Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8f18185b-7177-4158-acb0-e54fc97f3502.roa
File:                     8f18185b-7177-4158-acb0-e54fc97f3502.roa (raw, json)
Hash identifier:          ctsnd7LwqWPKBXlooM25gJZAL7r4USOl7pJH3rY3Ce4=
Subject key identifier:   DC:F2:AA:9B:AD:71:8A:16:B2:44:90:67:97:AA:66:D4:4C:A3:7F:89
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       301F426F898A748652C13161ADC81325E2AB33CD
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8f18185b-7177-4158-acb0-e54fc97f3502.roa
Signing time:             Thu 25 Sep 2025 18:14:46 +0000
ROA not before:           Thu 25 Sep 2025 18:14:46 +0000
ROA not after:            Thu 30 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.165.16.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:1f:42:6f:89:8a:74:86:52:c1:31:61:ad:c8:13:25:e2:ab:33:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 25 18:14:46 2025 GMT
            Not After : Oct 30 23:59:59 2025 GMT
        Subject: serialNumber=c3c2bd006ed88468b6ece0f2dbaa134a676c29ce338c0014ba9e5039ab9c5ffa, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:bf:a1:48:b0:a7:09:e6:74:4b:9a:79:02:e3:
                    25:e1:09:e9:0f:62:53:d3:f1:76:b9:20:5d:4b:47:
                    ed:81:d5:ca:c1:ca:5f:16:87:2e:34:36:21:a8:a1:
                    e6:6b:50:6f:0b:86:1a:7a:4a:5c:0f:9a:67:c6:22:
                    1f:a2:17:4e:0e:c4:11:e1:b7:8f:e4:78:5f:e8:3a:
                    3d:38:9d:36:88:66:69:a4:f8:ac:37:7a:5f:57:fa:
                    cf:b6:a7:be:9e:77:62:e5:bc:b6:74:6c:f8:08:a9:
                    03:a0:a1:3e:5e:f1:64:4b:ea:fd:68:aa:35:17:88:
                    21:2f:f2:0b:83:ac:9f:b3:8d:8f:18:8f:5a:ee:aa:
                    ee:61:37:1a:e0:ab:a6:1b:44:cc:c9:07:2d:14:04:
                    a4:20:4d:b1:12:19:3d:92:a0:58:98:f6:61:7b:87:
                    8e:af:f2:c8:14:db:3e:9b:6e:ca:f0:dc:65:a9:e1:
                    3d:96:09:22:f1:f0:47:3e:1b:fa:82:c0:87:48:be:
                    1e:96:a5:11:e1:19:dc:2d:e9:18:e5:25:15:0e:b8:
                    e8:47:26:1d:b7:54:ed:bb:9d:25:17:93:33:ff:3d:
                    79:28:83:f5:a0:ba:a8:58:a2:73:6c:c7:a3:3e:38:
                    5d:32:0e:db:84:6b:aa:39:9c:98:4e:c7:20:f9:a0:
                    69:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:F2:AA:9B:AD:71:8A:16:B2:44:90:67:97:AA:66:D4:4C:A3:7F:89
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8f18185b-7177-4158-acb0-e54fc97f3502.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.165.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:66:25:12:b6:35:7e:a1:74:37:15:ad:66:86:15:5e:e3:be:
         46:0d:aa:53:61:a0:7c:c5:11:8c:42:f0:20:65:bf:1b:64:d3:
         8d:90:98:1b:10:79:75:28:a2:d8:61:3b:47:81:36:09:bb:d3:
         d3:c0:b8:5d:11:6f:db:17:a7:c3:28:52:b2:da:20:4a:19:b4:
         99:37:54:72:e3:13:a1:a6:49:bc:5a:e6:d4:1d:60:09:1e:e9:
         ee:3a:88:95:b6:e4:96:54:68:a8:57:bd:e1:51:3d:df:0c:8f:
         66:9e:dd:2a:a8:cd:bc:ea:31:34:04:02:a7:b7:58:44:d0:e1:
         86:76:77:09:6a:0a:ee:45:ab:b2:87:49:fb:10:29:35:a6:06:
         0b:33:d0:ef:b1:67:21:fc:c1:ee:e4:e6:b2:bd:a2:f0:99:44:
         e0:a4:5b:0a:71:2d:15:71:de:77:1e:1e:52:0a:ec:1e:07:d5:
         cc:3d:d8:36:58:6e:d3:56:bd:c4:2b:34:63:b2:57:ca:1b:d1:
         94:99:94:90:7a:69:88:c5:0d:70:3c:7b:ec:cc:4c:f8:aa:61:
         d9:a1:01:24:13:c3:ea:18:82:b0:12:45:23:bc:e2:eb:56:b6:
         4e:6e:9e:4e:34:91:29:90:4a:cc:a8:b6:5e:8a:a0:5e:ad:55:
         ac:5b:70:6a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMB9Cb4mKdIZSwTFhrcgTJeKrM80wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI1MTgxNDQ2WhcNMjUxMDMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BjM2MyYmQwMDZlZDg4NDY4YjZlY2UwZjJkYmFhMTM0YTY3
NmMyOWNlMzM4YzAwMTRiYTllNTAzOWFiOWM1ZmZhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQv6FIsKcJ5nRLmnkC4yXhCekPYlPT8Xa5IF1LR+2B1crB
yl8Why40NiGooeZrUG8Lhhp6SlwPmmfGIh+iF04OxBHht4/keF/oOj04nTaIZmmk
+Kw3el9X+s+2p76ed2LlvLZ0bPgIqQOgoT5e8WRL6v1oqjUXiCEv8guDrJ+zjY8Y
j1ruqu5hNxrgq6YbRMzJBy0UBKQgTbESGT2SoFiY9mF7h46v8sgU2z6bbsrw3GWp
4T2WCSLx8Ec+G/qCwIdIvh6WpRHhGdwt6RjlJRUOuOhHJh23VO27nSUXkzP/PXko
g/WguqhYonNsx6M+OF0yDtuEa6o5nJhOxyD5oGnXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3PKqm61xihayRJBnl6pm1Eyjf4kwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzhmMTgxODViLTcxNzctNDE1OC1hY2IwLWU1NGZjOTdmMzUwMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAADpRAwDQYJKoZIhvcNAQELBQADggEBAHJmJRK2NX6hdDcVrWaGFV7jvkYN
qlNhoHzFEYxC8CBlvxtk042QmBsQeXUoothhO0eBNgm709PAuF0Rb9sXp8MoUrLa
IEoZtJk3VHLjE6GmSbxa5tQdYAke6e46iJW25JZUaKhXveFRPd8Mj2ae3Sqozbzq
MTQEAqe3WETQ4YZ2dwlqCu5Fq7KHSfsQKTWmBgsz0O+xZyH8we7k5rK9ovCZROCk
WwpxLRVx3nceHlIK7B4H1cw92DZYbtNWvcQrNGOyV8ob0ZSZlJB6aYjFDXA8e+zM
TPiqYdmhASQTw+oYgrASRSO84utWtk5unk40kSmQSsyotl6KoF6tVaxbcGo=
-----END CERTIFICATE-----
Generated at Fri Oct 17 22:05:21 2025 by rpki-client