Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7b523d1a-cfd1-47c6-ad56-e77f327a47de.roa
File:                     7b523d1a-cfd1-47c6-ad56-e77f327a47de.roa (raw, json)
Hash identifier:          F2l+j3kmu5/qd8xZlOWTbZT6M85YdmP1v0owQ5N/RL8=
Subject key identifier:   92:CC:29:80:23:11:4A:A3:4B:2A:D6:10:9F:CD:4E:A2:E8:E2:57:67
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       08BF4FF0442E2D83F99BAFC8242B65735DD54F5C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7b523d1a-cfd1-47c6-ad56-e77f327a47de.roa
Signing time:             Sat 18 Oct 2025 07:30:22 +0000
ROA not before:           Sat 18 Oct 2025 07:30:22 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.239.216.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:bf:4f:f0:44:2e:2d:83:f9:9b:af:c8:24:2b:65:73:5d:d5:4f:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 18 07:30:22 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=1d181f3d593c985e7e361e77adb186965a9df8726fd863c789c28b8cf56ba8f6, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:fb:a3:6a:c1:06:6c:50:c1:4c:6e:9c:e6:00:
                    bb:51:db:57:c2:52:80:98:cf:de:5a:c3:15:7b:51:
                    85:28:1c:7b:44:e3:3b:86:08:d4:db:0e:aa:27:32:
                    e0:0c:ec:ca:15:9a:9b:9f:7f:5e:15:90:3d:d8:41:
                    e9:e6:62:ac:dc:3e:35:98:5b:25:2f:05:87:2e:cf:
                    4f:26:45:b2:31:e0:30:ec:28:42:ad:ca:ed:9d:ca:
                    fb:d8:13:ab:c3:8a:18:3d:19:bc:69:5f:23:ee:ae:
                    36:f1:4f:0b:e8:0c:24:3e:32:aa:32:e4:b5:6e:28:
                    7e:99:84:f6:ff:38:2e:09:d1:12:c7:ad:9e:c0:a7:
                    3b:ce:c4:80:ec:37:1f:4a:00:1b:a1:a9:74:ae:d5:
                    41:30:6e:2a:08:b7:24:35:bf:ec:c5:18:6c:40:c4:
                    c9:55:07:60:9e:0c:b3:dd:fe:21:43:89:2d:ad:d4:
                    05:99:49:53:36:fd:a5:ef:16:67:4d:4c:07:df:17:
                    17:b3:37:91:83:0b:61:0a:b0:b3:e4:9d:40:c6:57:
                    6a:90:4c:c9:f1:94:08:d0:a3:a0:d3:3b:19:72:a6:
                    df:1a:c5:f9:57:49:ee:b8:fa:7a:1c:7d:10:57:8f:
                    3b:dd:8a:2b:da:2e:26:84:6b:43:29:b7:e9:5a:a5:
                    d6:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:CC:29:80:23:11:4A:A3:4B:2A:D6:10:9F:CD:4E:A2:E8:E2:57:67
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7b523d1a-cfd1-47c6-ad56-e77f327a47de.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.239.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a4:2d:09:a9:25:0b:9d:67:25:1a:82:ad:f5:7d:59:67:a1:12:
         ad:86:2d:96:24:7f:8b:f3:4b:78:df:9e:a5:0d:3f:02:72:2f:
         1c:c0:c5:0f:2e:de:c5:3b:ac:75:df:0b:cc:e0:8a:55:f7:af:
         d0:02:12:20:b4:07:87:61:3b:10:dd:d4:32:2d:c9:83:bb:3f:
         04:db:ca:dd:08:12:c3:a7:81:3a:7b:34:19:49:c4:fe:cf:48:
         fb:e6:7e:c8:7c:66:d4:a4:43:0d:d0:8d:90:d7:01:01:a8:1e:
         04:0e:32:7e:8d:96:ec:0f:90:95:01:1a:3e:26:53:fe:d4:7e:
         1c:5d:65:be:c8:df:5f:cf:4b:61:59:80:99:2a:24:ac:4f:2b:
         28:71:0c:19:af:51:05:d5:80:2f:f8:b9:c2:91:a6:91:5a:bc:
         f9:09:ae:1f:f1:c5:ae:0f:bd:90:0d:b6:ff:91:d2:6d:5f:fc:
         75:4f:6f:69:39:30:f0:2b:af:05:c6:68:91:1d:98:25:81:d8:
         a0:85:89:32:e4:f2:32:aa:71:97:06:fa:ec:a1:54:68:67:26:
         b8:64:06:b9:66:80:7d:8a:3d:15:d5:22:0a:06:fb:4e:06:49:
         e2:5a:b0:96:e2:ee:a5:54:b0:b0:82:b7:8c:2c:82:3a:20:4a:
         c9:38:f6:67
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCL9P8EQuLYP5m6/IJCtlc13VT1wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE4MDczMDIyWhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0AxZDE4MWYzZDU5M2M5ODVlN2UzNjFlNzdhZGIxODY5NjVh
OWRmODcyNmZkODYzYzc4OWMyOGI4Y2Y1NmJhOGY2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDb+6NqwQZsUMFMbpzmALtR21fCUoCYz95awxV7UYUoHHtE
4zuGCNTbDqonMuAM7MoVmpuff14VkD3YQenmYqzcPjWYWyUvBYcuz08mRbIx4DDs
KEKtyu2dyvvYE6vDihg9GbxpXyPurjbxTwvoDCQ+Mqoy5LVuKH6ZhPb/OC4J0RLH
rZ7ApzvOxIDsNx9KABuhqXSu1UEwbioItyQ1v+zFGGxAxMlVB2CeDLPd/iFDiS2t
1AWZSVM2/aXvFmdNTAffFxezN5GDC2EKsLPknUDGV2qQTMnxlAjQo6DTOxlypt8a
xflXSe64+nocfRBXjzvdiivaLiaEa0Mpt+lapda1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUkswpgCMRSqNLKtYQn81OoujiV2cwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzdiNTIzZDFhLWNmZDEtNDdjNi1hZDU2LWU3N2YzMjdhNDdkZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIS79gwDQYJKoZIhvcNAQELBQADggEBAKQtCaklC51nJRqCrfV9WWehEq2G
LZYkf4vzS3jfnqUNPwJyLxzAxQ8u3sU7rHXfC8zgilX3r9ACEiC0B4dhOxDd1DIt
yYO7PwTbyt0IEsOngTp7NBlJxP7PSPvmfsh8ZtSkQw3QjZDXAQGoHgQOMn6NluwP
kJUBGj4mU/7UfhxdZb7I31/PS2FZgJkqJKxPKyhxDBmvUQXVgC/4ucKRppFavPkJ
rh/xxa4PvZANtv+R0m1f/HVPb2k5MPArrwXGaJEdmCWB2KCFiTLk8jKqcZcG+uyh
VGhnJrhkBrlmgH2KPRXVIgoG+04GSeJasJbi7qVUsLCCt4wsgjogSsk49mc=
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:40:08 2025 by rpki-client