Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/49028cf9-91c4-458b-9506-a4c097c758a6.roa
File:                     49028cf9-91c4-458b-9506-a4c097c758a6.roa (raw, json)
Hash identifier:          dMsfgUcJGdoRcrbZ9uRek/V1zaRW4jVQuZFNZGc2NRw=
Subject key identifier:   FC:04:47:C6:D2:22:97:4E:11:43:E0:E0:7A:19:01:BE:3E:6C:53:41
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       425CC331170F089CAA2DE272AE797C3FBBA9751C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/49028cf9-91c4-458b-9506-a4c097c758a6.roa
Signing time:             Sun 19 Oct 2025 13:56:55 +0000
ROA not before:           Sun 19 Oct 2025 13:56:55 +0000
ROA not after:            Sun 23 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.32.248.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:5c:c3:31:17:0f:08:9c:aa:2d:e2:72:ae:79:7c:3f:bb:a9:75:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 19 13:56:55 2025 GMT
            Not After : Nov 23 23:59:59 2025 GMT
        Subject: serialNumber=33745efb017fd1720fc687599aba70a83833e379dc1c61b9a27f87200dea8e07, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:b7:51:af:fc:5c:cd:74:bb:a3:61:87:2e:a0:
                    c1:e4:af:7c:6f:31:c5:19:a1:31:ed:c7:82:fd:97:
                    06:40:f1:bb:06:31:b6:29:d5:fd:b4:4f:7d:53:0f:
                    50:f3:eb:36:1d:32:1a:f3:91:ef:3c:76:d5:1c:29:
                    ba:22:20:b2:7a:3c:a1:f0:4a:2e:a4:12:01:a3:46:
                    ab:31:24:b6:fb:9f:97:52:a5:4b:46:0b:f6:ee:09:
                    cc:74:af:0e:8b:9f:03:7f:ec:dc:7e:40:32:9f:b0:
                    60:7e:49:87:40:88:48:71:bb:ce:b4:17:96:db:03:
                    02:ce:58:fd:a4:ce:6d:c7:23:be:69:d8:95:9f:69:
                    73:d1:d9:37:7d:04:80:97:1b:27:08:1a:8a:80:2a:
                    37:2d:ef:f5:0f:19:ab:85:dc:0c:27:a5:5f:23:40:
                    c6:a6:cb:ce:a8:9c:37:2c:62:10:ad:3e:90:d0:46:
                    aa:35:e7:1f:51:00:1a:01:1e:6f:16:6d:bc:b0:18:
                    2f:23:4c:3f:17:cf:08:1c:2f:1b:6a:ab:b5:3f:54:
                    3d:0f:9a:bd:43:bc:07:e2:dc:80:fa:ab:55:e7:ef:
                    b5:4d:c2:74:89:e5:de:64:ac:a3:29:91:cd:e0:5e:
                    3a:1a:3b:20:6c:ff:5b:10:fd:02:66:aa:0a:96:ba:
                    7a:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:04:47:C6:D2:22:97:4E:11:43:E0:E0:7A:19:01:BE:3E:6C:53:41
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/49028cf9-91c4-458b-9506-a4c097c758a6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.32.248.0/21

    Signature Algorithm: sha256WithRSAEncryption
         3f:54:20:4f:98:17:50:c3:1e:b3:1c:1b:51:07:2b:0e:74:27:
         a7:33:c8:65:36:55:ac:7e:9d:fa:59:39:ab:d4:a5:fd:83:b7:
         b4:4a:39:2f:aa:dd:f9:bc:14:df:ef:15:44:59:5b:3a:08:3c:
         0c:f9:8e:be:c5:e3:3b:12:2b:6a:1f:42:84:55:13:76:63:8c:
         b2:a4:40:67:52:9d:28:35:6f:b5:2b:fc:9d:c5:fc:52:22:b7:
         d7:2c:79:e9:0c:1d:e7:b7:d7:52:21:31:a9:3f:6f:e5:1e:a5:
         a6:f3:5e:52:2c:17:42:8d:3d:7c:6d:d2:52:e9:51:ef:d9:18:
         c3:78:1c:bc:95:13:63:d1:b8:2a:0a:c9:b1:63:4f:dc:8a:67:
         25:eb:ef:30:9b:eb:9d:3c:10:27:62:3c:60:15:c8:8d:99:2f:
         11:21:75:10:ab:a4:28:22:d4:9d:a7:a7:08:1f:79:da:9f:1e:
         23:6c:2a:63:3e:4e:d8:c3:70:87:96:52:bc:83:0b:ae:8a:cc:
         96:6d:80:8e:1f:de:82:c3:82:bf:dd:c0:da:da:73:2a:de:a8:
         2d:8f:29:f2:d4:c3:8f:22:ef:ab:77:4c:a5:a9:89:bf:43:11:
         d4:5d:7f:3d:6b:91:b9:7a:2a:5b:73:40:e7:14:46:d0:1b:2f:
         31:35:1a:9c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQlzDMRcPCJyqLeJyrnl8P7updRwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE5MTM1NjU1WhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AzMzc0NWVmYjAxN2ZkMTcyMGZjNjg3NTk5YWJhNzBhODM4
MzNlMzc5ZGMxYzYxYjlhMjdmODcyMDBkZWE4ZTA3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCut1Gv/FzNdLujYYcuoMHkr3xvMcUZoTHtx4L9lwZA8bsG
MbYp1f20T31TD1Dz6zYdMhrzke88dtUcKboiILJ6PKHwSi6kEgGjRqsxJLb7n5dS
pUtGC/buCcx0rw6LnwN/7Nx+QDKfsGB+SYdAiEhxu860F5bbAwLOWP2kzm3HI75p
2JWfaXPR2Td9BICXGycIGoqAKjct7/UPGauF3AwnpV8jQMamy86onDcsYhCtPpDQ
Rqo15x9RABoBHm8WbbywGC8jTD8XzwgcLxtqq7U/VD0Pmr1DvAfi3ID6q1Xn77VN
wnSJ5d5krKMpkc3gXjoaOyBs/1sQ/QJmqgqWunpJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU/ARHxtIil04RQ+DgehkBvj5sU0EwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzQ5MDI4Y2Y5LTkxYzQtNDU4Yi05NTA2LWE0YzA5N2M3NThhNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMNIPgwDQYJKoZIhvcNAQELBQADggEBAD9UIE+YF1DDHrMcG1EHKw50J6cz
yGU2Vax+nfpZOavUpf2Dt7RKOS+q3fm8FN/vFURZWzoIPAz5jr7F4zsSK2ofQoRV
E3ZjjLKkQGdSnSg1b7Ur/J3F/FIit9cseekMHee311IhMak/b+UepabzXlIsF0KN
PXxt0lLpUe/ZGMN4HLyVE2PRuCoKybFjT9yKZyXr7zCb6508ECdiPGAVyI2ZLxEh
dRCrpCgi1J2npwgfedqfHiNsKmM+TtjDcIeWUryDC66KzJZtgI4f3oLDgr/dwNra
cyreqC2PKfLUw48i76t3TKWpib9DEdRdfz1rkbl6KltzQOcURtAbLzE1Gpw=
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:05:03 2025 by rpki-client