Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ec62a8b2-8a8a-4a64-bf41-4c1e5865792b.roa
File:                     ec62a8b2-8a8a-4a64-bf41-4c1e5865792b.roa (raw, json)
Hash identifier:          M8TrowCSMgij+aPuJxp8OQ2V86PIlq7rNjdtuqY9W0s=
Subject key identifier:   AC:73:52:75:A6:84:9C:37:4F:8D:F2:1B:E5:DA:A7:C6:27:FC:BF:E7
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2FA1C304A4057C26A5F213032C1C7EBB62ACD73D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ec62a8b2-8a8a-4a64-bf41-4c1e5865792b.roa
Signing time:             Tue 19 Aug 2025 15:21:08 +0000
ROA not before:           Tue 19 Aug 2025 15:21:08 +0000
ROA not after:            Tue 23 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.64.0.0/12 maxlen: 12
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 22 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:a1:c3:04:a4:05:7c:26:a5:f2:13:03:2c:1c:7e:bb:62:ac:d7:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Aug 19 15:21:08 2025 GMT
            Not After : Sep 23 23:59:59 2025 GMT
        Subject: serialNumber=372841878fbe750919c6cd506bca6509e98f32f6b82316453a062d4950b7e766, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:13:34:9e:a4:aa:29:ec:94:3d:42:98:83:35:
                    2f:45:cc:65:4f:ec:fe:30:0b:b2:02:8f:41:56:c5:
                    87:b5:03:66:70:19:1c:54:79:56:1b:f2:53:db:6a:
                    2d:72:6e:57:c5:db:9a:a9:af:fb:d5:c0:32:22:b1:
                    83:79:2d:fe:8b:96:45:cd:c4:7b:a2:35:ac:c4:bf:
                    20:00:0c:40:f0:4f:f5:eb:af:43:74:81:69:76:85:
                    04:d2:b0:20:44:92:10:70:9a:1b:95:9f:55:63:d6:
                    88:3a:a1:89:c6:44:09:8f:c1:4b:d3:07:4d:c3:37:
                    40:41:09:9b:89:39:41:57:2c:d1:ae:31:ba:e6:22:
                    47:ec:b2:3c:b9:45:8c:ca:31:f9:31:32:8c:aa:20:
                    e8:d0:af:83:98:f2:cd:a0:b6:71:6e:5d:42:51:ef:
                    92:e5:e6:68:39:70:25:2b:cc:09:54:36:24:20:cb:
                    5e:eb:90:d8:5f:ef:62:d4:e6:34:24:eb:19:c3:b9:
                    ec:f5:d2:48:5a:f9:0b:d4:c2:0c:89:e6:af:9d:c9:
                    ff:80:53:98:c5:4e:94:31:19:c9:33:16:17:0e:04:
                    53:93:50:50:86:78:15:05:09:b2:be:a0:cc:df:e5:
                    49:c4:82:52:9f:24:8f:ff:01:54:0c:31:11:c6:a2:
                    23:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:73:52:75:A6:84:9C:37:4F:8D:F2:1B:E5:DA:A7:C6:27:FC:BF:E7
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ec62a8b2-8a8a-4a64-bf41-4c1e5865792b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.64.0.0/12

    Signature Algorithm: sha256WithRSAEncryption
         1c:f1:62:3b:75:23:0d:73:0a:13:b9:57:83:8d:dd:d7:c9:4c:
         45:da:09:c9:17:16:f4:41:b8:91:0c:aa:15:d9:71:66:45:5f:
         cd:5c:88:6b:45:e6:07:f4:52:e0:1c:9e:b3:fd:14:ef:06:e5:
         3e:2d:63:3b:00:01:84:b5:f1:10:17:18:cf:2f:4e:db:d9:51:
         37:4a:36:b4:72:c1:ad:73:61:eb:cb:cf:ad:08:75:3a:d1:4c:
         9c:60:29:df:84:cd:eb:7e:7c:f7:59:09:dc:a1:7f:42:11:08:
         f3:85:da:c4:b6:38:a9:e8:1d:35:30:90:7a:a8:65:b3:e3:25:
         e4:bf:56:58:c1:03:74:91:6c:2d:d5:a6:b4:c6:87:d7:17:23:
         0c:9b:a8:95:b9:62:fb:a1:9a:f2:1a:d4:67:de:92:0f:76:22:
         d0:64:f4:e2:1e:83:8c:79:1a:74:78:d6:35:62:d7:5a:a0:f6:
         73:e2:6e:64:55:73:7d:c6:91:81:a5:bd:e9:a7:1d:28:ff:17:
         3b:17:e8:a7:88:2e:87:37:be:20:d4:9e:e7:37:e8:d6:c0:b6:
         01:e0:37:5a:8a:e7:eb:e4:d2:be:9b:73:ca:53:c9:db:c7:62:
         79:be:1e:ee:84:31:33:91:96:40:22:da:b8:03:75:98:76:e7:
         91:f1:c7:8a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUL6HDBKQFfCal8hMDLBx+u2Ks1z0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwODE5MTUyMTA4WhcNMjUwOTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AzNzI4NDE4NzhmYmU3NTA5MTljNmNkNTA2YmNhNjUwOWU5
OGYzMmY2YjgyMzE2NDUzYTA2MmQ0OTUwYjdlNzY2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpEzSepKop7JQ9QpiDNS9FzGVP7P4wC7ICj0FWxYe1A2Zw
GRxUeVYb8lPbai1yblfF25qpr/vVwDIisYN5Lf6LlkXNxHuiNazEvyAADEDwT/Xr
r0N0gWl2hQTSsCBEkhBwmhuVn1Vj1og6oYnGRAmPwUvTB03DN0BBCZuJOUFXLNGu
MbrmIkfssjy5RYzKMfkxMoyqIOjQr4OY8s2gtnFuXUJR75Ll5mg5cCUrzAlUNiQg
y17rkNhf72LU5jQk6xnDuez10kha+QvUwgyJ5q+dyf+AU5jFTpQxGckzFhcOBFOT
UFCGeBUFCbK+oMzf5UnEglKfJI//AVQMMRHGoiNHAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUrHNSdaaEnDdPjfIb5dqnxif8v+cwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2VjNjJhOGIyLThhOGEtNGE2NC1iZjQxLTRjMWU1ODY1NzkyYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwQDQDANBgkqhkiG9w0BAQsFAAOCAQEAHPFiO3UjDXMKE7lXg43d18lMRdoJ
yRcW9EG4kQyqFdlxZkVfzVyIa0XmB/RS4Byes/0U7wblPi1jOwABhLXxEBcYzy9O
29lRN0o2tHLBrXNh68vPrQh1OtFMnGAp34TN635891kJ3KF/QhEI84XaxLY4qegd
NTCQeqhls+Ml5L9WWMEDdJFsLdWmtMaH1xcjDJuolbli+6Ga8hrUZ96SD3Yi0GT0
4h6DjHkadHjWNWLXWqD2c+JuZFVzfcaRgaW96acdKP8XOxfop4guhze+INSe5zfo
1sC2AeA3Worn6+TSvptzylPJ28dieb4e7oQxM5GWQCLauAN1mHbnkfHHig==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:39:05 2025 by rpki-client