Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b18e8715-80eb-482a-bdc6-9d6fa67d5ea9.roa
File:                     b18e8715-80eb-482a-bdc6-9d6fa67d5ea9.roa (raw, json)
Hash identifier:          5ZcASSucCBNhxGqHey1hfbir4LM9auomsF20H4HHAIc=
Subject key identifier:   BD:58:A0:58:8F:D0:93:21:20:7D:24:7C:87:E5:F8:A5:DA:BC:9C:C1
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       51D87B3762436316982223E7D8C6289D9DF91F63
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b18e8715-80eb-482a-bdc6-9d6fa67d5ea9.roa
Signing time:             Wed 24 Sep 2025 18:44:17 +0000
ROA not before:           Wed 24 Sep 2025 18:44:17 +0000
ROA not after:            Wed 29 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.35.96.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:d8:7b:37:62:43:63:16:98:22:23:e7:d8:c6:28:9d:9d:f9:1f:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 24 18:44:17 2025 GMT
            Not After : Oct 29 23:59:59 2025 GMT
        Subject: serialNumber=cb86f4876ca4431ac85b5dc18043f95039056cf84a1a4a5c642165f151678e5e, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:9e:84:db:78:df:f7:bc:eb:01:7f:58:1e:64:
                    14:13:66:15:e0:aa:e7:0a:93:7f:ac:4b:6a:91:c5:
                    53:49:23:42:b0:84:b5:ac:f7:9a:31:4f:b2:79:bb:
                    8f:0f:85:e4:be:c7:fd:9e:76:e0:06:7d:de:54:69:
                    6a:6b:3e:2d:0d:89:85:67:e4:16:50:55:ff:d4:a5:
                    46:a0:53:d8:c8:47:6c:77:f0:b6:79:f7:06:0f:5a:
                    0b:8d:a5:cd:b4:d5:61:29:f7:53:ac:9b:16:4e:dd:
                    dd:00:1d:9c:16:8a:c6:3f:3f:86:1b:f6:e5:43:2d:
                    92:50:80:d6:5e:1d:4d:a6:a1:d8:66:c0:c4:b3:2b:
                    8c:0a:fe:90:9b:17:a7:c1:53:ff:ea:44:6e:e1:6f:
                    ce:f5:d6:a2:7a:a1:e8:26:05:0c:89:16:cc:94:c7:
                    41:8a:f1:b6:df:a5:b9:f0:42:70:b7:19:a4:1f:0c:
                    48:33:93:05:81:1f:9f:9a:eb:99:c7:41:dc:d3:d5:
                    59:2d:6b:63:8a:ff:b9:53:85:bb:16:32:36:72:b2:
                    3d:20:01:d1:01:e8:d5:72:a6:f5:5d:93:8e:2d:15:
                    d2:90:37:ef:54:e2:05:70:7a:79:d7:03:e9:ed:21:
                    cb:a5:a3:fa:e5:af:92:37:86:a8:35:a1:c4:e2:b5:
                    61:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:58:A0:58:8F:D0:93:21:20:7D:24:7C:87:E5:F8:A5:DA:BC:9C:C1
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b18e8715-80eb-482a-bdc6-9d6fa67d5ea9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.35.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         33:d1:64:63:31:34:2f:66:74:95:5a:a6:d6:a8:dc:e3:be:39:
         bd:58:49:0d:45:2c:36:02:8a:24:1f:0e:f4:90:63:84:ac:9e:
         6e:89:8d:b2:b5:9d:ec:d0:70:8b:02:a4:23:22:b6:64:e0:b8:
         ad:39:c8:6f:13:99:00:19:6d:9d:2c:a9:f0:31:96:dd:a9:30:
         b4:02:de:99:ae:17:10:05:f2:e4:75:73:2a:6c:91:8a:28:22:
         ac:58:41:d7:a8:5d:87:6e:31:bf:55:bd:8e:e0:c4:9b:9d:c9:
         32:c6:8c:06:68:c7:98:19:1e:66:d1:10:ec:4f:8e:2f:6f:02:
         1e:e5:b8:c2:7a:25:f7:d3:22:d4:20:3d:18:a9:1f:c0:94:d8:
         18:b4:e9:f0:0c:65:af:24:8d:6e:61:54:fb:f0:e9:2b:07:72:
         97:1e:61:63:f4:62:c1:a5:c3:a3:6f:f9:1a:b2:ea:92:04:f3:
         b1:20:58:40:f5:e3:d9:4d:a1:b1:1d:74:8b:32:7e:c7:6e:38:
         08:66:7d:3b:f5:3c:15:93:ff:9d:02:bc:8a:7f:a2:12:c3:67:
         6d:e3:a7:82:b5:f0:a7:75:a1:9d:d0:ca:c0:f4:35:a1:ff:7f:
         80:20:24:e6:8d:38:77:a7:39:37:6c:71:0e:76:ff:be:c4:6a:
         8e:7b:03:65
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUdh7N2JDYxaYIiPn2MYonZ35H2MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI0MTg0NDE3WhcNMjUxMDI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BjYjg2ZjQ4NzZjYTQ0MzFhYzg1YjVkYzE4MDQzZjk1MDM5
MDU2Y2Y4NGExYTRhNWM2NDIxNjVmMTUxNjc4ZTVlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDnoTbeN/3vOsBf1geZBQTZhXgqucKk3+sS2qRxVNJI0Kw
hLWs95oxT7J5u48PheS+x/2eduAGfd5UaWprPi0NiYVn5BZQVf/UpUagU9jIR2x3
8LZ59wYPWguNpc201WEp91OsmxZO3d0AHZwWisY/P4Yb9uVDLZJQgNZeHU2modhm
wMSzK4wK/pCbF6fBU//qRG7hb8711qJ6oegmBQyJFsyUx0GK8bbfpbnwQnC3GaQf
DEgzkwWBH5+a65nHQdzT1Vkta2OK/7lThbsWMjZysj0gAdEB6NVypvVdk44tFdKQ
N+9U4gVwennXA+ntIculo/rlr5I3hqg1ocTitWHdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUvVigWI/QkyEgfSR8h+X4pdq8nMEwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2IxOGU4NzE1LTgwZWItNDgyYS1iZGM2LTlkNmZhNjdkNWVhOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAINI2AwDQYJKoZIhvcNAQELBQADggEBADPRZGMxNC9mdJVaptao3OO+Ob1Y
SQ1FLDYCiiQfDvSQY4Ssnm6JjbK1nezQcIsCpCMitmTguK05yG8TmQAZbZ0sqfAx
lt2pMLQC3pmuFxAF8uR1cypskYooIqxYQdeoXYduMb9VvY7gxJudyTLGjAZox5gZ
HmbREOxPji9vAh7luMJ6JffTItQgPRipH8CU2Bi06fAMZa8kjW5hVPvw6SsHcpce
YWP0YsGlw6Nv+Rqy6pIE87EgWED149lNobEddIsyfsduOAhmfTv1PBWT/50CvIp/
ohLDZ23jp4K18Kd1oZ3QysD0NaH/f4AgJOaNOHenOTdscQ52/77Eao57A2U=
-----END CERTIFICATE-----
Generated at Fri Oct 17 22:02:19 2025 by rpki-client