Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/192e98a6-e3d8-46af-9a2f-dfc1a6dc5004.roa
File:                     192e98a6-e3d8-46af-9a2f-dfc1a6dc5004.roa (raw, json)
Hash identifier:          S44A2q+qQIEs+fPI0PhHJlz5nmGPhdypiP26rBb8uBQ=
Subject key identifier:   05:8C:5A:D8:A2:CB:E2:08:83:68:50:91:D8:8E:42:32:B5:22:1D:EC
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       77238A8AEF49AC7AE24B8D6CA66606B10233DCCD
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/192e98a6-e3d8-46af-9a2f-dfc1a6dc5004.roa
Signing time:             Fri 10 Oct 2025 15:47:08 +0000
ROA not before:           Fri 10 Oct 2025 15:47:08 +0000
ROA not after:            Fri 14 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        35.168.0.0/13 maxlen: 13
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:23:8a:8a:ef:49:ac:7a:e2:4b:8d:6c:a6:66:06:b1:02:33:dc:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 10 15:47:08 2025 GMT
            Not After : Nov 14 23:59:59 2025 GMT
        Subject: serialNumber=ca63067870a8365f606b316fa626980875ca4c4a6edb4966ce5399b7b1da7921, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:e3:15:1d:26:d9:21:ae:4e:6a:b4:2e:b9:5b:
                    77:e4:81:60:a9:c2:d7:23:3c:38:92:46:0f:a0:f5:
                    2f:0c:a0:c1:57:34:23:e1:09:a1:43:13:2a:93:59:
                    87:8d:a2:c0:00:fe:93:21:d0:ff:a9:9f:7b:9c:71:
                    5c:1e:f0:22:b1:11:73:39:0d:2d:a0:f8:b0:67:f4:
                    8d:75:56:4f:e0:9c:03:21:3a:98:be:a0:57:8b:7e:
                    7c:a8:f1:19:5b:fa:2e:14:a4:0a:92:e6:07:24:8e:
                    9d:ea:73:44:e3:5d:a7:85:c5:a7:d7:cf:80:91:d1:
                    32:04:d3:f7:bc:38:6f:b2:ba:f1:9a:ca:6a:32:ec:
                    e1:99:1d:7f:1c:b6:99:39:57:e2:2a:f8:6e:59:06:
                    8f:f8:ac:a7:49:83:75:20:ed:e8:84:1e:aa:f4:c7:
                    d8:ec:49:ee:a4:66:e0:c0:f9:f0:a6:6f:d8:27:21:
                    3c:18:84:4c:18:2b:39:a0:49:58:55:3d:00:5a:34:
                    ab:a6:1f:2a:ad:9e:02:2d:94:60:a8:0a:d6:be:88:
                    61:8c:fd:01:58:a9:32:72:33:f7:a1:35:88:06:ab:
                    3e:2b:93:50:73:26:d4:bf:f9:a9:20:da:60:37:ad:
                    24:0f:31:46:4d:33:c1:5c:4b:c9:5a:88:47:b1:d5:
                    56:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:8C:5A:D8:A2:CB:E2:08:83:68:50:91:D8:8E:42:32:B5:22:1D:EC
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/192e98a6-e3d8-46af-9a2f-dfc1a6dc5004.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.168.0.0/13

    Signature Algorithm: sha256WithRSAEncryption
         94:1d:86:d8:cf:6e:69:f5:36:a6:50:28:5b:1a:b7:4c:0e:c5:
         a0:3d:9e:4b:8a:e0:2a:07:f0:b0:71:28:c0:6f:56:ea:37:45:
         ce:1d:24:a7:af:7b:92:8f:48:bb:58:9d:96:34:1e:ef:c3:47:
         e4:0d:4d:fe:57:bf:a2:18:c2:7a:33:f1:17:7b:68:87:6c:0f:
         9d:50:11:78:06:85:e8:a8:15:9f:fa:be:22:3d:41:63:a4:d4:
         e1:3f:95:89:cf:7e:6e:ce:ce:f8:b7:55:74:54:f9:e4:e8:4b:
         ac:e6:57:60:cc:6c:c8:b5:fa:22:d1:9e:e3:93:cb:b6:98:9d:
         90:7b:10:79:43:be:83:66:d9:1a:ff:9b:d6:06:0e:9f:a1:85:
         aa:00:5b:08:25:d4:ad:d1:05:27:ef:39:e6:d6:d7:63:2c:d1:
         27:b3:f5:ad:d2:e9:56:03:6a:9f:2c:8a:bd:97:1c:fd:36:49:
         b7:bc:bb:24:f4:ca:ca:9d:b4:71:0b:9e:22:0a:c1:15:18:95:
         4a:90:e4:35:a8:35:6e:6c:55:06:4b:38:1a:af:a1:f4:e1:19:
         df:75:65:cd:a1:84:f6:aa:e8:ed:3f:f4:67:c5:ec:80:33:2e:
         78:95:9d:98:7a:a0:55:ae:82:b3:b4:0c:00:4f:20:2a:0f:53:
         e1:a5:5a:b2
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdyOKiu9JrHriS41spmYGsQIz3M0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDEwMTU0NzA4WhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BjYTYzMDY3ODcwYTgzNjVmNjA2YjMxNmZhNjI2OTgwODc1
Y2E0YzRhNmVkYjQ5NjZjZTUzOTliN2IxZGE3OTIxMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC34xUdJtkhrk5qtC65W3fkgWCpwtcjPDiSRg+g9S8MoMFX
NCPhCaFDEyqTWYeNosAA/pMh0P+pn3uccVwe8CKxEXM5DS2g+LBn9I11Vk/gnAMh
Opi+oFeLfnyo8Rlb+i4UpAqS5gckjp3qc0TjXaeFxafXz4CR0TIE0/e8OG+yuvGa
ymoy7OGZHX8ctpk5V+Iq+G5ZBo/4rKdJg3Ug7eiEHqr0x9jsSe6kZuDA+fCmb9gn
ITwYhEwYKzmgSVhVPQBaNKumHyqtngItlGCoCta+iGGM/QFYqTJyM/ehNYgGqz4r
k1BzJtS/+akg2mA3rSQPMUZNM8FcS8laiEex1VZRAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUBYxa2KLL4giDaFCR2I5CMrUiHewwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzE5MmU5OGE2LWUzZDgtNDZhZi05YTJmLWRmYzFhNmRjNTAwNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwMjqDANBgkqhkiG9w0BAQsFAAOCAQEAlB2G2M9uafU2plAoWxq3TA7FoD2e
S4rgKgfwsHEowG9W6jdFzh0kp697ko9Iu1idljQe78NH5A1N/le/ohjCejPxF3to
h2wPnVAReAaF6KgVn/q+Ij1BY6TU4T+Vic9+bs7O+LdVdFT55OhLrOZXYMxsyLX6
ItGe45PLtpidkHsQeUO+g2bZGv+b1gYOn6GFqgBbCCXUrdEFJ+855tbXYyzRJ7P1
rdLpVgNqnyyKvZcc/TZJt7y7JPTKyp20cQueIgrBFRiVSpDkNag1bmxVBks4Gq+h
9OEZ33VlzaGE9qro7T/0Z8XsgDMueJWdmHqgVa6Cs7QMAE8gKg9T4aVasg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:41:10 2025 by rpki-client