Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5375d6aa-6b14-4bf5-b666-aec37e4130eb.roa
File:                     5375d6aa-6b14-4bf5-b666-aec37e4130eb.roa (raw, json)
Hash identifier:          2TCJPw1AVIOvoLAtpwnMKOKuR4iU4AHLVotGDODcgWM=
Subject key identifier:   32:45:42:7A:FB:91:4A:02:60:AB:E9:BC:07:DC:87:E8:AA:FA:9A:25
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       21F69F6CC61399C071D1DF971562F8A3FA65BB4D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5375d6aa-6b14-4bf5-b666-aec37e4130eb.roa
Signing time:             Sat 18 Oct 2025 13:31:31 +0000
ROA not before:           Sat 18 Oct 2025 13:31:31 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.238.167.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:f6:9f:6c:c6:13:99:c0:71:d1:df:97:15:62:f8:a3:fa:65:bb:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 18 13:31:31 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=9310ab7d95e2d7ce2303e0247e60dac95a1543d654746d9d3e85bb658210f4d3, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:63:3e:14:6c:4b:9a:e8:f0:32:03:a3:96:9a:
                    5d:37:d8:3e:16:47:54:bb:0c:a2:f8:eb:fc:f7:76:
                    f2:32:6a:df:91:57:d0:52:09:cd:b7:bc:ed:26:0b:
                    40:dd:8f:67:b8:9f:86:53:50:9e:66:94:15:9b:26:
                    d5:07:65:65:bc:d3:17:ee:b8:e1:2a:4d:a6:f0:12:
                    4c:36:c1:d9:6e:69:e5:6d:31:be:51:25:d1:96:04:
                    c1:3a:28:b8:8c:4f:c8:6a:33:8b:a3:49:9f:ea:13:
                    59:72:3c:b1:48:62:d6:e2:19:ef:55:74:7b:5d:be:
                    69:d5:ae:e1:9a:a0:94:8c:8f:aa:a8:e2:35:48:9f:
                    9d:4e:99:8b:c2:2b:c9:5f:18:f0:ef:0f:a7:56:4f:
                    13:e5:34:fe:2f:94:dd:ac:39:7f:91:71:c9:d4:da:
                    31:46:2a:05:92:ec:3f:71:7a:19:8b:1c:06:0d:d3:
                    92:c9:65:f4:93:a2:af:98:4e:6f:7d:27:5e:4a:e2:
                    fb:a1:2b:21:2c:74:4c:52:96:95:3a:38:67:ee:09:
                    6d:ce:12:11:99:3f:83:65:0e:8b:57:c6:7e:d7:f7:
                    8e:3a:d4:13:74:13:c4:c1:b8:0c:15:eb:42:47:b7:
                    fb:9d:81:fd:2b:95:02:68:52:58:1b:f4:2c:ea:f7:
                    45:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:45:42:7A:FB:91:4A:02:60:AB:E9:BC:07:DC:87:E8:AA:FA:9A:25
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5375d6aa-6b14-4bf5-b666-aec37e4130eb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.238.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b1:a5:12:1f:82:e5:2e:59:af:8b:f0:5d:3b:70:34:4a:1b:1e:
         de:92:f9:ca:c5:5a:74:53:a3:34:0e:63:c4:07:93:c2:0e:46:
         52:68:1e:bf:bd:80:90:8d:6b:b2:73:af:58:d9:f8:49:27:ea:
         a6:27:0f:2d:5c:f8:cf:c1:8e:93:b5:ab:eb:58:4d:e2:ef:64:
         a9:92:d5:44:f5:57:32:3f:a8:b1:26:fd:44:d2:d6:95:a7:8c:
         1b:5b:27:3e:20:b6:0f:43:3c:dd:18:79:a6:d2:32:74:03:01:
         a3:33:b0:98:ca:f3:74:89:8c:f2:5a:65:74:6f:75:85:8b:b3:
         b9:ab:7b:f4:a0:c7:83:77:4c:71:c3:da:fc:b4:5d:6b:8e:8c:
         a6:a6:cf:5c:71:ef:30:dc:9f:db:1f:d6:6d:d0:9c:6a:eb:5e:
         f4:97:69:96:67:cd:d9:c2:5d:74:0f:2c:20:69:90:ca:5a:30:
         55:c0:9f:f9:f2:fd:07:39:d0:bb:96:a1:ff:cb:02:69:f4:71:
         47:db:19:ea:e3:0e:09:ea:b8:b0:5a:42:be:cb:e1:42:1b:14:
         de:a2:8d:dd:01:82:5e:2c:64:06:79:c3:a7:74:45:73:2b:25:
         d5:d0:2b:db:f0:fb:c7:1a:61:03:a4:a1:9e:f2:be:4b:e9:1e:
         87:04:29:35
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIfafbMYTmcBx0d+XFWL4o/plu00wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE4MTMzMTMxWhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MzEwYWI3ZDk1ZTJkN2NlMjMwM2UwMjQ3ZTYwZGFjOTVh
MTU0M2Q2NTQ3NDZkOWQzZTg1YmI2NTgyMTBmNGQzMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjYz4UbEua6PAyA6OWml032D4WR1S7DKL46/z3dvIyat+R
V9BSCc23vO0mC0Ddj2e4n4ZTUJ5mlBWbJtUHZWW80xfuuOEqTabwEkw2wdluaeVt
Mb5RJdGWBME6KLiMT8hqM4ujSZ/qE1lyPLFIYtbiGe9VdHtdvmnVruGaoJSMj6qo
4jVIn51OmYvCK8lfGPDvD6dWTxPlNP4vlN2sOX+RccnU2jFGKgWS7D9xehmLHAYN
05LJZfSToq+YTm99J15K4vuhKyEsdExSlpU6OGfuCW3OEhGZP4NlDotXxn7X9446
1BN0E8TBuAwV60JHt/udgf0rlQJoUlgb9Czq90VrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUMkVCevuRSgJgq+m8B9yH6Kr6miUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzUzNzVkNmFhLTZiMTQtNGJmNS1iNjY2LWFlYzM3ZTQxMzBlYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAS7qcwDQYJKoZIhvcNAQELBQADggEBALGlEh+C5S5Zr4vwXTtwNEobHt6S
+crFWnRTozQOY8QHk8IORlJoHr+9gJCNa7Jzr1jZ+Ekn6qYnDy1c+M/BjpO1q+tY
TeLvZKmS1UT1VzI/qLEm/UTS1pWnjBtbJz4gtg9DPN0YeabSMnQDAaMzsJjK83SJ
jPJaZXRvdYWLs7mre/Sgx4N3THHD2vy0XWuOjKamz1xx7zDcn9sf1m3QnGrrXvSX
aZZnzdnCXXQPLCBpkMpaMFXAn/ny/Qc50LuWof/LAmn0cUfbGerjDgnquLBaQr7L
4UIbFN6ijd0Bgl4sZAZ5w6d0RXMrJdXQK9vw+8caYQOkoZ7yvkvpHocEKTU=
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:58:45 2025 by rpki-client