Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/73b2776a-fc7a-4745-a279-c25861c5ca2b.roa
File:                     73b2776a-fc7a-4745-a279-c25861c5ca2b.roa (raw, json)
Hash identifier:          p9y07hOA4jn7mO+fu+x8FQ07fS7HgVSY4AvTmmW45qM=
Subject key identifier:   B5:FC:C2:53:9E:64:EC:DC:2D:2B:E9:34:AA:D6:56:EB:C8:47:5E:B0
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0AF30ED588CBFB25EBD7FA972CE1C279000A7244
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/73b2776a-fc7a-4745-a279-c25861c5ca2b.roa
Signing time:             Tue 23 Sep 2025 00:42:34 +0000
ROA not before:           Tue 23 Sep 2025 00:42:34 +0000
ROA not after:            Tue 28 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.84.32.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:f3:0e:d5:88:cb:fb:25:eb:d7:fa:97:2c:e1:c2:79:00:0a:72:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 23 00:42:34 2025 GMT
            Not After : Oct 28 23:59:59 2025 GMT
        Subject: serialNumber=04a65ae824f1040990294b3157155d76e287bbf344d3aedae061bd23195a029c, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:05:a6:95:ce:2c:64:bb:0d:5b:cb:dd:8b:39:
                    bf:c2:43:22:e1:ef:2c:e0:40:a3:1b:74:e3:53:4f:
                    03:d9:ee:2f:7c:e2:c2:b4:c9:c6:c4:03:92:f5:92:
                    cf:ba:7b:f0:22:de:5e:dc:7e:0c:64:70:9f:a9:86:
                    0a:fb:3e:33:b7:a4:30:f2:98:15:c5:18:0c:bd:ec:
                    37:6f:a7:53:f7:af:d4:4f:9a:f1:53:4b:dc:0c:75:
                    65:38:ba:e2:c3:36:07:4a:41:4e:d6:69:cf:43:9b:
                    c1:c2:79:67:53:ed:51:97:b7:29:7f:fd:14:7e:73:
                    84:8e:91:6c:0f:9a:12:ee:30:e4:6b:fb:6d:3c:38:
                    61:53:60:4d:58:f3:0f:cf:47:31:8b:14:db:23:39:
                    80:73:a4:a3:97:b3:18:84:61:84:24:60:53:9d:c9:
                    12:0d:ee:ad:26:f5:0c:52:94:bb:c9:73:51:a5:ad:
                    5a:2f:61:fa:d7:cd:4a:12:c3:1c:a1:5b:ca:d1:e0:
                    7f:c6:d1:72:cc:a6:3c:19:a7:dd:33:54:24:9a:d6:
                    28:d1:1f:a8:3f:f5:e2:4e:8c:b7:f8:cc:27:90:30:
                    c0:19:ee:63:d2:96:da:78:1d:6d:b0:7e:ab:f8:40:
                    52:fe:9b:f0:d9:31:d5:8c:dd:a2:e8:d3:27:a9:d1:
                    e8:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:FC:C2:53:9E:64:EC:DC:2D:2B:E9:34:AA:D6:56:EB:C8:47:5E:B0
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/73b2776a-fc7a-4745-a279-c25861c5ca2b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.84.32.0/20

    Signature Algorithm: sha256WithRSAEncryption
         43:1f:24:78:c5:6e:d3:64:fe:99:de:d6:81:7e:76:55:b8:ba:
         22:4c:f4:c3:b3:50:df:ee:d7:74:07:5e:57:b7:4e:87:bd:34:
         f7:4a:06:27:fd:de:f2:bb:e5:da:9d:d7:91:38:09:e1:6f:eb:
         4d:14:b5:24:d1:37:ea:d5:95:0a:f4:2d:e4:36:80:ad:d1:4a:
         e0:06:f0:f5:89:83:af:af:f3:b0:ae:e6:77:92:a0:f5:83:1a:
         bf:30:40:ab:6d:27:b9:a4:79:85:a7:e6:45:a4:a9:4b:e5:19:
         b5:05:b3:ac:3b:85:22:9c:f1:7e:ab:08:32:6d:f2:f0:f5:12:
         38:5e:0b:9b:48:83:aa:8f:16:65:b3:14:ac:b4:59:fd:2c:86:
         6b:7e:b3:3e:25:8f:f3:ae:35:97:4c:d4:86:4a:33:00:ee:2a:
         a7:1e:b2:d5:9d:d0:d6:88:34:77:3f:3e:c6:87:de:36:2a:6b:
         f6:99:31:8b:94:e0:e7:f0:7b:99:8d:24:3c:ef:09:15:fb:d2:
         a0:d0:0a:21:df:89:69:25:cb:92:96:ec:a1:c7:2c:1e:5f:4c:
         ad:30:f6:7d:80:0b:65:b8:1f:03:70:d8:9b:4a:13:ab:f3:bb:
         6c:8b:be:63:b1:d1:fb:5f:d5:c1:ff:0b:aa:b0:cf:22:77:34:
         1f:61:dc:4f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCvMO1YjL+yXr1/qXLOHCeQAKckQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTIzMDA0MjM0WhcNMjUxMDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNGE2NWFlODI0ZjEwNDA5OTAyOTRiMzE1NzE1NWQ3NmUy
ODdiYmYzNDRkM2FlZGFlMDYxYmQyMzE5NWEwMjljMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDABaaVzixkuw1by92LOb/CQyLh7yzgQKMbdONTTwPZ7i98
4sK0ycbEA5L1ks+6e/Ai3l7cfgxkcJ+phgr7PjO3pDDymBXFGAy97Ddvp1P3r9RP
mvFTS9wMdWU4uuLDNgdKQU7Wac9Dm8HCeWdT7VGXtyl//RR+c4SOkWwPmhLuMORr
+208OGFTYE1Y8w/PRzGLFNsjOYBzpKOXsxiEYYQkYFOdyRIN7q0m9QxSlLvJc1Gl
rVovYfrXzUoSwxyhW8rR4H/G0XLMpjwZp90zVCSa1ijRH6g/9eJOjLf4zCeQMMAZ
7mPSltp4HW2wfqv4QFL+m/DZMdWM3aLo0yep0eifAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUtfzCU55k7NwtK+k0qtZW68hHXrAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzczYjI3NzZhLWZjN2EtNDc0NS1hMjc5LWMyNTg2MWM1Y2EyYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQ0VCAwDQYJKoZIhvcNAQELBQADggEBAEMfJHjFbtNk/pne1oF+dlW4uiJM
9MOzUN/u13QHXle3Toe9NPdKBif93vK75dqd15E4CeFv600UtSTRN+rVlQr0LeQ2
gK3RSuAG8PWJg6+v87Cu5neSoPWDGr8wQKttJ7mkeYWn5kWkqUvlGbUFs6w7hSKc
8X6rCDJt8vD1EjheC5tIg6qPFmWzFKy0Wf0shmt+sz4lj/OuNZdM1IZKMwDuKqce
stWd0NaINHc/PsaH3jYqa/aZMYuU4Ofwe5mNJDzvCRX70qDQCiHfiWkly5KW7KHH
LB5fTK0w9n2AC2W4HwNw2JtKE6vzu2yLvmOx0ftf1cH/C6qwzyJ3NB9h3E8=
-----END CERTIFICATE-----
Generated at Fri Oct 17 23:47:43 2025 by rpki-client