Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/827950a1-61a0-47a4-bf88-c10420c6e88d.roa
File:                     827950a1-61a0-47a4-bf88-c10420c6e88d.roa (raw, json)
Hash identifier:          pPpMrGR7xPJEutUAgRhaL7ofyMRHknXZ3dPddOXezFU=
Subject key identifier:   AB:40:6C:6C:C2:E9:EA:DE:FD:29:68:28:7A:2A:09:70:9D:15:68:0D
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       18B791005611D184DE550EB26D1F4FA169336D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/827950a1-61a0-47a4-bf88-c10420c6e88d.roa
Signing time:             Thu 25 Sep 2025 18:12:07 +0000
ROA not before:           Thu 25 Sep 2025 18:12:07 +0000
ROA not after:            Thu 30 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.165.12.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:b7:91:00:56:11:d1:84:de:55:0e:b2:6d:1f:4f:a1:69:33:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 25 18:12:07 2025 GMT
            Not After : Oct 30 23:59:59 2025 GMT
        Subject: serialNumber=febe5193167fb60371186672ba1d6642ee89df0cb4a278df2e16a639e809700b, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:31:4a:88:34:37:74:bd:a0:70:f2:5c:a0:76:
                    c6:0b:c5:60:45:dd:71:e4:64:08:5a:15:fe:42:f4:
                    0a:88:a6:9e:77:db:ad:cc:36:ed:29:34:0c:ed:2b:
                    7a:d8:4f:3f:b9:2f:a9:2a:d8:99:81:3e:2f:68:54:
                    0f:92:92:45:b2:d9:d2:da:b7:53:7d:a2:5a:54:54:
                    a4:5d:a1:a6:95:2c:39:4b:46:94:6b:ef:37:c9:0f:
                    05:80:af:5c:90:3d:9b:76:51:51:50:71:0c:45:e8:
                    d6:43:c2:a2:ce:ae:f3:c2:81:a6:6f:65:85:53:eb:
                    75:fa:25:98:2f:1e:62:d4:a3:84:c1:ca:b7:dc:e5:
                    30:ee:e0:4d:84:10:4f:43:a4:9c:fe:25:9b:68:c3:
                    ac:b8:57:bf:25:71:df:ca:56:5c:92:32:38:f1:ab:
                    ae:98:f1:29:99:c2:f0:df:71:2a:53:ab:ab:23:c1:
                    2e:44:9e:ea:28:8e:6d:b6:f5:41:4b:90:b1:fb:ab:
                    b4:60:fe:21:6b:01:05:df:90:b7:fe:d9:56:0a:43:
                    96:93:4d:8b:b9:1f:46:81:81:87:b1:9a:65:15:df:
                    08:c3:6e:90:af:9a:06:d2:ce:7b:dd:68:94:ec:ec:
                    f1:0b:4e:e4:07:54:8e:0d:3f:c3:7d:f6:7f:50:13:
                    ff:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:40:6C:6C:C2:E9:EA:DE:FD:29:68:28:7A:2A:09:70:9D:15:68:0D
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/827950a1-61a0-47a4-bf88-c10420c6e88d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.165.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:e7:9b:58:49:95:d9:4b:1f:43:f9:94:8f:ba:0b:cf:f6:6a:
         d2:69:25:e5:9b:ee:65:6d:dc:ca:1c:ac:91:69:79:65:72:c4:
         76:52:ae:84:74:56:1f:77:51:13:45:c6:23:a6:9c:d8:1c:e8:
         ea:b7:b1:a3:24:0a:59:9e:a8:af:55:75:7d:6c:d6:d2:2d:c3:
         02:9f:77:b5:4b:43:31:ee:d2:2a:9b:69:4d:af:5b:85:80:38:
         aa:b0:66:a8:04:95:3e:d9:f5:e6:24:67:2d:e5:8a:ea:ab:dd:
         07:4c:6c:98:6b:aa:c8:70:37:b8:13:f8:c4:be:5d:06:48:0c:
         54:9f:47:05:c9:90:65:c7:b9:a6:03:92:12:0b:a7:f0:6c:0a:
         5d:f4:a5:5f:b1:ac:b3:c7:03:ca:49:67:58:6a:e6:42:2f:03:
         ca:36:ba:39:39:7e:58:ba:56:e3:38:2d:15:de:bb:ce:10:be:
         41:18:2b:6b:47:7a:c9:cf:f2:e1:70:d3:02:c3:ed:1c:a2:c8:
         c5:ce:2d:44:f8:0a:44:11:72:b6:c7:ab:23:77:a1:2f:ae:4e:
         24:f4:86:27:a9:43:02:ad:9f:de:10:4b:70:1e:71:1b:1c:da:
         f9:e0:44:89:d6:f8:45:c2:24:97:97:b9:8a:50:fe:71:03:52:
         aa:6d:d4:30
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITGLeRAFYR0YTeVQ6ybR9PoWkzbTANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzJkZjZmM2IzYTM0YjYzODZkMWEzMmQ4ZjRmYTMxNzhlZjMx
ODg3ZDhiNDI4ZGZhYTQ3NjAeFw0yNTA5MjUxODEyMDdaFw0yNTEwMzAyMzU5NTla
MHoxSTBHBgNVBAUTQGZlYmU1MTkzMTY3ZmI2MDM3MTE4NjY3MmJhMWQ2NjQyZWU4
OWRmMGNiNGEyNzhkZjJlMTZhNjM5ZTgwOTcwMGIxLTArBgNVBAMTJDVmMjc2MDQ1
LTViOWYtNDVlZi05MjNkLWYzZmNlMjRhNjIyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJgxSog0N3S9oHDyXKB2xgvFYEXdceRkCFoV/kL0Coimnnfb
rcw27Sk0DO0rethPP7kvqSrYmYE+L2hUD5KSRbLZ0tq3U32iWlRUpF2hppUsOUtG
lGvvN8kPBYCvXJA9m3ZRUVBxDEXo1kPCos6u88KBpm9lhVPrdfolmC8eYtSjhMHK
t9zlMO7gTYQQT0OknP4lm2jDrLhXvyVx38pWXJIyOPGrrpjxKZnC8N9xKlOrqyPB
LkSe6iiObbb1QUuQsfurtGD+IWsBBd+Qt/7ZVgpDlpNNi7kfRoGBh7GaZRXfCMNu
kK+aBtLOe91olOzs8QtO5AdUjg0/w332f1AT/zECAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBSrQGxswunq3v0paCh6KglwnRVoDTAfBgNVHSMEGDAWgBQlrdNCsB63pY6t
GZAmiLVLP4H0uDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzg1MWNlZjE3LTEz
MmEtNDMzNy1iN2QxLWJmMTZhNTJmZmQwMy9kZjZmM2IzYTM0YjYzODZkMWEzMmQ4
ZjRmYTMxNzhlZjMxODg3ZDhiNDI4ZGZhYTQ3Ni5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9mNzAzNjk2ZS1lNDdiLTRjMjAtYmQ5My02Zjgw
OTA0ZTQyZDIvODI3OTUwYTEtNjFhMC00N2E0LWJmODgtYzEwNDIwYzZlODhkLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMt
NmY4MDkwNGU0MmQyL3RqaHRHakxZOVBveGVPOHhpSDJMUW8zNnBIWS5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAAOlDDANBgkqhkiG9w0BAQsFAAOCAQEAg+ebWEmV2UsfQ/mUj7oLz/Zq0mkl
5ZvuZW3cyhyskWl5ZXLEdlKuhHRWH3dRE0XGI6ac2Bzo6rexoyQKWZ6or1V1fWzW
0i3DAp93tUtDMe7SKptpTa9bhYA4qrBmqASVPtn15iRnLeWK6qvdB0xsmGuqyHA3
uBP4xL5dBkgMVJ9HBcmQZce5pgOSEgun8GwKXfSlX7Gss8cDyklnWGrmQi8Dyja6
OTl+WLpW4zgtFd67zhC+QRgra0d6yc/y4XDTAsPtHKLIxc4tRPgKRBFytserI3eh
L65OJPSGJ6lDAq2f3hBLcB5xGxza+eBEidb4RcIkl5e5ilD+cQNSqm3UMA==
-----END CERTIFICATE-----
Generated at Fri Oct 17 23:52:27 2025 by rpki-client