Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/c964bb16-b590-4c0c-89eb-29a939e70a6d.roa
File:                     c964bb16-b590-4c0c-89eb-29a939e70a6d.roa (raw, json)
Hash identifier:          ngGduhY/rIdSJb+YVPPh4jBMbL8uIN+zC9BkXHusRfs=
Subject key identifier:   FB:A3:74:16:76:59:D2:BC:40:A1:AD:C8:50:95:15:EF:5A:5E:A2:BF
Certificate issuer:       /CN=a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3
Certificate serial:       0A341F90FE45762911995C1893DCB78CCF6FC07F
Authority key identifier: 91:2D:C6:0D:D7:64:29:82:BC:AE:7F:81:FE:3C:4C:12:72:80:22:1F
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/7188ac24-09cc-4f20-9dbd-cd9005d2797e/a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/c964bb16-b590-4c0c-89eb-29a939e70a6d.roa
Signing time:             Fri 26 Sep 2025 00:50:15 +0000
ROA not before:           Fri 26 Sep 2025 00:50:15 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        50.112.16.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/YtvdNIMmh2ulZ1PLmbRkzEVTJLM.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/YtvdNIMmh2ulZ1PLmbRkzEVTJLM.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/7188ac24-09cc-4f20-9dbd-cd9005d2797e/a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/7188ac24-09cc-4f20-9dbd-cd9005d2797e/7188ac24-09cc-4f20-9dbd-cd9005d2797e.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/7188ac24-09cc-4f20-9dbd-cd9005d2797e/7188ac24-09cc-4f20-9dbd-cd9005d2797e.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/7188ac24-09cc-4f20-9dbd-cd9005d2797e.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 22 Oct 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:34:1f:90:fe:45:76:29:11:99:5c:18:93:dc:b7:8c:cf:6f:c0:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3
        Validity
            Not Before: Sep 26 00:50:15 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=133444858f942ae4a0dd5c010ad3241c27af0a59743ed11d12189d41f49a4aed, CN=ddfbc97c-7bed-40df-95ca-e664b29d7b27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:e2:96:8d:50:1e:e0:eb:23:99:0c:1f:e9:99:
                    51:d4:b9:0e:cd:9c:94:85:a4:60:b5:ff:39:0c:0c:
                    05:73:10:7b:1a:e9:60:34:38:2d:69:ab:b8:86:7b:
                    62:5e:36:59:94:06:9e:1b:f1:c6:55:21:01:dd:e9:
                    6d:8c:eb:c4:c0:0a:2e:f5:ac:39:bd:d2:c0:70:fb:
                    80:a3:e1:33:67:17:7d:7f:3b:ee:9a:21:04:51:69:
                    cc:e4:03:a3:9e:f4:a9:02:ba:7c:b2:a9:92:65:a2:
                    03:44:b6:ef:21:03:34:fe:6a:83:54:a7:ad:c4:e7:
                    05:d1:13:9c:9b:bf:5a:0b:db:aa:c3:18:06:09:af:
                    73:fd:a0:1f:6f:07:27:aa:ed:0d:21:fa:44:b8:e4:
                    b0:28:24:13:ed:93:0b:5c:b0:79:16:74:d1:0e:33:
                    1a:b0:e8:20:2a:58:17:e2:22:d7:19:cf:f6:50:f0:
                    86:e3:28:0b:4e:28:b0:9c:12:75:34:a5:e7:c9:25:
                    29:e0:57:52:3b:ea:ea:03:c1:73:08:26:05:69:cb:
                    15:a4:44:b5:73:61:fb:5e:33:94:29:af:38:48:84:
                    8f:57:ea:a8:db:cb:7d:c8:6b:cb:32:88:8d:37:af:
                    35:4f:5b:2a:68:db:51:08:f8:04:22:c6:ae:c4:b9:
                    8f:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:A3:74:16:76:59:D2:BC:40:A1:AD:C8:50:95:15:EF:5A:5E:A2:BF
            X509v3 Authority Key Identifier:
                keyid:91:2D:C6:0D:D7:64:29:82:BC:AE:7F:81:FE:3C:4C:12:72:80:22:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/7188ac24-09cc-4f20-9dbd-cd9005d2797e/a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/c964bb16-b590-4c0c-89eb-29a939e70a6d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/YtvdNIMmh2ulZ1PLmbRkzEVTJLM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.112.16.0/20

    Signature Algorithm: sha256WithRSAEncryption
         71:f1:09:c8:d3:da:ef:4b:b7:63:d1:0c:5a:e1:7f:b8:d4:8e:
         c0:24:31:e1:46:08:ab:ee:05:11:80:49:bb:aa:04:d1:9d:6d:
         68:16:94:3d:14:29:40:9d:2a:5b:13:6c:81:7a:50:99:d3:23:
         c8:f3:79:51:4c:74:ab:12:24:82:ad:bf:2e:b4:79:3f:6e:32:
         e1:32:2a:da:49:c1:10:1a:52:bc:5b:ba:20:26:b5:6a:00:f2:
         c8:75:ad:f7:9c:61:2b:95:a7:42:1a:25:9b:5a:e3:3e:b4:87:
         51:07:db:fd:6e:2e:74:38:17:d4:c2:a1:60:2d:9d:b7:2d:74:
         1c:1a:c2:d3:16:a5:76:09:be:6b:b0:7b:72:99:da:32:b5:d2:
         de:d6:dc:3f:6e:5b:b3:ba:c7:38:69:14:56:1f:65:8d:72:17:
         2e:33:fd:ae:11:95:f0:37:d8:28:bf:16:5e:bc:7a:fd:3b:ed:
         25:89:d0:db:2f:78:a0:45:f1:35:03:78:1a:ca:64:e0:94:79:
         4e:3f:65:39:52:04:3f:4a:36:e6:7e:26:3d:8b:53:23:b9:d1:
         82:32:d8:67:74:30:51:d4:a2:ee:10:28:bb:ca:22:dd:be:db:
         56:fb:31:9c:11:62:22:32:9d:ee:cf:b1:50:ca:51:b4:75:9e:
         52:63:00:5f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCjQfkP5FdikRmVwYk9y3jM9vwH8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYTE1ZDhhYTEwZDYyZGJkZDM0ODMyNjg3NmJhNTY3NTNj
Yjk5YjQ2NGNjNDU1MzI0YjMwHhcNMjUwOTI2MDA1MDE1WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AxMzM0NDQ4NThmOTQyYWU0YTBkZDVjMDEwYWQzMjQxYzI3
YWYwYTU5NzQzZWQxMWQxMjE4OWQ0MWY0OWE0YWVkMS0wKwYDVQQDEyRkZGZiYzk3
Yy03YmVkLTQwZGYtOTVjYS1lNjY0YjI5ZDdiMjcwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDF4paNUB7g6yOZDB/pmVHUuQ7NnJSFpGC1/zkMDAVzEHsa
6WA0OC1pq7iGe2JeNlmUBp4b8cZVIQHd6W2M68TACi71rDm90sBw+4Cj4TNnF31/
O+6aIQRRaczkA6Oe9KkCunyyqZJlogNEtu8hAzT+aoNUp63E5wXRE5ybv1oL26rD
GAYJr3P9oB9vByeq7Q0h+kS45LAoJBPtkwtcsHkWdNEOMxqw6CAqWBfiItcZz/ZQ
8IbjKAtOKLCcEnU0pefJJSngV1I76uoDwXMIJgVpyxWkRLVzYfteM5QprzhIhI9X
6qjby33Ia8syiI03rzVPWypo21EI+AQixq7EuY+RAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU+6N0FnZZ0rxAoa3IUJUV71peor8wHwYDVR0jBBgwFoAUkS3GDddkKYK8
rn+B/jxMEnKAIh8wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi83MTg4YWMyNC0w
OWNjLTRmMjAtOWRiZC1jZDkwMDVkMjc5N2UvYTE1ZDhhYTEwZDYyZGJkZDM0ODMy
Njg3NmJhNTY3NTNjYjk5YjQ2NGNjNDU1MzI0YjMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNjAyYTI2ZTUtNGE5ZS00ZTVlLTg5ZjAtZWY4
OTE0OTBkOWM5L2M5NjRiYjE2LWI1OTAtNGMwYy04OWViLTI5YTkzOWU3MGE2ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzYwMmEyNmU1LTRhOWUtNGU1ZS04OWYw
LWVmODkxNDkwZDljOS9ZdHZkTklNbWgydWxaMVBMbWJSa3pFVlRKTE0uY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQycBAwDQYJKoZIhvcNAQELBQADggEBAHHxCcjT2u9Lt2PRDFrhf7jUjsAk
MeFGCKvuBRGASbuqBNGdbWgWlD0UKUCdKlsTbIF6UJnTI8jzeVFMdKsSJIKtvy60
eT9uMuEyKtpJwRAaUrxbuiAmtWoA8sh1rfecYSuVp0IaJZta4z60h1EH2/1uLnQ4
F9TCoWAtnbctdBwawtMWpXYJvmuwe3KZ2jK10t7W3D9uW7O6xzhpFFYfZY1yFy4z
/a4RlfA32Ci/Fl68ev077SWJ0NsveKBF8TUDeBrKZOCUeU4/ZTlSBD9KNuZ+Jj2L
UyO50YIy2Gd0MFHUou4QKLvKIt2+21b7MZwRYiIyne7PsVDKUbR1nlJjAF8=
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:41:13 2025 by rpki-client