Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ab282722-9f16-4836-9a5c-37dc32e526f3.roa
File:                     ab282722-9f16-4836-9a5c-37dc32e526f3.roa (raw, json)
Hash identifier:          PdqQlXjaXm/w707vu+hySm7zR9jSucIu/NteXQTnZ4Q=
Subject key identifier:   DE:7B:4B:38:12:3F:8B:51:C2:AA:79:D2:B7:AA:52:73:5F:87:A2:DE
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4848CBC9EFC0191122AC3FB58EDD284E69C82D1D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ab282722-9f16-4836-9a5c-37dc32e526f3.roa
Signing time:             Mon 22 Sep 2025 18:21:42 +0000
ROA not before:           Mon 22 Sep 2025 18:21:42 +0000
ROA not after:            Mon 27 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.160.212.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:48:cb:c9:ef:c0:19:11:22:ac:3f:b5:8e:dd:28:4e:69:c8:2d:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 22 18:21:42 2025 GMT
            Not After : Oct 27 23:59:59 2025 GMT
        Subject: serialNumber=427ba875af5686e42320ccc1a4fd7508a5cc319d2f6fa32f00e3066956f14e16, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:05:49:53:22:45:8f:67:96:a8:fe:b0:55:50:
                    24:6d:1e:1a:d3:db:9f:1b:db:83:0f:49:d2:46:8e:
                    f4:ab:d1:21:34:ca:0c:34:12:2e:58:76:40:12:54:
                    f1:e2:d3:2e:c7:d2:4f:0a:88:96:42:4c:47:e0:b2:
                    8c:2a:83:d7:0b:0d:b3:2b:db:e7:75:d5:f9:81:6b:
                    39:3f:58:a0:3e:14:28:85:a2:42:b9:66:be:83:08:
                    86:24:ff:21:43:98:9d:ac:a2:a6:0d:52:f4:94:c8:
                    2d:ff:91:bd:d4:2f:db:f1:01:6a:84:33:df:14:b9:
                    52:64:97:01:7e:16:a2:0f:ee:f0:53:5a:44:65:57:
                    b7:73:53:ec:4b:c9:ee:36:1a:ae:f4:6b:61:fa:b4:
                    c0:c2:3d:ac:a1:6d:18:32:05:f9:01:b4:81:f9:9b:
                    88:87:fc:86:c5:18:a8:bd:4d:11:71:20:c9:f8:d5:
                    14:91:7d:8e:d1:fa:e2:42:35:00:bc:19:60:56:33:
                    59:d2:ad:45:44:52:ec:a5:0b:b8:fb:83:1f:f5:e0:
                    5d:bb:0f:33:33:8a:03:0c:3e:69:dc:ac:88:c8:eb:
                    e4:b3:cb:f2:13:2c:4d:6e:f2:ef:63:16:df:bc:ad:
                    f2:7f:8f:87:6b:a6:cf:a0:58:5a:5c:0a:ce:2b:44:
                    69:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:7B:4B:38:12:3F:8B:51:C2:AA:79:D2:B7:AA:52:73:5F:87:A2:DE
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ab282722-9f16-4836-9a5c-37dc32e526f3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.160.212.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:dd:fe:18:1a:ab:ca:17:68:65:c9:4e:27:ed:be:6b:8b:43:
         9c:91:47:36:a8:a4:6e:9e:5d:8f:42:ca:a1:53:82:12:16:49:
         e3:07:01:1b:df:1f:0c:10:fc:c8:13:30:1e:81:8b:10:f8:e1:
         19:16:52:d2:ae:da:f3:84:e1:02:41:93:92:ba:00:fa:cc:bd:
         d3:b6:77:9d:a8:99:16:c0:b1:13:c6:3c:58:4f:9c:d9:df:c1:
         31:83:7e:51:f6:98:c9:0d:e5:05:bb:57:a8:a3:d1:b5:6c:ea:
         41:49:9a:9f:89:f6:8f:ce:3b:d2:ef:20:a2:41:ff:2f:0b:61:
         79:0d:ca:5b:7a:0c:2c:27:00:5c:df:57:76:60:79:3a:f1:98:
         88:f3:d4:3e:16:8f:b8:0d:bb:37:bd:a0:33:5f:1c:32:a0:7e:
         95:23:c3:c7:3d:2b:89:9e:ce:0d:33:e6:38:03:d4:09:ce:9a:
         4b:a0:4d:92:68:81:f5:a6:a3:8c:b4:3f:c2:47:e1:1e:5c:47:
         4b:ab:b4:fb:6e:6a:95:75:67:49:61:98:65:19:99:49:a9:76:
         c6:1c:07:37:03:75:5b:d8:d6:d8:5e:be:4d:a4:51:08:ba:c2:
         96:95:7e:0d:8e:dd:84:52:0e:85:96:ca:ed:36:48:0f:53:aa:
         15:be:26:40
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSEjLye/AGREirD+1jt0oTmnILR0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTIyMTgyMTQyWhcNMjUxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MjdiYTg3NWFmNTY4NmU0MjMyMGNjYzFhNGZkNzUwOGE1
Y2MzMTlkMmY2ZmEzMmYwMGUzMDY2OTU2ZjE0ZTE2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4BUlTIkWPZ5ao/rBVUCRtHhrT258b24MPSdJGjvSr0SE0
ygw0Ei5YdkASVPHi0y7H0k8KiJZCTEfgsowqg9cLDbMr2+d11fmBazk/WKA+FCiF
okK5Zr6DCIYk/yFDmJ2soqYNUvSUyC3/kb3UL9vxAWqEM98UuVJklwF+FqIP7vBT
WkRlV7dzU+xLye42Gq70a2H6tMDCPayhbRgyBfkBtIH5m4iH/IbFGKi9TRFxIMn4
1RSRfY7R+uJCNQC8GWBWM1nSrUVEUuylC7j7gx/14F27DzMzigMMPmncrIjI6+Sz
y/ITLE1u8u9jFt+8rfJ/j4drps+gWFpcCs4rRGmTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3ntLOBI/i1HCqnnSt6pSc1+Hot4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2FiMjgyNzIyLTlmMTYtNDgzNi05YTVjLTM3ZGMzMmU1MjZmMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAASoNQwDQYJKoZIhvcNAQELBQADggEBACDd/hgaq8oXaGXJTiftvmuLQ5yR
RzaopG6eXY9CyqFTghIWSeMHARvfHwwQ/MgTMB6BixD44RkWUtKu2vOE4QJBk5K6
APrMvdO2d52omRbAsRPGPFhPnNnfwTGDflH2mMkN5QW7V6ij0bVs6kFJmp+J9o/O
O9LvIKJB/y8LYXkNylt6DCwnAFzfV3ZgeTrxmIjz1D4Wj7gNuze9oDNfHDKgfpUj
w8c9K4mezg0z5jgD1AnOmkugTZJogfWmo4y0P8JH4R5cR0urtPtuapV1Z0lhmGUZ
mUmpdsYcBzcDdVvY1thevk2kUQi6wpaVfg2O3YRSDoWWyu02SA9TqhW+JkA=
-----END CERTIFICATE-----
Generated at Fri Oct 17 23:52:17 2025 by rpki-client