Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8b4d5c0a-ea1e-4aff-97e9-07f5d7eae78d.roa
File:                     8b4d5c0a-ea1e-4aff-97e9-07f5d7eae78d.roa (raw, json)
Hash identifier:          p2DCcxD6jj18hrpUTxc2OkfLeQ1wO9pREIxpsXlkIOg=
Subject key identifier:   6D:E0:43:21:57:69:DF:FD:9F:57:38:98:67:7B:28:58:84:97:7D:AB
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6588DA1F1C488B5142F571F0436A3253E72C358C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8b4d5c0a-ea1e-4aff-97e9-07f5d7eae78d.roa
Signing time:             Tue 23 Sep 2025 00:22:00 +0000
ROA not before:           Tue 23 Sep 2025 00:22:00 +0000
ROA not after:            Tue 28 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.85.100.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:88:da:1f:1c:48:8b:51:42:f5:71:f0:43:6a:32:53:e7:2c:35:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 23 00:22:00 2025 GMT
            Not After : Oct 28 23:59:59 2025 GMT
        Subject: serialNumber=e7647ca0f42a689474bf1f406968994b0cf4f3e2b3663f5e7f6301f58974f1e3, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ef:13:ae:a9:9b:2e:46:96:1c:2e:4e:75:59:
                    90:2d:3c:5b:79:46:fa:b3:4a:c4:d2:0b:77:b3:31:
                    5d:6f:26:0f:77:c4:44:10:a4:c8:43:0c:28:2c:9e:
                    bb:c6:8e:10:1f:53:b3:af:2f:38:8d:a1:35:8a:8f:
                    97:13:27:be:f1:29:82:28:2a:1a:e8:a9:d3:16:4b:
                    3a:d5:55:3f:bd:72:b4:75:af:6e:85:24:d4:01:47:
                    e4:ed:c5:6a:c9:3c:b9:cc:6f:6e:44:cc:ca:36:36:
                    a1:74:68:af:4f:b3:8a:90:ca:78:04:82:56:73:50:
                    fd:4f:c2:bb:3a:c4:f9:36:0b:67:e8:5a:1b:23:a4:
                    95:d9:77:4e:9d:04:a2:4a:02:57:25:e2:10:c1:97:
                    aa:28:58:6b:09:1f:fd:5d:41:03:8d:57:b2:be:c2:
                    ff:03:9a:fc:bc:e0:67:16:6f:e9:86:00:32:e8:1e:
                    cc:f3:d4:80:bc:45:d7:29:8f:3d:db:96:9e:c0:0a:
                    ee:b0:2a:7a:c2:35:5d:eb:1f:58:80:3f:0f:fa:b5:
                    e3:d3:83:dd:c9:6f:4d:0b:24:e1:cd:92:7b:54:45:
                    ce:f1:19:15:52:c0:e4:4a:67:91:63:d6:66:8f:13:
                    81:b8:05:42:75:d3:6d:d4:ae:25:7c:75:a5:ba:72:
                    37:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:E0:43:21:57:69:DF:FD:9F:57:38:98:67:7B:28:58:84:97:7D:AB
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8b4d5c0a-ea1e-4aff-97e9-07f5d7eae78d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.85.100.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1e:78:a4:dc:16:ce:16:b3:f4:f0:b0:64:37:b0:d0:9f:bb:28:
         18:98:6c:70:18:52:5f:8c:0c:b0:bb:66:03:61:3d:6b:2c:cb:
         3a:9b:39:9a:39:44:78:f6:a0:41:22:3e:c6:9c:4f:15:08:5f:
         c1:c3:c8:db:33:a0:48:58:f5:bb:a4:87:92:3f:d1:8f:31:3e:
         01:7e:ab:63:65:33:8b:09:d3:8a:2d:7f:62:c9:53:50:d2:8b:
         3b:af:0f:2f:14:4e:35:df:fd:8a:14:67:3c:12:a8:76:54:f9:
         41:05:03:13:87:d4:08:9a:ff:3d:93:5a:63:55:24:a1:95:34:
         0d:18:2d:4d:7f:94:dc:98:49:d5:ee:39:b6:c9:db:be:cd:fd:
         88:ff:8c:df:d4:6f:18:29:a9:62:f9:33:c0:e3:0e:5c:20:6a:
         6c:ba:b4:05:65:9b:6c:cb:c2:c5:0a:1d:c8:39:3e:3b:cd:92:
         2a:d1:13:18:80:e6:52:67:e9:aa:d9:40:5e:86:8c:5c:ce:b1:
         0a:3b:62:38:da:71:61:7f:85:3c:fc:66:c7:61:02:0d:c3:23:
         d1:bf:01:ab:57:f0:8b:09:9e:1d:db:a9:69:43:a0:f3:dc:5a:
         2e:08:f4:9c:87:f0:40:c1:0c:27:8e:1a:07:ad:dd:a1:b1:ee:
         a6:c2:09:82
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZYjaHxxIi1FC9XHwQ2oyU+csNYwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTIzMDAyMjAwWhcNMjUxMDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BlNzY0N2NhMGY0MmE2ODk0NzRiZjFmNDA2OTY4OTk0YjBj
ZjRmM2UyYjM2NjNmNWU3ZjYzMDFmNTg5NzRmMWUzMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC17xOuqZsuRpYcLk51WZAtPFt5RvqzSsTSC3ezMV1vJg93
xEQQpMhDDCgsnrvGjhAfU7OvLziNoTWKj5cTJ77xKYIoKhroqdMWSzrVVT+9crR1
r26FJNQBR+TtxWrJPLnMb25EzMo2NqF0aK9Ps4qQyngEglZzUP1Pwrs6xPk2C2fo
WhsjpJXZd06dBKJKAlcl4hDBl6ooWGsJH/1dQQONV7K+wv8Dmvy84GcWb+mGADLo
Hszz1IC8Rdcpjz3blp7ACu6wKnrCNV3rH1iAPw/6tePTg93Jb00LJOHNkntURc7x
GRVSwORKZ5Fj1maPE4G4BUJ1023UriV8daW6cjexAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUbeBDIVdp3/2fVziYZ3soWISXfaswHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzhiNGQ1YzBhLWVhMWUtNGFmZi05N2U5LTA3ZjVkN2VhZTc4ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAE0VWQwDQYJKoZIhvcNAQELBQADggEBAB54pNwWzhaz9PCwZDew0J+7KBiY
bHAYUl+MDLC7ZgNhPWssyzqbOZo5RHj2oEEiPsacTxUIX8HDyNszoEhY9bukh5I/
0Y8xPgF+q2NlM4sJ04otf2LJU1DSizuvDy8UTjXf/YoUZzwSqHZU+UEFAxOH1Aia
/z2TWmNVJKGVNA0YLU1/lNyYSdXuObbJ277N/Yj/jN/UbxgpqWL5M8DjDlwgamy6
tAVlm2zLwsUKHcg5PjvNkirRExiA5lJn6arZQF6GjFzOsQo7YjjacWF/hTz8Zsdh
Ag3DI9G/AatX8IsJnh3bqWlDoPPcWi4I9JyH8EDBDCeOGget3aGx7qbCCYI=
-----END CERTIFICATE-----
Generated at Fri Oct 17 22:02:37 2025 by rpki-client