Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8f1fd1a1-f976-4b54-9419-17e9142ed1b5.roa
File:                     8f1fd1a1-f976-4b54-9419-17e9142ed1b5.roa (raw, json)
Hash identifier:          Ry1KYx6sNmaIWhzwEQiaZFeTmhoUuuOhm9zkgYv2Ox0=
Subject key identifier:   87:C6:59:49:0B:F1:8E:D8:D6:42:2F:2F:47:11:1A:A7:2D:5C:EC:36
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5D2DE63FB27226444C508D8B760DEBBE1F9C3CBC
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8f1fd1a1-f976-4b54-9419-17e9142ed1b5.roa
Signing time:             Mon 22 Sep 2025 22:54:05 +0000
ROA not before:           Mon 22 Sep 2025 22:54:05 +0000
ROA not after:            Mon 27 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.245.190.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:2d:e6:3f:b2:72:26:44:4c:50:8d:8b:76:0d:eb:be:1f:9c:3c:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 22 22:54:05 2025 GMT
            Not After : Oct 27 23:59:59 2025 GMT
        Subject: serialNumber=a48c2740d6c178d6c4d490e906fbd8011bbc0230fa9dcee114b49943adb856f6, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:64:d1:34:49:ec:ed:26:3b:86:8e:d3:88:37:
                    a9:9b:bd:e9:8b:95:a1:4a:be:b4:b7:64:99:62:25:
                    c0:65:65:a2:06:86:82:7e:84:3a:b4:26:97:3a:35:
                    b5:53:19:39:59:48:1e:ec:11:3a:7f:88:99:78:52:
                    aa:8e:60:48:50:86:7a:ae:0a:56:97:d4:f3:c6:35:
                    72:35:55:24:ba:5b:e0:af:f8:ae:23:b6:28:60:f8:
                    6b:ea:d7:08:ed:0b:7f:bb:67:27:df:cd:50:75:cd:
                    c8:bb:60:60:aa:97:e7:b8:ac:bd:33:44:51:a9:e1:
                    a5:63:28:ad:81:ce:c9:81:c6:6b:86:30:50:2a:74:
                    ed:b9:7c:6a:3d:e9:33:8a:97:46:16:67:37:68:e5:
                    1c:f0:b1:86:79:e7:83:f5:4f:3c:a6:fa:62:7a:a1:
                    40:cb:c9:5a:71:07:25:1c:91:10:7e:e0:a4:c3:c6:
                    6b:66:77:e5:82:b8:e4:93:77:a9:05:ea:16:3e:de:
                    bd:92:a3:37:e7:31:3c:9d:43:f0:2c:68:9f:29:6f:
                    d3:17:c4:d0:db:14:66:0b:ac:f5:fb:e4:40:fe:25:
                    f7:fb:cf:44:26:b0:dd:83:6e:38:46:48:6f:21:3a:
                    d4:0c:2a:24:2e:5a:b1:e0:fd:ad:48:64:37:aa:55:
                    08:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:C6:59:49:0B:F1:8E:D8:D6:42:2F:2F:47:11:1A:A7:2D:5C:EC:36
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8f1fd1a1-f976-4b54-9419-17e9142ed1b5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.245.190.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:c2:b8:34:00:65:51:7a:d3:85:0b:2a:24:78:65:29:95:36:
         52:9b:ef:3f:a7:de:e3:16:14:6d:db:33:15:7b:1d:31:06:93:
         48:26:44:f5:ea:2f:03:4b:66:55:b2:62:3d:5a:4a:b8:8a:a8:
         7b:da:83:a9:df:e1:d5:75:c1:de:da:56:29:c2:9d:85:48:30:
         1a:3c:a8:68:69:3b:f4:01:61:60:db:9f:3d:b7:25:30:5b:6c:
         28:44:e0:2a:40:58:fa:4b:d3:88:db:53:45:60:0d:52:df:f1:
         39:2b:be:ef:6e:56:51:0c:c7:31:2a:fa:fe:17:15:1c:10:7f:
         a3:16:73:68:b6:ea:bb:c0:cb:79:85:02:02:60:ae:e4:62:d3:
         d1:d4:b6:36:0e:15:7a:f4:1b:11:9b:23:6d:91:4d:74:59:34:
         0b:fe:41:15:41:db:d3:2d:09:4a:8a:b6:da:cd:cc:a7:b5:7b:
         29:b0:11:b8:59:f2:6b:8b:68:bd:23:59:0e:76:ed:c0:8f:33:
         b5:59:59:44:56:4d:6b:a5:46:48:fa:d9:32:7d:73:b4:fa:4f:
         84:25:69:28:5e:d3:1b:49:0a:1c:bc:a6:9a:3f:3d:b0:52:47:
         52:16:db:98:6f:60:eb:e1:3f:92:8a:ab:4b:71:5d:61:df:4d:
         07:33:f4:12
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXS3mP7JyJkRMUI2Ldg3rvh+cPLwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTIyMjI1NDA1WhcNMjUxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNDhjMjc0MGQ2YzE3OGQ2YzRkNDkwZTkwNmZiZDgwMTFi
YmMwMjMwZmE5ZGNlZTExNGI0OTk0M2FkYjg1NmY2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCTZNE0SeztJjuGjtOIN6mbvemLlaFKvrS3ZJliJcBlZaIG
hoJ+hDq0Jpc6NbVTGTlZSB7sETp/iJl4UqqOYEhQhnquClaX1PPGNXI1VSS6W+Cv
+K4jtihg+Gvq1wjtC3+7ZyffzVB1zci7YGCql+e4rL0zRFGp4aVjKK2BzsmBxmuG
MFAqdO25fGo96TOKl0YWZzdo5RzwsYZ554P1Tzym+mJ6oUDLyVpxByUckRB+4KTD
xmtmd+WCuOSTd6kF6hY+3r2SozfnMTydQ/AsaJ8pb9MXxNDbFGYLrPX75ED+Jff7
z0QmsN2DbjhGSG8hOtQMKiQuWrHg/a1IZDeqVQj3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUh8ZZSQvxjtjWQi8vRxEapy1c7DYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzhmMWZkMWExLWY5NzYtNGI1NC05NDE5LTE3ZTkxNDJlZDFiNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAS9b4wDQYJKoZIhvcNAQELBQADggEBABPCuDQAZVF604ULKiR4ZSmVNlKb
7z+n3uMWFG3bMxV7HTEGk0gmRPXqLwNLZlWyYj1aSriKqHvag6nf4dV1wd7aVinC
nYVIMBo8qGhpO/QBYWDbnz23JTBbbChE4CpAWPpL04jbU0VgDVLf8Tkrvu9uVlEM
xzEq+v4XFRwQf6MWc2i26rvAy3mFAgJgruRi09HUtjYOFXr0GxGbI22RTXRZNAv+
QRVB29MtCUqKttrNzKe1eymwEbhZ8muLaL0jWQ527cCPM7VZWURWTWulRkj62TJ9
c7T6T4QlaShe0xtJChy8ppo/PbBSR1IW25hvYOvhP5KKq0txXWHfTQcz9BI=
-----END CERTIFICATE-----
Generated at Fri Oct 17 21:59:20 2025 by rpki-client