Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8e49ed61-497c-4cad-b57b-14e84f17e79b.roa
File:                     8e49ed61-497c-4cad-b57b-14e84f17e79b.roa (raw, json)
Hash identifier:          hfc+DL5QCJYpDMeHuAQVrumT6dwVipmu2fRJ6Qnjsd4=
Subject key identifier:   4A:68:E3:D8:41:73:34:F8:67:67:6F:9A:ED:DE:AD:67:8C:0A:14:47
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       1A5A5B62C205FDE7EC1298B9AA553BD844721C7F
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8e49ed61-497c-4cad-b57b-14e84f17e79b.roa
Signing time:             Fri 26 Sep 2025 15:26:30 +0000
ROA not before:           Fri 26 Sep 2025 15:26:30 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.152.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:5a:5b:62:c2:05:fd:e7:ec:12:98:b9:aa:55:3b:d8:44:72:1c:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 26 15:26:30 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=eaf2cecddf7e6e930c8429ae028c59e4200d60fe70dc0ebdbcac6cbf2763167e, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:2b:8d:65:58:93:a4:73:18:8f:7f:a6:1b:d6:
                    c5:fc:ee:7d:7d:20:1f:52:3f:49:e6:a0:ad:be:bc:
                    5f:3d:78:e9:2c:ea:dc:a6:fc:e0:92:44:10:ff:ee:
                    d9:99:f2:04:14:9a:50:c9:dd:fd:78:c6:fc:83:a9:
                    68:42:f3:31:fd:7e:f4:c8:ae:bd:5e:09:9a:1e:bb:
                    06:32:e8:0b:a7:44:7a:85:e3:71:04:1f:85:93:9b:
                    df:d3:e4:3b:ea:11:2d:82:af:0a:90:b2:b7:e5:04:
                    36:07:e7:69:92:42:02:82:94:39:d7:c3:73:0a:b7:
                    2e:54:bd:ae:17:9e:12:da:40:f4:39:14:b1:1f:a1:
                    e4:ca:14:8f:48:05:dd:08:05:3e:01:24:be:ff:80:
                    96:8d:c2:63:f6:9e:d9:e0:61:e2:51:49:7c:0c:6c:
                    f4:82:7f:4d:9a:27:d5:db:af:1d:62:38:5f:14:4d:
                    76:c5:74:ef:56:cc:e0:d7:ff:bf:62:95:87:ee:3d:
                    41:da:0f:6b:cc:51:e2:32:b8:16:6c:76:e6:9a:c8:
                    f1:0e:bf:13:0f:40:d5:9c:a6:b4:3b:45:5e:85:39:
                    09:c3:d0:c1:ca:e7:f9:81:f5:0e:72:c4:a3:aa:ae:
                    d8:a0:24:59:b0:68:26:dc:b1:e0:0c:b1:80:bd:49:
                    fe:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:68:E3:D8:41:73:34:F8:67:67:6F:9A:ED:DE:AD:67:8C:0A:14:47
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8e49ed61-497c-4cad-b57b-14e84f17e79b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.152.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         91:29:05:c2:ce:de:3f:32:1d:19:15:1a:89:e2:e6:34:00:71:
         e4:44:7b:1b:85:82:aa:02:bc:96:c6:4e:3a:1c:52:8d:28:a3:
         5c:6f:0f:45:b5:53:78:c9:c2:15:ca:90:e0:42:de:a2:08:19:
         11:a8:79:7d:51:bd:87:9c:56:40:ba:5f:78:a6:74:76:03:73:
         57:e2:c4:ce:5d:ec:72:cf:62:b1:b3:3f:2b:7c:1d:0c:f3:ac:
         b8:da:09:01:b1:cb:a6:bd:97:0c:4a:69:1c:5d:a4:a4:f3:1f:
         c9:44:c4:08:51:68:b0:27:3f:34:3c:f7:3c:34:cb:3f:93:4b:
         2d:83:9d:85:e8:83:bc:88:70:51:5b:74:3a:ad:4c:ea:ac:09:
         8c:1f:45:d7:01:69:45:c3:45:29:52:57:3e:90:56:9b:a8:55:
         6e:34:75:28:75:7d:ba:0e:d7:12:68:39:5d:3c:19:db:0b:f1:
         17:c2:73:89:db:03:d8:d0:56:5d:95:7c:71:8f:c7:18:24:f8:
         d2:e1:5d:18:82:94:ae:8e:f6:08:ec:57:63:d5:90:de:e4:77:
         93:44:3a:50:d1:77:5b:8e:ad:0f:6a:df:e0:3b:8b:b0:9c:1f:
         20:16:06:59:4b:cd:82:e8:9b:d1:a5:aa:70:38:e9:86:94:f1:
         b1:3f:d5:2a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUGlpbYsIF/efsEpi5qlU72ERyHH8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI2MTUyNjMwWhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BlYWYyY2VjZGRmN2U2ZTkzMGM4NDI5YWUwMjhjNTllNDIw
MGQ2MGZlNzBkYzBlYmRiY2FjNmNiZjI3NjMxNjdlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/K41lWJOkcxiPf6Yb1sX87n19IB9SP0nmoK2+vF89eOks
6tym/OCSRBD/7tmZ8gQUmlDJ3f14xvyDqWhC8zH9fvTIrr1eCZoeuwYy6AunRHqF
43EEH4WTm9/T5DvqES2CrwqQsrflBDYH52mSQgKClDnXw3MKty5Uva4XnhLaQPQ5
FLEfoeTKFI9IBd0IBT4BJL7/gJaNwmP2ntngYeJRSXwMbPSCf02aJ9Xbrx1iOF8U
TXbFdO9WzODX/79ilYfuPUHaD2vMUeIyuBZsduaayPEOvxMPQNWcprQ7RV6FOQnD
0MHK5/mB9Q5yxKOqrtigJFmwaCbcseAMsYC9Sf7vAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUSmjj2EFzNPhnZ2+a7d6tZ4wKFEcwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzhlNDllZDYxLTQ5N2MtNGNhZC1iNTdiLTE0ZTg0ZjE3ZTc5Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAPmDANBgkqhkiG9w0BAQsFAAOCAQEAkSkFws7ePzIdGRUaieLmNABx5ER7
G4WCqgK8lsZOOhxSjSijXG8PRbVTeMnCFcqQ4ELeoggZEah5fVG9h5xWQLpfeKZ0
dgNzV+LEzl3scs9isbM/K3wdDPOsuNoJAbHLpr2XDEppHF2kpPMfyUTECFFosCc/
NDz3PDTLP5NLLYOdheiDvIhwUVt0Oq1M6qwJjB9F1wFpRcNFKVJXPpBWm6hVbjR1
KHV9ug7XEmg5XTwZ2wvxF8JzidsD2NBWXZV8cY/HGCT40uFdGIKUro72COxXY9WQ
3uR3k0Q6UNF3W46tD2rf4DuLsJwfIBYGWUvNguib0aWqcDjphpTxsT/VKg==
-----END CERTIFICATE-----
Generated at Fri Oct 17 23:54:54 2025 by rpki-client