Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/70e3f95f-4fd8-4acd-84e4-3ac6703b0781.roa
File:                     70e3f95f-4fd8-4acd-84e4-3ac6703b0781.roa (raw, json)
Hash identifier:          sI04qmZ+Ys+Bxp+Sxp+uFlp5PlBzngmvoCWxsA0W85s=
Subject key identifier:   05:C1:C2:50:F9:BA:CE:A7:A9:65:09:77:BC:CA:71:6E:A3:43:E8:70
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       361C43DF206195814F09E973F7A69B035779AF28
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/70e3f95f-4fd8-4acd-84e4-3ac6703b0781.roa
Signing time:             Fri 10 Oct 2025 16:10:53 +0000
ROA not before:           Fri 10 Oct 2025 16:10:53 +0000
ROA not after:            Fri 14 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.66.32.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:1c:43:df:20:61:95:81:4f:09:e9:73:f7:a6:9b:03:57:79:af:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 10 16:10:53 2025 GMT
            Not After : Nov 14 23:59:59 2025 GMT
        Subject: serialNumber=1b5586e2c7e6d6a1c0ba9af25ff83b568ae23ebadf824d64feab268a23e3742e, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:38:72:3c:68:8e:9a:ed:c0:78:fe:ed:a7:2c:
                    0d:a4:f7:37:7c:11:25:10:0e:e9:1f:86:b1:81:e0:
                    ed:9b:2d:c0:80:3a:13:78:4c:d7:c6:0b:21:4f:d9:
                    40:b0:8a:96:7c:f8:73:4a:ee:21:0b:d3:7f:c7:08:
                    5a:f9:e6:18:77:46:cc:0c:08:4b:0f:74:d1:7b:05:
                    22:23:c0:14:37:33:1e:cc:f0:56:e2:9f:b3:9d:50:
                    2b:8b:ba:3e:fd:85:fb:d2:c3:2b:52:46:5d:e0:e9:
                    a2:52:6a:17:28:7e:b9:0f:4c:c4:11:7d:c7:33:79:
                    1d:ce:70:13:78:9d:84:c3:86:b4:8b:c5:46:b4:3e:
                    1b:16:ca:80:2a:2f:25:c8:82:2c:4b:23:a9:bd:67:
                    2f:62:ff:40:f7:09:11:d9:d7:c9:ed:2d:96:f8:0a:
                    fc:89:ae:81:f2:03:69:da:42:08:35:10:16:a7:89:
                    67:18:0c:56:4f:e7:b9:de:fc:a3:91:f2:2e:e9:1b:
                    80:23:b3:be:b3:17:6b:77:6c:dd:23:54:a2:1b:4e:
                    52:4e:33:b3:0b:6e:83:fa:3c:f3:50:d1:fa:c5:36:
                    d3:80:44:34:ee:c7:f9:ce:19:ac:1f:03:1d:50:37:
                    6b:5d:5d:1d:de:a9:67:c3:6a:d5:41:85:e6:2d:e2:
                    2d:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:C1:C2:50:F9:BA:CE:A7:A9:65:09:77:BC:CA:71:6E:A3:43:E8:70
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/70e3f95f-4fd8-4acd-84e4-3ac6703b0781.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.66.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         a1:51:04:6f:71:6e:45:f5:6c:0a:0d:f0:ef:af:c8:61:2a:56:
         6e:9e:42:4d:26:6e:e5:b1:05:79:42:ff:73:db:6f:5e:7c:7d:
         e8:15:b4:7f:c2:8b:65:dd:28:b5:c3:0b:39:ab:e6:2f:84:c4:
         54:22:87:ba:94:e0:6b:91:63:2a:f2:df:1a:c6:23:89:b3:2e:
         39:98:bc:f9:0a:fa:16:5c:5e:24:92:f3:dd:a6:65:43:f4:bc:
         ea:49:3c:f5:48:b2:b4:19:03:06:a7:9a:40:9c:28:c1:04:01:
         d0:1e:87:55:e2:c3:3e:00:70:92:08:76:2f:bb:1f:8d:a0:08:
         3d:d2:55:0f:34:18:d7:d7:b3:ba:b5:d8:47:69:c3:ac:7a:dc:
         48:17:7b:77:51:d9:fd:ca:9d:c9:8c:f9:9a:24:17:87:91:eb:
         85:71:ac:ed:02:41:77:15:db:9d:ac:c1:de:9d:ef:c5:d8:60:
         ef:eb:49:f0:e2:bd:e7:3c:f0:2f:62:6d:a1:04:51:6f:4f:fa:
         9e:29:22:cd:bb:f9:c1:62:44:a2:bf:ff:de:91:4e:d0:86:65:
         fc:09:9f:27:80:07:ad:f4:a8:2a:b5:65:01:56:11:0a:b7:af:
         b6:9c:a6:1e:19:6e:46:d0:43:e4:eb:d6:b3:61:d9:57:ac:94:
         97:b1:be:4a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNhxD3yBhlYFPCelz96abA1d5rygwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDEwMTYxMDUzWhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYjU1ODZlMmM3ZTZkNmExYzBiYTlhZjI1ZmY4M2I1Njhh
ZTIzZWJhZGY4MjRkNjRmZWFiMjY4YTIzZTM3NDJlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfOHI8aI6a7cB4/u2nLA2k9zd8ESUQDukfhrGB4O2bLcCA
OhN4TNfGCyFP2UCwipZ8+HNK7iEL03/HCFr55hh3RswMCEsPdNF7BSIjwBQ3Mx7M
8Fbin7OdUCuLuj79hfvSwytSRl3g6aJSahcofrkPTMQRfcczeR3OcBN4nYTDhrSL
xUa0PhsWyoAqLyXIgixLI6m9Zy9i/0D3CRHZ18ntLZb4CvyJroHyA2naQgg1EBan
iWcYDFZP57ne/KOR8i7pG4Ajs76zF2t3bN0jVKIbTlJOM7MLboP6PPNQ0frFNtOA
RDTux/nOGawfAx1QN2tdXR3eqWfDatVBheYt4i2fAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBcHCUPm6zqepZQl3vMpxbqND6HAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzcwZTNmOTVmLTRmZDgtNGFjZC04NGU0LTNhYzY3MDNiMDc4MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU0QiAwDQYJKoZIhvcNAQELBQADggEBAKFRBG9xbkX1bAoN8O+vyGEqVm6e
Qk0mbuWxBXlC/3Pbb158fegVtH/Ci2XdKLXDCzmr5i+ExFQih7qU4GuRYyry3xrG
I4mzLjmYvPkK+hZcXiSS892mZUP0vOpJPPVIsrQZAwanmkCcKMEEAdAeh1Xiwz4A
cJIIdi+7H42gCD3SVQ80GNfXs7q12Edpw6x63EgXe3dR2f3KncmM+ZokF4eR64Vx
rO0CQXcV252swd6d78XYYO/rSfDivec88C9ibaEEUW9P+p4pIs27+cFiRKK//96R
TtCGZfwJnyeAB630qCq1ZQFWEQq3r7acph4ZbkbQQ+Tr1rNh2VeslJexvko=
-----END CERTIFICATE-----
Generated at Fri Oct 17 23:54:19 2025 by rpki-client