Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/800f5b66-af68-4269-972d-d18272c5d409.roa
File:                     800f5b66-af68-4269-972d-d18272c5d409.roa (raw, json)
Hash identifier:          rWroNe1mciWM4V715BIPnXkJlerTktzsbmIpZ62LxMY=
Subject key identifier:   F3:55:85:83:8E:98:EC:58:77:42:1C:31:DE:16:B8:2F:2B:FD:FF:B9
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2452E6E8301EBE11070FF277431B27F4AE4E5EBB
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/800f5b66-af68-4269-972d-d18272c5d409.roa
Signing time:             Mon 22 Sep 2025 22:28:03 +0000
ROA not before:           Mon 22 Sep 2025 22:28:03 +0000
ROA not after:            Mon 27 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.238.224.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:52:e6:e8:30:1e:be:11:07:0f:f2:77:43:1b:27:f4:ae:4e:5e:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 22 22:28:03 2025 GMT
            Not After : Oct 27 23:59:59 2025 GMT
        Subject: serialNumber=f48447f758444dfeea509bcb7b1d3f16e0ceb1e47fb891a0c2c69f449bb6229c, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:50:5b:b7:85:ed:ae:2d:ff:5b:2d:92:ab:fb:
                    52:ca:7d:4f:95:fb:c5:2d:0b:00:58:b7:f2:29:64:
                    78:dd:47:cc:ab:c0:81:4d:83:b0:8e:77:78:19:8b:
                    08:7f:29:50:77:f1:33:5a:61:a2:5a:21:87:25:ed:
                    6a:d7:84:94:03:b8:3e:31:6b:de:2e:82:ec:61:82:
                    fa:d7:fa:dc:0d:3c:82:4d:6e:af:6a:fc:41:16:a8:
                    86:cc:14:46:20:5d:d5:cc:c3:97:b3:3f:19:7e:8c:
                    61:6a:fe:a7:0a:80:0b:41:d5:bf:ea:71:99:03:9f:
                    00:0d:4b:91:81:86:37:3d:9a:ce:bd:78:e2:ea:a0:
                    61:8b:ff:5f:92:45:b2:fe:35:04:37:59:4a:7f:e1:
                    31:1d:f5:bf:04:46:d5:23:28:51:cc:d7:c8:a3:56:
                    91:ad:d3:12:a4:08:be:93:2c:ec:fe:22:13:47:12:
                    41:57:64:3c:16:f0:f2:be:19:fd:80:77:12:b7:e8:
                    bf:ed:54:82:da:a0:13:0e:2f:95:68:58:aa:c6:87:
                    36:38:36:19:f8:7d:6f:01:6d:45:62:59:1f:a4:2b:
                    d0:57:67:51:79:3c:b2:8e:c1:9f:3c:c0:86:0c:a1:
                    6d:11:05:fd:d6:63:b9:11:d8:d3:ed:b7:f8:71:8a:
                    98:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:55:85:83:8E:98:EC:58:77:42:1C:31:DE:16:B8:2F:2B:FD:FF:B9
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/800f5b66-af68-4269-972d-d18272c5d409.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.238.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         3e:e6:39:d0:dc:c9:e3:5f:42:78:61:ae:04:5b:4f:6a:af:52:
         35:f7:37:25:80:68:f2:c5:68:33:49:36:5d:54:e8:99:b8:9b:
         2c:d5:10:f7:e1:d7:4c:10:d4:a9:44:1d:3c:58:d7:29:56:12:
         b2:b4:3d:f2:90:de:b2:2c:92:84:f5:76:d7:fe:18:89:6f:48:
         fd:b4:8b:1b:ed:69:40:68:a6:4a:a5:e1:f2:1a:dd:fe:6e:fb:
         f1:26:cd:76:20:42:d9:fc:e3:9b:32:0d:65:3f:f6:1e:36:24:
         d8:06:d0:2a:9c:ca:80:22:0e:12:82:7f:46:54:29:6a:2b:6e:
         0f:92:5a:a0:9e:ac:d6:3a:16:db:84:10:6f:0b:27:07:6d:ac:
         21:d5:03:71:ff:2e:57:21:37:e2:eb:5e:f9:7d:22:6e:33:47:
         e9:8d:5f:cd:be:5f:9a:9c:3e:f3:b0:76:2e:19:a0:a1:d0:fa:
         6b:ca:2e:07:d6:39:16:bc:cc:1e:73:88:56:13:c6:88:3a:17:
         a3:0d:6f:31:be:d5:af:1c:3b:4f:19:eb:d9:1b:84:4f:60:c3:
         b9:92:21:be:e8:e6:5e:08:b7:b7:ec:0d:4b:0f:38:25:05:63:
         d2:0f:33:29:c0:60:a4:c7:57:f0:df:20:1c:ae:54:3a:dd:25:
         99:1c:e3:2b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJFLm6DAevhEHD/J3Qxsn9K5OXrswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTIyMjIyODAzWhcNMjUxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BmNDg0NDdmNzU4NDQ0ZGZlZWE1MDliY2I3YjFkM2YxNmUw
Y2ViMWU0N2ZiODkxYTBjMmM2OWY0NDliYjYyMjljMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxUFu3he2uLf9bLZKr+1LKfU+V+8UtCwBYt/IpZHjdR8yr
wIFNg7COd3gZiwh/KVB38TNaYaJaIYcl7WrXhJQDuD4xa94uguxhgvrX+twNPIJN
bq9q/EEWqIbMFEYgXdXMw5ezPxl+jGFq/qcKgAtB1b/qcZkDnwANS5GBhjc9ms69
eOLqoGGL/1+SRbL+NQQ3WUp/4TEd9b8ERtUjKFHM18ijVpGt0xKkCL6TLOz+IhNH
EkFXZDwW8PK+Gf2AdxK36L/tVILaoBMOL5VoWKrGhzY4Nhn4fW8BbUViWR+kK9BX
Z1F5PLKOwZ88wIYMoW0RBf3WY7kR2NPtt/hxiphHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU81WFg46Y7Fh3Qhwx3ha4Lyv9/7kwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzgwMGY1YjY2LWFmNjgtNDI2OS05NzJkLWQxODI3MmM1ZDQwOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAUS7uAwDQYJKoZIhvcNAQELBQADggEBAD7mOdDcyeNfQnhhrgRbT2qvUjX3
NyWAaPLFaDNJNl1U6Jm4myzVEPfh10wQ1KlEHTxY1ylWErK0PfKQ3rIskoT1dtf+
GIlvSP20ixvtaUBopkql4fIa3f5u+/EmzXYgQtn845syDWU/9h42JNgG0CqcyoAi
DhKCf0ZUKWorbg+SWqCerNY6FtuEEG8LJwdtrCHVA3H/LlchN+LrXvl9Im4zR+mN
X82+X5qcPvOwdi4ZoKHQ+mvKLgfWORa8zB5ziFYTxog6F6MNbzG+1a8cO08Z69kb
hE9gw7mSIb7o5l4It7fsDUsPOCUFY9IPMynAYKTHV/DfIByuVDrdJZkc4ys=
-----END CERTIFICATE-----
Generated at Fri Oct 17 22:04:43 2025 by rpki-client