Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/362fa30f-4cd9-4d08-aed8-a19b523ee730.roa
File:                     362fa30f-4cd9-4d08-aed8-a19b523ee730.roa (raw, json)
Hash identifier:          KkptMWYdULROJTa2Z92yDlHREwQn2TZTdqj7yoe6cXk=
Subject key identifier:   FA:4A:29:61:9E:FA:FA:95:2C:A6:60:4A:58:57:E0:5F:A1:FE:8F:56
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       02BC5B4596C249E7A49D8EDF81C9A34F4353B136
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/362fa30f-4cd9-4d08-aed8-a19b523ee730.roa
Signing time:             Sat 18 Oct 2025 10:10:09 +0000
ROA not before:           Sat 18 Oct 2025 10:10:09 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.160.224.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:bc:5b:45:96:c2:49:e7:a4:9d:8e:df:81:c9:a3:4f:43:53:b1:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 18 10:10:09 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=5ff2fe70fabb7b7151a41d667ddd231d6d2e04c6186b0373172d3958b38ef64d, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:d9:4e:09:6b:54:f0:7b:eb:25:21:eb:1a:9c:
                    2d:a4:1e:da:a1:75:6d:fc:7b:ad:d2:69:ae:6f:97:
                    a3:24:59:a5:07:9a:95:72:74:9c:71:9e:ee:59:79:
                    14:e5:29:c2:97:20:e5:f3:67:25:7f:de:39:b3:b8:
                    cf:21:0a:6f:ff:61:52:bb:57:4c:d2:41:91:fb:0e:
                    e3:45:3e:f0:b7:95:6e:c3:8c:82:2c:24:48:0a:97:
                    97:47:39:e0:88:8e:55:48:50:31:f3:44:85:90:28:
                    d9:63:ce:e9:40:dd:d3:f9:f6:99:84:b8:85:7c:e1:
                    28:4e:e7:6e:23:e2:74:fc:d1:ad:7c:fd:b6:49:92:
                    9e:48:ba:c1:59:ea:f5:19:4d:01:59:cc:c3:76:d6:
                    c8:47:b5:6a:b4:66:d7:fb:97:70:8d:02:59:f9:0d:
                    52:d7:49:ef:63:fa:13:21:b9:23:28:7e:43:db:d9:
                    f7:30:83:ef:91:2b:29:30:1e:2c:f8:96:64:99:6c:
                    f2:7a:e9:be:10:3e:77:b5:c3:f3:34:c1:36:86:96:
                    9a:90:bf:35:67:dd:b0:e9:a2:eb:b1:88:f2:ba:99:
                    f1:fe:23:b2:45:c2:21:ca:82:42:53:6f:4f:ec:fd:
                    d2:5d:13:31:fd:32:c1:3f:55:3b:a0:ce:36:f8:c8:
                    95:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:4A:29:61:9E:FA:FA:95:2C:A6:60:4A:58:57:E0:5F:A1:FE:8F:56
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/362fa30f-4cd9-4d08-aed8-a19b523ee730.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.160.224.0/21

    Signature Algorithm: sha256WithRSAEncryption
         80:c7:91:e9:76:2c:8e:e3:6b:84:a0:e8:00:d1:21:40:a9:ab:
         f3:4a:51:49:d3:4a:fd:b0:cd:c5:15:66:ea:24:29:4a:93:16:
         78:55:9b:39:4b:c3:80:ae:b1:03:bd:ec:56:3b:50:04:23:95:
         e7:1b:5a:84:66:8e:2b:ee:56:c0:8d:18:93:42:0f:c8:b4:7a:
         1b:bc:a5:e6:33:1b:d1:81:f1:95:aa:04:bd:4d:f4:23:3b:e8:
         e6:77:23:cb:a1:84:bd:c7:4d:15:38:3f:7d:d0:ba:29:d7:34:
         02:73:22:5b:45:68:bf:58:38:2a:b1:80:25:78:42:ab:39:9c:
         0d:ae:01:55:39:03:fa:c3:bd:5a:ed:d7:64:5e:7b:d0:ef:c2:
         9e:a2:33:8b:6f:66:29:eb:80:f2:fe:9c:93:8e:28:54:4d:3b:
         21:81:a9:b9:d9:c3:3f:d8:53:6b:55:6f:4e:b9:99:dc:0a:a2:
         73:de:9c:b8:c2:7d:30:ee:c8:8a:5e:64:a4:51:28:3e:d6:5c:
         03:35:98:d4:40:d3:ce:0e:4a:0f:fb:66:6f:d3:4b:31:a9:cc:
         da:87:8b:1e:ce:75:b9:1f:03:26:24:03:a0:71:4c:64:9e:3b:
         d5:79:ef:12:75:d5:10:04:b5:ee:9a:0e:38:b1:b2:a0:b4:2c:
         e5:9f:86:2c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUArxbRZbCSeeknY7fgcmjT0NTsTYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE4MTAxMDA5WhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZmYyZmU3MGZhYmI3YjcxNTFhNDFkNjY3ZGRkMjMxZDZk
MmUwNGM2MTg2YjAzNzMxNzJkMzk1OGIzOGVmNjRkMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCk2U4Ja1Twe+slIesanC2kHtqhdW38e63Saa5vl6MkWaUH
mpVydJxxnu5ZeRTlKcKXIOXzZyV/3jmzuM8hCm//YVK7V0zSQZH7DuNFPvC3lW7D
jIIsJEgKl5dHOeCIjlVIUDHzRIWQKNljzulA3dP59pmEuIV84ShO524j4nT80a18
/bZJkp5IusFZ6vUZTQFZzMN21shHtWq0Ztf7l3CNAln5DVLXSe9j+hMhuSMofkPb
2fcwg++RKykwHiz4lmSZbPJ66b4QPne1w/M0wTaGlpqQvzVn3bDpouuxiPK6mfH+
I7JFwiHKgkJTb0/s/dJdEzH9MsE/VTugzjb4yJVlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU+kopYZ76+pUspmBKWFfgX6H+j1YwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzM2MmZhMzBmLTRjZDktNGQwOC1hZWQ4LWExOWI1MjNlZTczMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMSoOAwDQYJKoZIhvcNAQELBQADggEBAIDHkel2LI7ja4Sg6ADRIUCpq/NK
UUnTSv2wzcUVZuokKUqTFnhVmzlLw4CusQO97FY7UAQjlecbWoRmjivuVsCNGJNC
D8i0ehu8peYzG9GB8ZWqBL1N9CM76OZ3I8uhhL3HTRU4P33QuinXNAJzIltFaL9Y
OCqxgCV4Qqs5nA2uAVU5A/rDvVrt12Ree9Dvwp6iM4tvZinrgPL+nJOOKFRNOyGB
qbnZwz/YU2tVb065mdwKonPenLjCfTDuyIpeZKRRKD7WXAM1mNRA084OSg/7Zm/T
SzGpzNqHix7OdbkfAyYkA6BxTGSeO9V57xJ11RAEte6aDjixsqC0LOWfhiw=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:21:17 2025 by rpki-client