Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a57f9d8b-6b3c-4ec9-845a-81cab3a69ef2.roa
File:                     a57f9d8b-6b3c-4ec9-845a-81cab3a69ef2.roa (raw, json)
Hash identifier:          P4LGMZLqW2Ui9VRyQLzH984YbVahKdseLxw8PuTA4GA=
Subject key identifier:   02:1D:A0:AC:A5:1F:DA:57:4C:7C:0C:4D:77:51:E0:10:0E:B5:E6:2E
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6C70BB4878D3E51BAFA79FF5352DB8FD435283
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a57f9d8b-6b3c-4ec9-845a-81cab3a69ef2.roa
Signing time:             Fri 26 Sep 2025 16:30:42 +0000
ROA not before:           Fri 26 Sep 2025 16:30:42 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.53.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:70:bb:48:78:d3:e5:1b:af:a7:9f:f5:35:2d:b8:fd:43:52:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 26 16:30:42 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=c27a1eb52112153c5bd28011b82671fae94f3451f5d126bc574b71c993cd4273, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:8c:b6:43:48:91:03:e0:e9:70:5f:18:55:76:
                    81:ba:0e:3e:84:3d:49:2f:9a:e7:9a:90:28:1e:13:
                    f8:05:aa:1d:9e:0c:35:36:9b:2f:f0:58:12:a6:4a:
                    f2:e8:e9:35:82:72:d2:ac:36:d2:a1:f9:6f:1a:e4:
                    c0:55:77:b8:cd:27:d9:38:71:ad:cc:55:44:07:0e:
                    37:d4:3e:f3:2c:6a:a2:b8:b6:f7:2f:65:38:af:1b:
                    a3:53:61:d4:41:58:32:10:09:85:80:53:c8:78:34:
                    a9:5e:b1:a1:ad:c5:9c:da:2d:77:88:c6:86:37:8d:
                    25:65:19:9e:75:0f:b0:dd:11:32:7f:c7:91:39:98:
                    24:b0:75:de:95:96:a6:66:27:f4:6e:7d:c7:a8:83:
                    49:11:91:af:d6:87:31:02:cf:9b:43:05:fb:3a:5a:
                    95:2d:5a:b2:38:d8:1f:a8:68:8e:0a:eb:fe:10:2f:
                    5f:c8:1b:bc:96:e2:be:c3:b0:7d:52:6d:1d:56:5a:
                    c8:08:a7:6b:4d:c0:76:7f:7a:1f:ff:b6:46:b3:a0:
                    74:1e:ba:c3:3c:af:48:ac:1e:2c:ad:16:cf:eb:cb:
                    15:80:45:24:ff:20:62:15:61:d4:f8:f2:d3:75:50:
                    b5:80:a6:49:2b:dd:58:7f:5f:60:8d:56:a7:4d:4e:
                    11:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:1D:A0:AC:A5:1F:DA:57:4C:7C:0C:4D:77:51:E0:10:0E:B5:E6:2E
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a57f9d8b-6b3c-4ec9-845a-81cab3a69ef2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.53.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         75:21:85:4c:95:6c:61:54:14:ca:b3:f5:7c:fa:82:05:dd:a9:
         3b:03:c2:01:3d:c5:f7:0a:f9:5e:01:b6:77:4d:65:65:f3:30:
         f9:1e:c6:e0:36:02:7c:9e:5c:76:cf:70:4b:82:0f:1a:c9:63:
         f4:b5:70:aa:f4:fb:8c:e8:50:e5:71:48:b2:2f:8c:32:4c:f9:
         68:02:bf:42:d5:fb:14:83:4f:fe:5a:0f:0e:1d:2a:d4:4c:00:
         40:21:2b:9a:6b:dd:d2:c5:c8:a5:6e:1c:7a:e8:7f:15:0e:13:
         79:fd:bc:e2:73:9e:86:38:89:71:9d:20:d2:c7:67:6c:94:dd:
         94:e5:84:8f:c8:2d:57:59:54:de:0a:67:f1:8a:00:8d:4f:86:
         70:b6:ce:32:92:30:c3:be:62:cd:c7:dd:c1:d3:19:57:20:e8:
         ee:da:ea:a3:e7:ba:3c:f3:74:57:45:54:01:8b:fa:ff:23:d1:
         99:e1:fc:84:ee:63:34:b0:f2:04:f4:7f:9c:0f:66:9f:21:13:
         28:b3:74:4e:87:dd:6a:ee:39:9c:6f:c3:97:23:d5:10:92:b1:
         7d:c3:63:5f:1a:98:ec:da:bf:e6:f1:4b:2f:e1:85:23:a1:a4:
         c4:b1:09:44:d5:8c:11:50:34:e9:45:9d:93:94:9b:db:2f:8f:
         8f:9c:58:a9
-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgITbHC7SHjT5Ruvp5/1NS24/UNSgzANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzJkZjZmM2IzYTM0YjYzODZkMWEzMmQ4ZjRmYTMxNzhlZjMx
ODg3ZDhiNDI4ZGZhYTQ3NjAeFw0yNTA5MjYxNjMwNDJaFw0yNTEwMzEyMzU5NTla
MHoxSTBHBgNVBAUTQGMyN2ExZWI1MjExMjE1M2M1YmQyODAxMWI4MjY3MWZhZTk0
ZjM0NTFmNWQxMjZiYzU3NGI3MWM5OTNjZDQyNzMxLTArBgNVBAMTJDVmMjc2MDQ1
LTViOWYtNDVlZi05MjNkLWYzZmNlMjRhNjIyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKSMtkNIkQPg6XBfGFV2gboOPoQ9SS+a55qQKB4T+AWqHZ4M
NTabL/BYEqZK8ujpNYJy0qw20qH5bxrkwFV3uM0n2ThxrcxVRAcON9Q+8yxqori2
9y9lOK8bo1Nh1EFYMhAJhYBTyHg0qV6xoa3FnNotd4jGhjeNJWUZnnUPsN0RMn/H
kTmYJLB13pWWpmYn9G59x6iDSRGRr9aHMQLPm0MF+zpalS1asjjYH6hojgrr/hAv
X8gbvJbivsOwfVJtHVZayAina03Adn96H/+2RrOgdB66wzyvSKweLK0Wz+vLFYBF
JP8gYhVh1Pjy03VQtYCmSSvdWH9fYI1Wp01OEbECAwEAAaOCArAwggKsMB0GA1Ud
DgQWBBQCHaCspR/aV0x8DE13UeAQDrXmLjAfBgNVHSMEGDAWgBQlrdNCsB63pY6t
GZAmiLVLP4H0uDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzg1MWNlZjE3LTEz
MmEtNDMzNy1iN2QxLWJmMTZhNTJmZmQwMy9kZjZmM2IzYTM0YjYzODZkMWEzMmQ4
ZjRmYTMxNzhlZjMxODg3ZDhiNDI4ZGZhYTQ3Ni5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9mNzAzNjk2ZS1lNDdiLTRjMjAtYmQ5My02Zjgw
OTA0ZTQyZDIvYTU3ZjlkOGItNmIzYy00ZWM5LTg0NWEtODFjYWIzYTY5ZWYyLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMt
NmY4MDkwNGU0MmQyL3RqaHRHakxZOVBveGVPOHhpSDJMUW8zNnBIWS5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw
BQMDABI1MA0GCSqGSIb3DQEBCwUAA4IBAQB1IYVMlWxhVBTKs/V8+oIF3ak7A8IB
PcX3CvleAbZ3TWVl8zD5HsbgNgJ8nlx2z3BLgg8ayWP0tXCq9PuM6FDlcUiyL4wy
TPloAr9C1fsUg0/+Wg8OHSrUTABAISuaa93Sxcilbhx66H8VDhN5/bzic56GOIlx
nSDSx2dslN2U5YSPyC1XWVTeCmfxigCNT4Zwts4ykjDDvmLNx93B0xlXIOju2uqj
57o883RXRVQBi/r/I9GZ4fyE7mM0sPIE9H+cD2afIRMos3ROh91q7jmcb8OXI9UQ
krF9w2NfGpjs2r/m8Usv4YUjoaTEsQlE1YwRUDTpRZ2TlJvbL4+PnFip
-----END CERTIFICATE-----
Generated at Fri Oct 17 23:54:21 2025 by rpki-client