Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/74e60040-34ef-4940-8a46-29518f359ee3.roa
File:                     74e60040-34ef-4940-8a46-29518f359ee3.roa (raw, json)
Hash identifier:          hT+cBxmZIGEkeaKDOXwqpaUVQFtEyLkkeKP2N78YZcA=
Subject key identifier:   53:F2:D2:5A:45:DC:C4:0E:F7:39:1D:79:A2:B3:F9:69:58:F0:E8:46
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       3A8893E9467BE0888C99F39F0BAE843BC74B1D2D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/74e60040-34ef-4940-8a46-29518f359ee3.roa
Signing time:             Tue 23 Sep 2025 00:02:33 +0000
ROA not before:           Tue 23 Sep 2025 00:02:33 +0000
ROA not after:            Tue 28 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.85.166.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:88:93:e9:46:7b:e0:88:8c:99:f3:9f:0b:ae:84:3b:c7:4b:1d:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 23 00:02:33 2025 GMT
            Not After : Oct 28 23:59:59 2025 GMT
        Subject: serialNumber=35cdc23b3de9a9e2e93a4e9759920956de50a102ea164ed990bfe95903694e8e, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:e7:1a:ea:78:ed:d9:96:72:f1:06:fa:42:ea:
                    23:73:40:70:92:4a:63:9e:e2:23:02:63:9f:22:79:
                    ea:c4:16:34:6e:09:b1:67:06:45:39:34:a8:96:01:
                    ae:77:69:25:ac:34:b1:65:d5:fb:05:94:0c:f2:51:
                    36:4d:f1:7f:8e:76:33:80:b1:ac:f8:d1:aa:17:86:
                    95:2e:88:36:cd:eb:1a:9a:fe:24:33:88:14:16:5d:
                    6f:12:b6:b9:95:39:93:68:d0:8b:32:7a:a7:2f:34:
                    cf:4a:e8:26:60:e1:b1:55:bb:ec:d0:ea:4b:d7:97:
                    e9:c1:e3:10:6d:19:ac:68:3b:2f:a9:31:11:f6:7e:
                    5e:2a:1c:33:71:a2:f1:b8:53:3c:56:cd:1a:79:03:
                    37:5c:ad:4a:63:cb:78:32:d2:53:ae:8b:99:39:36:
                    5e:64:be:27:7d:50:4e:b3:ac:f6:11:93:01:92:7d:
                    dd:81:12:1e:c4:9f:dd:76:c2:7d:1d:3e:f2:a4:4f:
                    0d:55:2d:38:47:af:aa:70:b3:33:49:72:ee:49:cd:
                    5e:6f:fa:c9:b5:1a:4f:64:30:a8:56:15:a6:d6:f6:
                    d1:5f:6d:b1:30:0c:ef:16:71:12:8b:4f:4f:bf:55:
                    1b:65:83:29:b7:b0:c5:68:40:7f:3e:d6:6e:80:63:
                    b3:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:F2:D2:5A:45:DC:C4:0E:F7:39:1D:79:A2:B3:F9:69:58:F0:E8:46
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/74e60040-34ef-4940-8a46-29518f359ee3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.85.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a4:97:6a:34:49:ad:99:5a:d7:26:85:04:78:45:8b:d8:b9:a4:
         23:03:b4:3e:68:06:de:1f:45:d3:f7:c5:5d:80:d1:a6:99:5b:
         dc:2f:98:3c:c3:eb:f9:03:59:09:d4:08:66:0c:aa:4c:df:bc:
         72:cc:08:4b:69:21:0f:c0:71:57:5b:82:9e:f6:15:f7:5b:f6:
         d7:18:4d:6c:bf:0d:bc:5f:18:5f:5d:07:d5:be:4e:4b:f1:92:
         c5:bb:24:63:bc:08:eb:0f:f1:e5:85:ea:57:85:c5:c1:61:a7:
         59:bb:1c:b0:53:82:a8:12:1e:6f:c2:1b:50:14:bc:4a:8e:f4:
         7e:53:cd:75:d7:60:0a:12:d7:8e:89:91:a9:80:94:89:c3:fe:
         37:a5:66:ce:e5:de:68:01:c0:3c:85:c9:7e:28:17:21:eb:2f:
         fb:38:53:7d:4f:d3:bb:ea:d8:e2:5b:36:1e:66:e7:98:68:e1:
         44:90:74:e6:59:2f:01:6b:c5:54:89:05:f5:33:de:37:64:4e:
         d9:41:03:12:cb:05:ae:62:7f:0a:43:7b:3a:f8:6b:88:ab:57:
         fa:86:d7:0f:05:82:75:cc:a9:44:67:b0:a9:6b:d2:c7:0f:79:
         db:80:fc:07:7b:b1:f7:40:8d:29:c3:cf:47:d2:bb:79:43:6b:
         2a:b9:54:5e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOoiT6UZ74IiMmfOfC66EO8dLHS0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTIzMDAwMjMzWhcNMjUxMDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNWNkYzIzYjNkZTlhOWUyZTkzYTRlOTc1OTkyMDk1NmRl
NTBhMTAyZWExNjRlZDk5MGJmZTk1OTAzNjk0ZThlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCr5xrqeO3ZlnLxBvpC6iNzQHCSSmOe4iMCY58ieerEFjRu
CbFnBkU5NKiWAa53aSWsNLFl1fsFlAzyUTZN8X+OdjOAsaz40aoXhpUuiDbN6xqa
/iQziBQWXW8StrmVOZNo0IsyeqcvNM9K6CZg4bFVu+zQ6kvXl+nB4xBtGaxoOy+p
MRH2fl4qHDNxovG4UzxWzRp5AzdcrUpjy3gy0lOui5k5Nl5kvid9UE6zrPYRkwGS
fd2BEh7En912wn0dPvKkTw1VLThHr6pwszNJcu5JzV5v+sm1Gk9kMKhWFabW9tFf
bbEwDO8WcRKLT0+/VRtlgym3sMVoQH8+1m6AY7MhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUU/LSWkXcxA73OR15orP5aVjw6EYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzc0ZTYwMDQwLTM0ZWYtNDk0MC04YTQ2LTI5NTE4ZjM1OWVlMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA0VaYwDQYJKoZIhvcNAQELBQADggEBAKSXajRJrZla1yaFBHhFi9i5pCMD
tD5oBt4fRdP3xV2A0aaZW9wvmDzD6/kDWQnUCGYMqkzfvHLMCEtpIQ/AcVdbgp72
Ffdb9tcYTWy/DbxfGF9dB9W+TkvxksW7JGO8COsP8eWF6leFxcFhp1m7HLBTgqgS
Hm/CG1AUvEqO9H5TzXXXYAoS146JkamAlInD/jelZs7l3mgBwDyFyX4oFyHrL/s4
U31P07vq2OJbNh5m55ho4USQdOZZLwFrxVSJBfUz3jdkTtlBAxLLBa5ifwpDezr4
a4irV/qG1w8FgnXMqURnsKlr0scPeduA/Ad7sfdAjSnDz0fSu3lDayq5VF4=
-----END CERTIFICATE-----
Generated at Fri Oct 17 23:52:56 2025 by rpki-client