Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/84443b6a-1936-4f96-8a39-a8c8eac5e143.roa
File:                     84443b6a-1936-4f96-8a39-a8c8eac5e143.roa (raw, json)
Hash identifier:          b7NzkTqSPQWffTOvue1WU3yqfIxdEujD519SCEKYSE4=
Subject key identifier:   70:6D:76:0C:F0:FC:B4:0B:1A:B7:69:56:C7:8D:05:1C:89:0C:3A:01
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6C9E2ACD4AD2666D35D3426F42D6099A30DE8233
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/84443b6a-1936-4f96-8a39-a8c8eac5e143.roa
Signing time:             Tue 23 Sep 2025 00:00:30 +0000
ROA not before:           Tue 23 Sep 2025 00:00:30 +0000
ROA not after:            Tue 28 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.85.132.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:9e:2a:cd:4a:d2:66:6d:35:d3:42:6f:42:d6:09:9a:30:de:82:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 23 00:00:30 2025 GMT
            Not After : Oct 28 23:59:59 2025 GMT
        Subject: serialNumber=a964361597e9161a50961877e6b35984cd6c897bbfd12d4c0f167849ea547203, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:e9:da:90:a6:d3:86:12:79:04:d6:b0:e3:82:
                    51:ac:20:8e:05:f8:f7:65:9b:b9:90:82:ec:10:0e:
                    eb:df:aa:32:5e:cd:3b:ab:31:94:c1:19:8e:c0:a2:
                    07:46:ac:b0:cd:7d:4d:07:45:6a:83:46:f1:10:7e:
                    b0:79:7b:9b:1d:f9:15:fe:13:fb:22:b6:3e:a0:8c:
                    34:e1:45:ec:f2:1b:ed:50:7f:24:8e:ae:fb:3e:97:
                    9f:56:76:f4:a9:a2:72:59:ae:ce:c4:e4:2a:57:07:
                    4a:48:20:9d:f5:ce:46:23:4c:df:3b:91:30:95:39:
                    c8:42:c8:3c:40:1f:4b:9f:a4:59:c6:ec:eb:83:70:
                    a4:bd:28:50:36:f1:47:a5:f0:81:7d:8b:29:14:f6:
                    83:ff:48:3a:37:f5:92:51:79:bc:ea:ce:f2:2a:3f:
                    8d:d3:01:79:93:af:61:23:57:25:39:c2:a1:f3:73:
                    74:09:a8:78:60:73:bc:af:0f:42:32:92:49:25:f1:
                    c4:02:69:ae:e4:79:33:e1:2c:17:ee:fc:2c:01:44:
                    88:a7:03:c8:13:e4:94:3b:38:d3:bb:42:66:84:6e:
                    8e:a7:d3:77:bc:e6:0b:f2:07:27:4d:5e:19:04:25:
                    8d:56:ea:b6:67:eb:a5:74:ea:30:31:6f:68:83:98:
                    31:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:6D:76:0C:F0:FC:B4:0B:1A:B7:69:56:C7:8D:05:1C:89:0C:3A:01
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/84443b6a-1936-4f96-8a39-a8c8eac5e143.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.85.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:b3:5f:a9:38:22:47:e4:d3:7f:63:85:a3:6e:d5:ab:0d:2f:
         4f:86:96:fc:29:22:78:82:78:76:cd:ff:84:fb:07:5c:ae:fc:
         d8:2b:03:32:43:62:1f:b2:0f:84:0c:fc:a6:a0:3a:6d:b9:d4:
         19:2f:0f:77:80:cf:e6:40:ee:56:1e:66:40:85:7e:98:a8:82:
         7e:94:04:e6:ad:a4:5d:74:a7:de:73:87:00:6c:b6:a5:ee:c6:
         97:eb:2a:9b:c2:83:8b:69:51:7c:de:8f:ae:90:14:5a:a1:6b:
         97:f7:c9:01:3d:4f:36:94:d5:d5:1e:14:f9:d7:0b:ff:98:d8:
         55:5d:d7:bb:cb:84:3a:13:6f:5f:26:f6:6e:39:f9:9c:8d:c1:
         9b:2f:65:ef:3c:6c:29:d3:d0:b6:79:6f:28:86:e0:97:22:6b:
         a3:a4:da:a3:8b:3e:3b:23:36:6f:8b:db:b1:01:4e:2d:44:c7:
         c5:69:1c:a4:a2:65:69:52:3c:ff:5a:f4:fc:4a:69:54:10:70:
         c5:f5:8b:c2:59:ec:6d:3b:bf:7f:1c:7d:30:2e:b9:b3:dc:49:
         32:e7:b2:c6:be:ac:fc:eb:36:76:ff:32:10:4d:76:99:1c:08:
         35:c8:77:de:f4:34:f3:ab:07:82:94:d1:d4:57:d1:72:26:44:
         a1:f1:80:13
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbJ4qzUrSZm0100JvQtYJmjDegjMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTIzMDAwMDMwWhcNMjUxMDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BhOTY0MzYxNTk3ZTkxNjFhNTA5NjE4NzdlNmIzNTk4NGNk
NmM4OTdiYmZkMTJkNGMwZjE2Nzg0OWVhNTQ3MjAzMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDf6dqQptOGEnkE1rDjglGsII4F+Pdlm7mQguwQDuvfqjJe
zTurMZTBGY7AogdGrLDNfU0HRWqDRvEQfrB5e5sd+RX+E/sitj6gjDThRezyG+1Q
fySOrvs+l59WdvSponJZrs7E5CpXB0pIIJ31zkYjTN87kTCVOchCyDxAH0ufpFnG
7OuDcKS9KFA28Uel8IF9iykU9oP/SDo39ZJRebzqzvIqP43TAXmTr2EjVyU5wqHz
c3QJqHhgc7yvD0Iykkkl8cQCaa7keTPhLBfu/CwBRIinA8gT5JQ7ONO7QmaEbo6n
03e85gvyBydNXhkEJY1W6rZn66V06jAxb2iDmDEJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUcG12DPD8tAsat2lWx40FHIkMOgEwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzg0NDQzYjZhLTE5MzYtNGY5Ni04YTM5LWE4YzhlYWM1ZTE0My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA0VYQwDQYJKoZIhvcNAQELBQADggEBADmzX6k4Ikfk039jhaNu1asNL0+G
lvwpIniCeHbN/4T7B1yu/NgrAzJDYh+yD4QM/KagOm251BkvD3eAz+ZA7lYeZkCF
fpiogn6UBOatpF10p95zhwBstqXuxpfrKpvCg4tpUXzej66QFFqha5f3yQE9TzaU
1dUeFPnXC/+Y2FVd17vLhDoTb18m9m45+ZyNwZsvZe88bCnT0LZ5byiG4Jcia6Ok
2qOLPjsjNm+L27EBTi1Ex8VpHKSiZWlSPP9a9PxKaVQQcMX1i8JZ7G07v38cfTAu
ubPcSTLnssa+rPzrNnb/MhBNdpkcCDXId970NPOrB4KU0dRX0XImRKHxgBM=
-----END CERTIFICATE-----
Generated at Fri Oct 17 21:58:46 2025 by rpki-client