Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9f1da5f4-2f4a-489f-a3aa-a0b746185d1d.roa
File:                     9f1da5f4-2f4a-489f-a3aa-a0b746185d1d.roa (raw, json)
Hash identifier:          t12EXZuxVRUB/nyf9kaposE5lSEn3rNI3IhQV7Chaf0=
Subject key identifier:   92:B0:A1:B8:F7:37:57:43:46:D4:18:03:68:BA:49:F3:64:F0:1D:F4
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       327A0A85E42B2E49B25AA0FB0135D751E99BC6DC
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9f1da5f4-2f4a-489f-a3aa-a0b746185d1d.roa
Signing time:             Fri 26 Sep 2025 16:30:45 +0000
ROA not before:           Fri 26 Sep 2025 16:30:45 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.56.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:7a:0a:85:e4:2b:2e:49:b2:5a:a0:fb:01:35:d7:51:e9:9b:c6:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 26 16:30:45 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=ed6d47682437ebe539b51e273539c7804d93fbeeedcbfd96a57c1365db503a2e, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:29:97:8c:fb:ed:d4:6c:84:2c:ee:1e:f1:50:
                    ac:e3:16:e4:ff:70:80:7c:bd:11:2b:00:a8:aa:2f:
                    1c:4a:b7:af:7f:11:68:5d:c6:b5:e6:dc:bd:bb:e8:
                    1c:a2:04:d0:99:20:b0:fb:e7:9d:53:eb:59:f2:b1:
                    cc:54:4d:bb:81:23:03:f3:7d:6a:3d:fd:54:93:bb:
                    6c:bf:14:21:b4:e6:88:12:cd:e0:6f:2d:1f:05:ac:
                    62:0a:2a:10:3b:13:0b:00:a0:83:7d:39:aa:aa:5b:
                    e2:2d:bb:c8:88:75:3a:83:3d:d3:f1:49:60:ba:92:
                    03:73:c8:36:c6:4b:c0:f1:86:a5:de:62:ea:df:56:
                    fd:d1:0b:65:1f:c0:f0:01:7b:f8:24:50:a5:3b:26:
                    ba:94:86:29:e6:e0:4d:61:98:79:ba:ba:72:df:00:
                    32:b8:2f:27:34:68:99:72:a0:18:cb:d3:60:52:8f:
                    ff:a7:42:b3:66:71:e9:30:f1:ac:89:f2:50:5d:fd:
                    45:f5:b5:42:16:66:34:80:a1:46:20:25:73:19:9e:
                    0d:93:93:53:f8:6f:6b:d3:10:84:a5:08:0e:89:0a:
                    ef:20:8e:d9:db:f9:be:0b:1c:dd:07:cf:76:3e:01:
                    3c:14:72:9f:c6:e5:34:5a:7c:45:8b:8b:0f:26:c8:
                    42:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:B0:A1:B8:F7:37:57:43:46:D4:18:03:68:BA:49:F3:64:F0:1D:F4
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9f1da5f4-2f4a-489f-a3aa-a0b746185d1d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.56.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b3:12:d6:dd:e7:e3:6f:68:1a:75:a1:87:17:7c:3a:8c:7b:d4:
         0a:f4:1d:73:ba:4e:35:38:5d:8e:12:80:16:8d:4f:5f:46:f9:
         d2:6b:04:0a:f8:1e:39:64:b3:ab:ba:2d:21:cb:a2:9f:ed:de:
         ae:49:ab:84:79:1e:00:65:95:83:a9:f6:c9:9a:28:e7:3c:2f:
         96:37:4d:92:45:e9:a3:b5:99:16:c3:ee:b8:b3:7d:a1:98:0c:
         ef:d5:84:09:43:01:66:2f:37:e9:82:07:d2:a7:90:01:b6:76:
         91:df:3c:91:56:b6:90:16:53:e6:94:c8:f0:51:0e:4b:e6:6e:
         a0:20:d4:e0:ca:12:15:f0:a5:c0:2e:79:a2:9c:df:ca:aa:d5:
         6b:3f:de:8b:dc:59:21:93:3c:2e:55:fb:a4:d0:ba:95:8c:6c:
         05:b7:a7:f7:9d:c9:7d:48:d1:63:7f:3d:e6:20:47:3e:02:a1:
         4c:aa:64:08:77:11:f6:0c:b6:96:57:74:bf:9d:dd:bb:7c:f3:
         86:66:08:cf:64:56:ff:48:2b:15:83:b5:c9:21:27:c0:20:23:
         73:10:09:d2:e8:46:66:b7:ec:43:a0:56:90:69:2b:c6:cf:48:
         c3:7f:c8:22:20:5a:c1:3e:4c:3b:4d:2c:6c:4a:90:eb:31:e1:
         7c:b8:98:4c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUMnoKheQrLkmyWqD7ATXXUembxtwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI2MTYzMDQ1WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BlZDZkNDc2ODI0MzdlYmU1MzliNTFlMjczNTM5Yzc4MDRk
OTNmYmVlZWRjYmZkOTZhNTdjMTM2NWRiNTAzYTJlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDUKZeM++3UbIQs7h7xUKzjFuT/cIB8vRErAKiqLxxKt69/
EWhdxrXm3L276ByiBNCZILD7551T61nyscxUTbuBIwPzfWo9/VSTu2y/FCG05ogS
zeBvLR8FrGIKKhA7EwsAoIN9OaqqW+Itu8iIdTqDPdPxSWC6kgNzyDbGS8DxhqXe
YurfVv3RC2UfwPABe/gkUKU7JrqUhinm4E1hmHm6unLfADK4Lyc0aJlyoBjL02BS
j/+nQrNmcekw8ayJ8lBd/UX1tUIWZjSAoUYgJXMZng2Tk1P4b2vTEISlCA6JCu8g
jtnb+b4LHN0Hz3Y+ATwUcp/G5TRafEWLiw8myEI3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUkrChuPc3V0NG1BgDaLpJ82TwHfQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzlmMWRhNWY0LTJmNGEtNDg5Zi1hM2FhLWEwYjc0NjE4NWQxZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwASODANBgkqhkiG9w0BAQsFAAOCAQEAsxLW3efjb2gadaGHF3w6jHvUCvQd
c7pONThdjhKAFo1PX0b50msECvgeOWSzq7otIcuin+3erkmrhHkeAGWVg6n2yZoo
5zwvljdNkkXpo7WZFsPuuLN9oZgM79WECUMBZi836YIH0qeQAbZ2kd88kVa2kBZT
5pTI8FEOS+ZuoCDU4MoSFfClwC55opzfyqrVaz/ei9xZIZM8LlX7pNC6lYxsBben
953JfUjRY3895iBHPgKhTKpkCHcR9gy2lld0v53du3zzhmYIz2RW/0grFYO1ySEn
wCAjcxAJ0uhGZrfsQ6BWkGkrxs9Iw3/IIiBawT5MO00sbEqQ6zHhfLiYTA==
-----END CERTIFICATE-----
Generated at Fri Oct 17 23:55:03 2025 by rpki-client