Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/50415353-8a15-4c03-83bc-902be86747ed.roa
File:                     50415353-8a15-4c03-83bc-902be86747ed.roa (raw, json)
Hash identifier:          TjAnAcY1kxgZ0AhTNzgzM+v4+1qOT4UNNdAefDKTSKs=
Subject key identifier:   28:F2:27:29:DE:35:81:D0:7E:06:46:AB:FA:1D:F9:71:69:7C:F0:61
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5D7D420BAABD1B3E0447C999DF5B86B82FE05A
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/50415353-8a15-4c03-83bc-902be86747ed.roa
Signing time:             Sat 18 Oct 2025 23:43:25 +0000
ROA not before:           Sat 18 Oct 2025 23:43:25 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.244.236.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:7d:42:0b:aa:bd:1b:3e:04:47:c9:99:df:5b:86:b8:2f:e0:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 18 23:43:25 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=3d74511cf7340aaf2d82b0ee0f78e7be81a02ac5b61c6cc296241ffd4bfbd2d5, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:3e:2e:05:f3:cd:77:56:ed:27:96:9a:9a:76:
                    62:4f:be:14:0c:e3:51:26:e0:f9:97:19:d5:56:fe:
                    a8:5c:77:a8:b7:0a:bb:33:9b:11:b7:d5:ef:4f:fd:
                    f4:71:7d:1b:a6:16:c6:72:a3:bf:cf:20:8f:ee:01:
                    fa:80:44:30:d8:72:8f:c5:d8:41:5f:1d:84:29:9d:
                    5c:8c:6c:3a:7b:0f:6a:c4:26:d2:da:ea:05:19:a0:
                    5b:ea:c4:62:d4:4f:cf:5b:1b:bb:c8:3e:4d:b0:53:
                    16:eb:cc:0a:f1:c7:5f:3e:69:f8:98:ee:d0:52:48:
                    9f:29:5a:31:f8:d1:c9:fa:6c:0d:c0:58:f9:b1:27:
                    ee:68:f9:52:eb:14:ca:14:95:f8:aa:dc:eb:fb:e6:
                    cc:6b:2b:3e:2b:3f:3f:42:36:c2:89:06:5b:be:50:
                    d4:74:b5:84:44:e6:0b:cf:fc:59:30:ba:26:24:26:
                    56:ce:e9:5d:6f:6b:0d:8b:99:65:d3:a1:f9:7a:24:
                    23:42:f1:76:38:34:11:35:bd:46:40:c8:90:90:87:
                    45:21:1d:ea:ff:a2:08:be:aa:91:f6:d8:3a:76:5b:
                    e6:c3:ec:35:8e:34:8d:11:c4:59:95:9f:8d:53:af:
                    73:b1:1e:85:6b:63:6e:ce:47:63:c9:b7:df:db:dc:
                    6a:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:F2:27:29:DE:35:81:D0:7E:06:46:AB:FA:1D:F9:71:69:7C:F0:61
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/50415353-8a15-4c03-83bc-902be86747ed.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.244.236.0/23

    Signature Algorithm: sha256WithRSAEncryption
         24:f0:cc:09:66:4e:1a:3c:cb:a7:1f:7c:ff:52:92:68:d8:93:
         34:87:d1:47:28:80:4d:cd:b3:3e:d6:c9:40:a7:2e:05:29:ef:
         5f:81:de:bc:f3:80:c8:94:8b:b4:f2:12:4b:2e:34:25:26:92:
         9d:6b:78:56:3f:fb:7c:77:16:eb:da:25:ca:43:6a:f4:9e:02:
         f1:6b:18:85:6c:58:8a:43:71:96:08:c2:4f:46:60:aa:53:64:
         e3:6f:af:1f:d2:88:79:eb:28:3e:a9:4f:19:b3:49:00:1b:b3:
         f3:e8:47:49:fe:f8:66:17:3f:ba:89:30:28:9d:2b:68:1e:c5:
         f1:68:57:b3:39:7e:b8:45:00:25:50:d4:9c:08:26:71:a2:98:
         94:42:db:c1:fb:f1:9b:7e:0b:f7:ce:bd:f1:fa:f6:26:51:ff:
         64:ef:9b:e0:da:b0:1d:f7:4f:c4:17:81:94:05:8d:09:c2:b1:
         71:1c:2e:42:ef:a8:92:ce:60:23:c2:c1:cb:82:0f:26:a2:d5:
         b8:87:07:8e:ec:33:cf:85:3b:ad:53:76:e3:26:04:0c:60:56:
         22:52:02:17:e6:cc:94:41:0d:17:e4:d0:89:0d:d1:49:9b:6c:
         c2:6c:b0:35:bb:ef:39:f9:27:4b:eb:71:b8:7f:e0:66:7c:5e:
         01:8a:f1:a4
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITXX1CC6q9Gz4ER8mZ31uGuC/gWjANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzJkZjZmM2IzYTM0YjYzODZkMWEzMmQ4ZjRmYTMxNzhlZjMx
ODg3ZDhiNDI4ZGZhYTQ3NjAeFw0yNTEwMTgyMzQzMjVaFw0yNTExMjIyMzU5NTla
MHoxSTBHBgNVBAUTQDNkNzQ1MTFjZjczNDBhYWYyZDgyYjBlZTBmNzhlN2JlODFh
MDJhYzViNjFjNmNjMjk2MjQxZmZkNGJmYmQyZDUxLTArBgNVBAMTJDVmMjc2MDQ1
LTViOWYtNDVlZi05MjNkLWYzZmNlMjRhNjIyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMw+LgXzzXdW7SeWmpp2Yk++FAzjUSbg+ZcZ1Vb+qFx3qLcK
uzObEbfV70/99HF9G6YWxnKjv88gj+4B+oBEMNhyj8XYQV8dhCmdXIxsOnsPasQm
0trqBRmgW+rEYtRPz1sbu8g+TbBTFuvMCvHHXz5p+Jju0FJInylaMfjRyfpsDcBY
+bEn7mj5UusUyhSV+Krc6/vmzGsrPis/P0I2wokGW75Q1HS1hETmC8/8WTC6JiQm
Vs7pXW9rDYuZZdOh+XokI0Lxdjg0ETW9RkDIkJCHRSEd6v+iCL6qkfbYOnZb5sPs
NY40jRHEWZWfjVOvc7EehWtjbs5HY8m339vcaq0CAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBQo8icp3jWB0H4GRqv6HflxaXzwYTAfBgNVHSMEGDAWgBQlrdNCsB63pY6t
GZAmiLVLP4H0uDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzg1MWNlZjE3LTEz
MmEtNDMzNy1iN2QxLWJmMTZhNTJmZmQwMy9kZjZmM2IzYTM0YjYzODZkMWEzMmQ4
ZjRmYTMxNzhlZjMxODg3ZDhiNDI4ZGZhYTQ3Ni5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9mNzAzNjk2ZS1lNDdiLTRjMjAtYmQ5My02Zjgw
OTA0ZTQyZDIvNTA0MTUzNTMtOGExNS00YzAzLTgzYmMtOTAyYmU4Njc0N2VkLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMt
NmY4MDkwNGU0MmQyL3RqaHRHakxZOVBveGVPOHhpSDJMUW8zNnBIWS5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEARL07DANBgkqhkiG9w0BAQsFAAOCAQEAJPDMCWZOGjzLpx98/1KSaNiTNIfR
RyiATc2zPtbJQKcuBSnvX4HevPOAyJSLtPISSy40JSaSnWt4Vj/7fHcW69olykNq
9J4C8WsYhWxYikNxlgjCT0ZgqlNk42+vH9KIeesoPqlPGbNJABuz8+hHSf74Zhc/
uokwKJ0raB7F8WhXszl+uEUAJVDUnAgmcaKYlELbwfvxm34L98698fr2JlH/ZO+b
4NqwHfdPxBeBlAWNCcKxcRwuQu+oks5gI8LBy4IPJqLVuIcHjuwzz4U7rVN24yYE
DGBWIlICF+bMlEENF+TQiQ3RSZtswmywNbvvOfknS+txuH/gZnxeAYrxpA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:14:02 2025 by rpki-client