:ee:4c:
                    5e:fe:8f:97:a3:d8:d0:11:81:b2:a5:12:84:16:09:
                    bd:9a:d6:ba:16:7d:54:c6:a7:86:28:6e:07:2e:49:
                    bc:e1:c8:69:32:8a:e0:40:bc:58:be:36:4a:da:71:
                    aa:d2:67:7f:d9:bc:cf:5c:c0:0d:11:2d:56:23:67:
                    2a:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:25:1E:BD:11:4E:80:F5:3C:E7:B6:85:8D:C5:2C:C7:8B:5E:56:50
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6eb3e47f-40dd-4a48-a537-43a219132313.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.66.48.0/20

    Signature Algorithm: sha256WithRSAEncryption
         77:3c:ce:1b:ca:c7:86:c8:de:98:dc:4e:3e:e1:e1:ce:bb:aa:
         87:d2:44:c8:5a:06:47:2d:90:dd:0b:07:f8:a4:ba:31:50:3b:
         83:0f:1f:f5:d1:a6:08:34:00:05:83:8b:02:8d:cc:92:8a:9d:
         99:d6:00:80:d6:d4:1f:a2:c7:14:8d:9c:5f:8f:dc:0b:64:8a:
         b7:74:4a:a9:7a:10:98:aa:a0:0a:57:b2:0e:bc:74:7d:3d:0a:
         e7:7c:c4:fa:2a:9c:49:ca:08:61:bf:dc:3d:fa:86:e6:b3:3f:
         6c:46:01:2c:2a:ac:56:68:5d:af:6b:ac:88:fb:27:8b:b4:e9:
         0d:d9:3d:2d:f8:76:e0:bd:2e:70:19:9f:83:c4:2f:aa:33:0b:
         e2:64:39:97:a8:5f:fe:d0:72:b1:10:c2:ee:7b:f9:3b:a7:a1:
         07:66:67:de:37:ee:03:be:26:27:ae:88:93:ce:39:5e:41:3f:
         5d:43:71:ec:27:9b:54:e0:13:8d:c9:e7:3c:16:9f:16:60:ba:
         53:d5:38:0f:36:4c:fb:eb:b2:10:4f:9f:c6:68:63:d1:4a:fc:
         62:88:cd:e2:6b:bf:aa:16:23:53:f2:7a:c3:33:b2:c2:15:17:
         fd:ca:49:71:2a:3f:d4:06:5c:7f:16:bf:bf:0d:aa:aa:9d:79:
         c0:b0:dd:4c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUd+yE4dM0m+i4HeKxOcMWV2rRUPYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI0MjMxMTMyWhcNMjUxMDI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A2Mzg1YTM2YTlkNzQ0MDdkMWZlMGI4ZmY1NzE2NzNjZTEz
ZThjYjg2MzVjYjEwNzYyNDJiOTM1YjUzYjliZDQyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCc9U8j8cv8ejS/3cA3F+9QflT66cDYPW2LnMkqas45z3vd
BJ6X85QaQE93TiDYw3ntT2a0ygOb7DelaejNXsSKOe/5vOvaiU4dquXYCFNhfFSF
AdmpAvmZTTWtr6TQj7evusPSHOMiE4Pdt31oNBWxRahDX3nioSwaRoySB3NDoP90
FdrnIncnRxPj6X2RSN6boqzSVkOzoqdl8J7gSWBiypEMoYqPGP56WKTSFxZxG5r8
r2Uh/LOb+hYKb1jfQ2vuTF7+j5ej2NARgbKlEoQWCb2a1roWfVTGp4YobgcuSbzh
yGkyiuBAvFi+NkracarSZ3/ZvM9cwA0RLVYjZypTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU1yUevRFOgPU857aFjcUsx4teVlAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzZlYjNlNDdmLTQwZGQtNGE0OC1hNTM3LTQzYTIxOTEzMjMxMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQSQjAwDQYJKoZIhvcNAQELBQADggEBAHc8zhvKx4bI3pjcTj7h4c67qofS
RMhaBkctkN0LB/ikujFQO4MPH/XRpgg0AAWDiwKNzJKKnZnWAIDW1B+ixxSNnF+P
3Atkird0Sql6EJiqoApXsg68dH09Cud8xPoqnEnKCGG/3D36huazP2xGASwqrFZo
Xa9rrIj7J4u06Q3ZPS34duC9LnAZn4PEL6ozC+JkOZeoX/7QcrEQwu57+TunoQdm
Z9437gO+JieuiJPOOV5BP11Dcewnm1TgE43J5zwWnxZgulPVOA82TPvrshBPn8Zo
Y9FK/GKIzeJrv6oWI1PyesMzssIVF/3KSXEqP9QGXH8Wv78NqqqdecCw3Uw=
-----END CERTIFICATE-----
Generated at Sat Oct 18 04:21:37 2025 by rpki-client