Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/93b2c3f8-3ef9-4f23-a870-b2acaf348bc7.roa
File:                     93b2c3f8-3ef9-4f23-a870-b2acaf348bc7.roa (raw, json)
Hash identifier:          U6mA8xqSj+lhxwy9cAImkI4ZFnaltJX8UZClgi7wT9M=
Subject key identifier:   E0:3F:7D:39:56:C0:59:A4:F6:4D:2C:EF:90:CF:8E:52:DD:F1:EF:DE
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       11ABA3B803CB55597B71FD720D442A5E42077578
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/93b2c3f8-3ef9-4f23-a870-b2acaf348bc7.roa
Signing time:             Thu 16 Oct 2025 15:28:38 +0000
ROA not before:           Thu 16 Oct 2025 15:28:38 +0000
ROA not after:            Thu 20 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.68.169.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:ab:a3:b8:03:cb:55:59:7b:71:fd:72:0d:44:2a:5e:42:07:75:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 16 15:28:38 2025 GMT
            Not After : Nov 20 23:59:59 2025 GMT
        Subject: serialNumber=f2163cbb3ab41326ea6b12d710c20757f5b76dfaa2231894ff46b25b476df831, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:82:78:13:89:1f:2f:47:ca:73:15:9d:62:a7:
                    0e:7a:96:b5:38:b5:b3:09:8a:e1:0f:ec:ac:4c:97:
                    a1:4c:44:e6:e8:28:ba:5d:da:72:1b:ed:3c:0b:f5:
                    5d:f8:af:09:68:3b:47:5f:69:3a:fc:25:b7:0e:36:
                    a6:8d:e4:f6:34:92:d8:66:7b:0c:50:96:cb:20:06:
                    d3:b2:2f:e8:ee:d2:06:d9:a5:c6:90:f8:b7:b3:6e:
                    f5:cd:09:f9:a3:f4:4c:f5:46:cb:07:29:55:3c:ea:
                    3e:57:12:b5:84:48:c6:f8:04:de:fa:c6:64:d0:bc:
                    56:fc:41:99:20:a4:56:6e:d1:a0:e5:37:cf:7c:56:
                    b1:2b:ae:67:17:7e:37:09:b2:5b:5b:16:7b:b6:eb:
                    d1:da:f1:6c:b7:24:8f:b5:e5:d6:44:1d:8c:49:35:
                    6a:0a:1b:f5:47:cd:cd:ed:86:56:b0:be:d1:68:d6:
                    58:b7:e4:6c:40:cd:d3:c5:32:32:16:b3:21:1a:86:
                    9f:67:57:bf:a5:bf:56:47:44:f9:4e:b5:c1:3c:80:
                    34:a1:ba:f5:f8:15:24:41:da:a0:78:8d:69:23:4b:
                    d6:93:85:d7:5b:99:69:ca:7c:99:4d:11:02:37:1b:
                    55:4b:b7:45:cb:b7:ea:f7:80:62:90:46:2d:34:4f:
                    a8:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:3F:7D:39:56:C0:59:A4:F6:4D:2C:EF:90:CF:8E:52:DD:F1:EF:DE
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/93b2c3f8-3ef9-4f23-a870-b2acaf348bc7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.68.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:c4:14:57:91:4a:94:fe:f6:6a:0a:b0:35:3c:b7:20:3b:8a:
         ed:99:54:d5:48:fa:ca:e9:c2:ed:d3:1d:d9:08:ae:19:7f:f3:
         7c:ce:86:77:d1:28:07:ec:61:59:64:42:74:8c:2e:17:b9:e6:
         72:2a:c1:71:cf:7e:bc:d8:90:30:9f:1b:b5:b1:0f:ce:bd:52:
         bf:a3:13:64:11:f4:70:40:33:7d:d4:a8:1d:83:98:f8:52:1a:
         f8:83:3b:de:85:35:3a:6c:f0:94:1b:cf:f7:ec:8a:7c:ac:85:
         d1:8f:7f:bb:ff:49:f7:b2:31:b1:81:d1:7c:d9:15:39:a5:a7:
         40:9d:7e:2e:7c:89:63:9d:cc:e1:d6:3c:74:a3:dd:ed:60:ee:
         db:4c:bb:ca:4c:b3:54:44:05:8c:4c:d9:2a:f1:a4:1b:84:fc:
         00:bb:b2:4a:25:6b:e5:0c:c3:a8:8d:70:c5:00:06:69:be:5e:
         3a:15:1b:d4:ca:5c:e7:33:07:4a:20:90:51:1e:f0:68:0c:61:
         d4:07:41:25:dc:51:e8:17:2b:f8:bd:ff:42:a7:0f:77:49:3e:
         e3:d8:3d:99:cc:0d:bd:65:20:43:d5:86:8f:06:c0:8c:cb:20:
         74:07:75:29:d7:d3:fc:ca:a5:61:04:e3:15:01:84:de:3c:aa:
         c7:a1:51:ec
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEaujuAPLVVl7cf1yDUQqXkIHdXgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE2MTUyODM4WhcNMjUxMTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BmMjE2M2NiYjNhYjQxMzI2ZWE2YjEyZDcxMGMyMDc1N2Y1
Yjc2ZGZhYTIyMzE4OTRmZjQ2YjI1YjQ3NmRmODMxMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDogngTiR8vR8pzFZ1ipw56lrU4tbMJiuEP7KxMl6FMRObo
KLpd2nIb7TwL9V34rwloO0dfaTr8JbcONqaN5PY0kthmewxQlssgBtOyL+ju0gbZ
pcaQ+LezbvXNCfmj9Ez1RssHKVU86j5XErWESMb4BN76xmTQvFb8QZkgpFZu0aDl
N898VrErrmcXfjcJsltbFnu269Ha8Wy3JI+15dZEHYxJNWoKG/VHzc3thlawvtFo
1li35GxAzdPFMjIWsyEahp9nV7+lv1ZHRPlOtcE8gDShuvX4FSRB2qB4jWkjS9aT
hddbmWnKfJlNEQI3G1VLt0XLt+r3gGKQRi00T6gDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4D99OVbAWaT2TSzvkM+OUt3x794wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzkzYjJjM2Y4LTNlZjktNGYyMy1hODcwLWIyYWNhZjM0OGJjNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAASRKkwDQYJKoZIhvcNAQELBQADggEBAIfEFFeRSpT+9moKsDU8tyA7iu2Z
VNVI+srpwu3THdkIrhl/83zOhnfRKAfsYVlkQnSMLhe55nIqwXHPfrzYkDCfG7Wx
D869Ur+jE2QR9HBAM33UqB2DmPhSGviDO96FNTps8JQbz/fsinyshdGPf7v/Sfey
MbGB0XzZFTmlp0Cdfi58iWOdzOHWPHSj3e1g7ttMu8pMs1REBYxM2SrxpBuE/AC7
skola+UMw6iNcMUABmm+XjoVG9TKXOczB0ogkFEe8GgMYdQHQSXcUegXK/i9/0Kn
D3dJPuPYPZnMDb1lIEPVho8GwIzLIHQHdSnX0/zKpWEE4xUBhN48qsehUew=
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:17:58 2025 by rpki-client