Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b9346d69-f281-45b4-8085-5de40b5ee32f.roa
File:                     b9346d69-f281-45b4-8085-5de40b5ee32f.roa (raw, json)
Hash identifier:          KPa+vaSu5dVXQM9pUJigg/xb1NaQaxX5Rbhi+ueC0VA=
Subject key identifier:   E5:6B:A0:C9:0F:5A:FD:5D:AE:28:FB:5F:C6:90:88:2F:C3:C0:90:15
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       77CE18902A817F378F600564C8D68DE895B6CA7F
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b9346d69-f281-45b4-8085-5de40b5ee32f.roa
Signing time:             Fri 07 Nov 2025 01:31:49 +0000
ROA not before:           Fri 07 Nov 2025 01:31:49 +0000
ROA not after:            Fri 12 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.158.185.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 08 Nov 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:ce:18:90:2a:81:7f:37:8f:60:05:64:c8:d6:8d:e8:95:b6:ca:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov  7 01:31:49 2025 GMT
            Not After : Dec 12 23:59:59 2025 GMT
        Subject: serialNumber=0cf81dad905907f52998742744a475d3eaefd48856c265ea43a78927a4125b32, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:94:d2:3e:aa:38:02:96:7f:c8:7b:da:21:70:
                    f3:0d:0d:4f:97:f0:1b:e6:2b:8e:73:56:4f:29:3c:
                    e0:dc:4b:e6:03:b6:d9:e6:17:9e:2e:3a:e8:4d:6a:
                    96:23:ba:25:cb:91:11:d3:72:d8:18:59:d4:31:bd:
                    75:3b:bf:f0:5c:ab:bc:51:14:7f:08:6e:17:18:f1:
                    8d:95:ac:f2:2b:6e:e8:76:7d:5d:8f:b9:8e:8b:63:
                    94:d5:ec:4d:87:12:15:d8:ff:8e:d0:59:76:23:00:
                    7f:db:66:5c:73:27:79:35:fb:fd:4e:d4:46:d1:02:
                    b1:80:8b:9c:6b:ba:3a:72:93:32:eb:b5:7c:2f:56:
                    c1:11:b4:f6:bf:72:c2:62:ab:70:79:d2:ae:6c:27:
                    dd:b2:bb:7e:6e:4f:a8:a3:b1:c1:0c:f7:27:78:3a:
                    1c:37:93:23:09:29:23:96:3c:36:a0:52:07:48:de:
                    ec:bc:eb:aa:de:da:06:43:11:f8:e7:89:27:23:75:
                    e8:52:d4:eb:0d:0b:ba:b1:6c:73:df:cb:69:00:b9:
                    9d:45:90:b5:f5:dc:f9:d6:1f:79:ee:58:b6:b2:13:
                    a0:fa:09:94:d9:98:44:77:87:10:54:b6:a8:ed:ce:
                    5d:1f:b8:61:69:c5:39:16:2a:9e:e9:3a:8a:99:4d:
                    40:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:6B:A0:C9:0F:5A:FD:5D:AE:28:FB:5F:C6:90:88:2F:C3:C0:90:15
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b9346d69-f281-45b4-8085-5de40b5ee32f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.158.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:26:98:9f:09:3e:b9:6d:71:1a:88:a2:46:ae:71:10:5a:3c:
         6a:67:fc:bd:a8:27:24:d2:43:94:e3:92:63:38:1f:0c:0e:61:
         39:af:dc:c3:8d:c0:e6:40:40:d2:1f:62:d1:19:ae:42:1f:46:
         57:f6:9d:7e:3f:bd:ea:fe:b9:67:bc:c5:bb:75:2d:14:d0:2b:
         5b:7b:89:a1:ff:98:00:2b:69:62:33:66:d0:fd:d6:3d:5a:6f:
         63:26:c6:b5:1e:72:dc:d0:cb:61:d4:f1:83:4b:ba:b1:a1:91:
         4d:ca:fb:29:23:3f:ab:e6:83:ed:81:8f:8c:42:f5:24:f8:d9:
         30:48:5f:57:a0:1a:ee:00:d3:c2:55:08:bd:34:a8:da:27:72:
         18:12:ed:d3:67:f0:c0:43:9f:52:a0:40:aa:a6:4c:21:5d:69:
         88:f5:c0:07:a2:b0:44:ac:7f:f8:cc:1f:95:c8:0c:96:d0:6a:
         cc:a1:ba:04:df:c3:73:25:8a:b8:87:ff:20:f9:89:85:c3:0d:
         9d:83:3c:f2:60:53:08:8e:91:b9:ba:7f:20:06:9d:bc:c0:a4:
         a7:fd:bc:ef:86:10:92:65:d0:90:93:fb:62:b7:74:31:09:55:
         df:18:d7:59:29:c5:f7:4a:5f:99:ab:f1:dc:5a:1e:cd:83:f8:
         e1:9d:da:04
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUd84YkCqBfzePYAVkyNaN6JW2yn8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMTA3MDEzMTQ5WhcNMjUxMjEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AwY2Y4MWRhZDkwNTkwN2Y1Mjk5ODc0Mjc0NGE0NzVkM2Vh
ZWZkNDg4NTZjMjY1ZWE0M2E3ODkyN2E0MTI1YjMyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCJlNI+qjgCln/Ie9ohcPMNDU+X8BvmK45zVk8pPODcS+YD
ttnmF54uOuhNapYjuiXLkRHTctgYWdQxvXU7v/Bcq7xRFH8IbhcY8Y2VrPIrbuh2
fV2PuY6LY5TV7E2HEhXY/47QWXYjAH/bZlxzJ3k1+/1O1EbRArGAi5xrujpykzLr
tXwvVsERtPa/csJiq3B50q5sJ92yu35uT6ijscEM9yd4Ohw3kyMJKSOWPDagUgdI
3uy866re2gZDEfjniScjdehS1OsNC7qxbHPfy2kAuZ1FkLX13PnWH3nuWLayE6D6
CZTZmER3hxBUtqjtzl0fuGFpxTkWKp7pOoqZTUCfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5WugyQ9a/V2uKPtfxpCIL8PAkBUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2I5MzQ2ZDY5LWYyODEtNDViNC04MDg1LTVkZTQwYjVlZTMyZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAPnrkwDQYJKoZIhvcNAQELBQADggEBACommJ8JPrltcRqIokaucRBaPGpn
/L2oJyTSQ5TjkmM4HwwOYTmv3MONwOZAQNIfYtEZrkIfRlf2nX4/ver+uWe8xbt1
LRTQK1t7iaH/mAAraWIzZtD91j1ab2MmxrUectzQy2HU8YNLurGhkU3K+ykjP6vm
g+2Bj4xC9ST42TBIX1egGu4A08JVCL00qNonchgS7dNn8MBDn1KgQKqmTCFdaYj1
wAeisESsf/jMH5XIDJbQasyhugTfw3MliriH/yD5iYXDDZ2DPPJgUwiOkbm6fyAG
nbzApKf9vO+GEJJl0JCT+2K3dDEJVd8Y11kpxfdKX5mr8dxaHs2D+OGd2gQ=
-----END CERTIFICATE-----
Generated at Fri Nov 7 20:17:36 2025 by rpki-client