Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/86a2ebda-0f02-4448-80f5-51797601d8d2.roa
File:                     86a2ebda-0f02-4448-80f5-51797601d8d2.roa (raw, json)
Hash identifier:          U0grE4DmWV8neW9Jh8qMEyTA+IOShVsRiOLbrPeB2RA=
Subject key identifier:   C9:F2:12:97:B7:E3:C4:C8:DE:C0:18:86:FD:C5:D1:98:74:FE:1E:F9
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       65600F43A4ECB216E145B5582072CF46BF17E548
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/86a2ebda-0f02-4448-80f5-51797601d8d2.roa
Signing time:             Thu 25 Sep 2025 22:59:27 +0000
ROA not before:           Thu 25 Sep 2025 22:59:27 +0000
ROA not after:            Thu 30 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.169.92.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:60:0f:43:a4:ec:b2:16:e1:45:b5:58:20:72:cf:46:bf:17:e5:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 25 22:59:27 2025 GMT
            Not After : Oct 30 23:59:59 2025 GMT
        Subject: serialNumber=ea1e1d9867d24641ba86cb50882a5f4c966975be1a4535d952452ac783db4f80, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:34:32:ec:5a:26:93:4d:f4:fa:53:8c:88:d6:
                    e6:82:8d:73:8d:91:1a:16:0b:89:8c:14:de:e1:53:
                    89:5e:31:fc:20:49:49:af:79:af:e0:73:0c:11:c0:
                    ee:ac:fb:d7:d5:86:a1:3f:a1:f4:1e:05:3e:24:f9:
                    e4:41:a7:9e:17:ad:c8:99:68:cf:d2:0f:36:ca:5b:
                    98:03:1c:b1:88:fb:02:49:bf:61:3a:05:90:31:b0:
                    2b:66:9b:f1:c6:cb:97:80:52:fa:e7:15:72:5c:1d:
                    a8:2d:93:8f:17:79:f2:c4:33:80:6b:2e:97:9e:a7:
                    ef:bc:09:0e:a7:21:f8:12:50:00:41:e8:51:97:3e:
                    7f:dc:1d:9d:60:a8:88:0f:af:2d:0a:7c:11:53:62:
                    fb:54:fc:79:6d:64:ce:ab:cf:1e:5f:f6:82:2d:8b:
                    3c:bf:42:fd:f4:36:25:a2:fe:21:15:22:b6:9f:ff:
                    cb:f5:5e:cc:6b:80:8e:0c:a4:40:05:75:ae:05:ee:
                    a4:94:80:70:93:d1:c1:74:2a:ee:fb:6d:59:8f:f8:
                    63:37:c4:d5:09:42:db:10:dc:63:f4:15:91:7c:1b:
                    8b:0f:1c:af:ad:17:ff:93:a1:15:ea:fe:85:55:c5:
                    22:31:28:e4:c1:70:3e:18:0d:41:b2:1f:99:c5:d6:
                    b4:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:F2:12:97:B7:E3:C4:C8:DE:C0:18:86:FD:C5:D1:98:74:FE:1E:F9
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/86a2ebda-0f02-4448-80f5-51797601d8d2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.169.92.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5f:ac:6b:24:ec:3f:8a:1b:38:d2:c7:56:fd:65:70:1b:47:bd:
         c9:11:9a:69:4c:68:b1:28:9a:e6:5d:5c:b9:bc:d8:5e:95:c7:
         a9:d8:93:57:6b:4f:0f:ca:be:6e:7b:31:d5:fe:d0:1d:82:1c:
         9a:a9:9c:ed:9c:6c:0f:e4:79:7a:bf:4d:ba:a3:13:6a:2b:e8:
         be:16:60:0b:27:d6:3c:a6:58:fc:0c:ce:8b:d6:8e:d5:b0:02:
         ee:f1:8f:62:20:1a:e7:43:b2:67:fa:60:b8:79:4b:23:e7:0e:
         cd:ef:e7:ac:98:03:68:43:ff:b3:3f:90:65:f3:24:b3:62:a4:
         e6:30:ba:44:5a:a4:cf:db:c6:11:c9:90:96:f7:7c:51:d8:dc:
         a4:db:56:b2:95:06:59:e2:a3:81:f4:36:f8:00:4a:ee:27:96:
         b5:d7:46:b1:65:9a:94:43:57:ba:3c:99:e1:ab:8f:ef:47:1a:
         84:82:09:4c:48:f1:61:b2:06:05:bc:66:83:2c:77:0c:75:6c:
         b7:42:83:f3:3f:2f:16:ba:0f:d1:5d:19:5e:e3:5f:13:08:f2:
         bb:de:7c:83:46:7b:65:b1:54:d2:38:4c:5d:35:40:1d:f0:1b:
         43:ce:4f:3c:76:f6:df:2e:c0:a7:1c:2b:0c:8c:6c:fd:c2:6d:
         31:76:38:7f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZWAPQ6TsshbhRbVYIHLPRr8X5UgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI1MjI1OTI3WhcNMjUxMDMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BlYTFlMWQ5ODY3ZDI0NjQxYmE4NmNiNTA4ODJhNWY0Yzk2
Njk3NWJlMWE0NTM1ZDk1MjQ1MmFjNzgzZGI0ZjgwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsNDLsWiaTTfT6U4yI1uaCjXONkRoWC4mMFN7hU4leMfwg
SUmvea/gcwwRwO6s+9fVhqE/ofQeBT4k+eRBp54XrciZaM/SDzbKW5gDHLGI+wJJ
v2E6BZAxsCtmm/HGy5eAUvrnFXJcHagtk48XefLEM4BrLpeep++8CQ6nIfgSUABB
6FGXPn/cHZ1gqIgPry0KfBFTYvtU/HltZM6rzx5f9oItizy/Qv30NiWi/iEVIraf
/8v1XsxrgI4MpEAFda4F7qSUgHCT0cF0Ku77bVmP+GM3xNUJQtsQ3GP0FZF8G4sP
HK+tF/+ToRXq/oVVxSIxKOTBcD4YDUGyH5nF1rTpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUyfISl7fjxMjewBiG/cXRmHT+HvkwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzg2YTJlYmRhLTBmMDItNDQ0OC04MGY1LTUxNzk3NjAxZDhkMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEDqVwwDQYJKoZIhvcNAQELBQADggEBAF+sayTsP4obONLHVv1lcBtHvckR
mmlMaLEomuZdXLm82F6Vx6nYk1drTw/Kvm57MdX+0B2CHJqpnO2cbA/keXq/Tbqj
E2or6L4WYAsn1jymWPwMzovWjtWwAu7xj2IgGudDsmf6YLh5SyPnDs3v56yYA2hD
/7M/kGXzJLNipOYwukRapM/bxhHJkJb3fFHY3KTbVrKVBlnio4H0NvgASu4nlrXX
RrFlmpRDV7o8meGrj+9HGoSCCUxI8WGyBgW8ZoMsdwx1bLdCg/M/Lxa6D9FdGV7j
XxMI8rvefINGe2WxVNI4TF01QB3wG0POTzx29t8uwKccKwyMbP3CbTF2OH8=
-----END CERTIFICATE-----
Generated at Fri Oct 17 23:47:51 2025 by rpki-client