Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/85cd33cc-b671-45ad-86eb-fda837142de7.roa
File:                     85cd33cc-b671-45ad-86eb-fda837142de7.roa (raw, json)
Hash identifier:          Vjh6DYeJRLlqCrAQV6//OcHKnZx6ZPpe+9Q5soy40oY=
Subject key identifier:   11:2D:29:28:CB:C1:0F:E4:BB:33:A3:00:8D:7C:D4:D7:B0:F6:AA:25
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7498DD5D6F9790C09FA665D319906A865B9B6F1C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/85cd33cc-b671-45ad-86eb-fda837142de7.roa
Signing time:             Wed 20 Aug 2025 00:31:01 +0000
ROA not before:           Wed 20 Aug 2025 00:31:01 +0000
ROA not after:            Wed 24 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        15.230.87.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:98:dd:5d:6f:97:90:c0:9f:a6:65:d3:19:90:6a:86:5b:9b:6f:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Aug 20 00:31:01 2025 GMT
            Not After : Sep 24 23:59:59 2025 GMT
        Subject: serialNumber=bf74d6f517f529d2ded0f9bbbe7c760fadd9e5a4cbc4c8e8f5df23a078c9ed1b, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:a8:1f:eb:0f:bf:b0:fb:17:ef:77:9a:98:2d:
                    88:4b:9f:53:6f:db:2f:b3:77:11:7d:dd:9d:46:96:
                    50:04:ed:7b:98:79:3f:ab:a0:9b:05:27:c7:6d:52:
                    b5:ba:ba:54:cd:f8:ff:f7:90:fe:84:24:d2:f0:e2:
                    7b:e1:47:9a:09:74:37:2b:7d:d3:a2:46:4e:8d:44:
                    86:8f:0e:a6:14:ec:d8:18:c7:7f:66:ae:31:11:b6:
                    6a:1d:76:e0:5b:b2:4c:38:b1:64:26:fa:aa:25:a7:
                    56:34:be:8f:2b:22:92:cd:71:31:84:24:aa:26:43:
                    87:10:d6:00:ec:09:fc:94:e1:76:c9:bb:9e:84:e9:
                    a0:70:22:fd:73:73:21:da:dc:92:8d:4a:0f:87:7c:
                    f0:08:78:ba:06:74:fe:cf:e9:c4:29:f3:76:d6:05:
                    99:7e:af:86:3e:1b:d6:6e:8c:1c:59:c9:ec:a6:07:
                    3d:29:d0:40:d8:aa:da:a7:aa:fb:59:7c:3a:f5:53:
                    9e:40:c2:6c:38:02:87:9e:56:ea:38:68:04:70:c0:
                    d7:83:0d:80:c6:02:58:e8:ac:5a:08:f5:58:af:7a:
                    1d:fc:ce:6c:5b:08:d3:46:fd:27:1f:4c:ce:52:f8:
                    55:c1:ab:36:e8:fd:01:dc:92:91:a4:ed:6d:f9:ec:
                    0d:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:2D:29:28:CB:C1:0F:E4:BB:33:A3:00:8D:7C:D4:D7:B0:F6:AA:25
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/85cd33cc-b671-45ad-86eb-fda837142de7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.230.87.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b2:39:2d:5e:f3:96:ec:86:32:27:eb:ff:3f:9f:4d:07:37:da:
         48:44:b1:0d:57:f3:b7:2a:eb:9a:a8:f2:51:a5:9f:6e:2a:ce:
         7a:75:03:e3:f5:fb:9b:e2:20:f3:d4:35:58:76:32:17:aa:09:
         a6:a5:af:df:49:7c:1d:e9:6f:45:ac:bf:69:a7:5f:49:34:c1:
         f8:10:b2:15:4f:4a:76:78:30:85:24:f8:34:5f:6e:16:94:41:
         d1:56:d8:ee:25:4f:05:f1:a3:ac:ea:c9:6a:b3:39:03:3c:77:
         1e:89:b2:b3:3e:57:86:69:d8:03:0b:9b:42:46:3d:2a:0d:d1:
         22:6d:06:9c:87:c2:c6:68:87:1a:14:d6:d2:3c:16:f4:21:6a:
         2b:44:10:47:24:be:0e:ff:47:9a:f4:7c:6a:df:bf:3a:1f:40:
         6e:6c:85:74:bf:ba:5c:53:32:c1:aa:2f:59:44:aa:87:02:b0:
         70:04:cc:97:b2:71:a8:8a:c9:5f:f3:f4:f1:e0:ab:c8:b8:d6:
         31:b1:a7:d2:05:cc:7b:c4:0a:a3:10:dd:09:d5:99:f1:a3:f1:
         4c:82:4a:42:70:65:74:3b:a7:b8:86:c9:ca:04:79:ec:37:30:
         c2:4b:84:df:db:41:84:bb:ac:03:28:d3:37:ea:59:46:df:2d:
         d6:52:85:0f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdJjdXW+XkMCfpmXTGZBqhlubbxwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwODIwMDAzMTAxWhcNMjUwOTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BiZjc0ZDZmNTE3ZjUyOWQyZGVkMGY5YmJiZTdjNzYwZmFk
ZDllNWE0Y2JjNGM4ZThmNWRmMjNhMDc4YzllZDFiMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfqB/rD7+w+xfvd5qYLYhLn1Nv2y+zdxF93Z1GllAE7XuY
eT+roJsFJ8dtUrW6ulTN+P/3kP6EJNLw4nvhR5oJdDcrfdOiRk6NRIaPDqYU7NgY
x39mrjERtmodduBbskw4sWQm+qolp1Y0vo8rIpLNcTGEJKomQ4cQ1gDsCfyU4XbJ
u56E6aBwIv1zcyHa3JKNSg+HfPAIeLoGdP7P6cQp83bWBZl+r4Y+G9ZujBxZyeym
Bz0p0EDYqtqnqvtZfDr1U55Awmw4AoeeVuo4aARwwNeDDYDGAljorFoI9Viveh38
zmxbCNNG/ScfTM5S+FXBqzbo/QHckpGk7W357A2LAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUES0pKMvBD+S7M6MAjXzU17D2qiUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzg1Y2QzM2NjLWI2NzEtNDVhZC04NmViLWZkYTgzNzE0MmRlNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAP5lcwDQYJKoZIhvcNAQELBQADggEBALI5LV7zluyGMifr/z+fTQc32khE
sQ1X87cq65qo8lGln24qznp1A+P1+5viIPPUNVh2MheqCaalr99JfB3pb0Wsv2mn
X0k0wfgQshVPSnZ4MIUk+DRfbhaUQdFW2O4lTwXxo6zqyWqzOQM8dx6JsrM+V4Zp
2AMLm0JGPSoN0SJtBpyHwsZohxoU1tI8FvQhaitEEEckvg7/R5r0fGrfvzofQG5s
hXS/ulxTMsGqL1lEqocCsHAEzJeycaiKyV/z9PHgq8i41jGxp9IFzHvECqMQ3QnV
mfGj8UyCSkJwZXQ7p7iGycoEeew3MMJLhN/bQYS7rAMo0zfqWUbfLdZShQ8=
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:29:59 2025 by rpki-client