Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/943bb5a9-ab2b-47cf-8fb2-f5200910119c.roa
File:                     943bb5a9-ab2b-47cf-8fb2-f5200910119c.roa (raw, json)
Hash identifier:          wYK1v9STLGWFWNAKxdw0HPDcED8P2RQYADJVQaOdpMM=
Subject key identifier:   A0:05:F9:49:B8:65:0C:2F:E6:99:8E:A1:AF:4B:A8:9B:1E:85:0E:F7
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       26DA7EDADA4E0F3D1B0507101313FDAAC3E4F6E2
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/943bb5a9-ab2b-47cf-8fb2-f5200910119c.roa
Signing time:             Sat 18 Oct 2025 11:00:09 +0000
ROA not before:           Sat 18 Oct 2025 11:00:09 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.155.61.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:da:7e:da:da:4e:0f:3d:1b:05:07:10:13:13:fd:aa:c3:e4:f6:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 18 11:00:09 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=8feb0db8111ac1a6f4616339049687157247d676ee0feab2d71626cfc50dffd2, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:9c:10:31:45:36:5f:9b:40:ec:b0:8e:a9:2b:
                    dd:3d:77:ac:07:30:53:eb:fd:ce:aa:6e:d6:f9:af:
                    cb:63:ae:b9:64:c6:42:ae:22:01:de:3a:43:4b:66:
                    90:7a:92:09:d6:0a:5d:80:70:f3:47:75:75:9b:24:
                    a7:3c:b7:62:4a:ce:2a:58:11:71:0b:a2:0b:2f:dd:
                    17:cb:c1:f1:90:2f:c2:e7:d8:52:ee:cf:1e:62:a7:
                    a3:b2:a9:9b:f6:f6:b6:21:25:4f:d7:b2:c2:b9:fc:
                    9d:9e:63:37:aa:c4:40:65:b2:da:8d:a1:eb:c4:45:
                    0a:8a:21:d3:f2:44:bb:9d:84:c5:7e:b3:70:1f:79:
                    94:2c:65:60:49:8b:52:83:47:e9:78:47:9e:30:05:
                    8d:2e:e5:9c:25:30:f1:0b:36:47:2e:15:09:11:11:
                    15:31:a6:a8:be:f3:16:5d:09:4c:59:7f:a4:eb:2a:
                    64:19:61:e0:73:c0:10:d9:69:e4:6b:c3:80:45:32:
                    00:d2:db:54:b2:2e:09:ea:0b:4a:04:0f:34:fe:77:
                    ee:dd:36:af:cd:b9:c2:e8:bc:c9:a6:67:77:33:b1:
                    ef:2a:0e:f3:a6:0e:ab:83:b5:24:84:fd:ec:1c:5d:
                    b1:f4:64:60:66:ad:7a:30:f1:ec:15:9a:2c:38:cd:
                    57:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:05:F9:49:B8:65:0C:2F:E6:99:8E:A1:AF:4B:A8:9B:1E:85:0E:F7
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/943bb5a9-ab2b-47cf-8fb2-f5200910119c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.155.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:f1:4d:dc:31:93:dc:c3:57:58:52:c9:27:20:9e:9e:ca:72:
         51:5a:35:ec:b8:2e:f8:16:a9:35:38:06:31:4d:ea:1b:6a:e7:
         5d:48:ab:76:49:f8:10:d0:58:77:24:49:13:91:41:ec:35:e5:
         78:29:b9:9a:72:ee:a2:20:57:3a:b0:4d:92:6a:fd:07:ac:cf:
         a3:f5:9d:1a:e5:7d:cb:b3:b8:e9:d4:b1:5a:72:b2:03:1f:37:
         d8:75:4f:7b:59:7d:a5:62:10:c3:59:be:46:26:87:da:5f:80:
         d3:b6:af:5f:ef:7d:a0:1a:3d:cc:8b:b2:b4:02:6a:4f:22:a2:
         5d:13:26:7a:09:ce:4b:b6:69:cb:d1:f6:9e:46:73:6e:de:37:
         4f:67:7c:95:c1:7c:2a:87:a0:77:4c:d5:9f:ec:f6:d9:79:9c:
         14:c0:c6:90:75:bf:63:67:88:b1:8b:19:5e:f5:03:4f:e8:1f:
         67:41:e3:29:e2:98:9a:eb:56:19:3c:53:6b:8b:96:5f:bd:6f:
         17:a5:32:34:3b:41:ac:4b:62:7a:5b:cc:d2:64:a7:1e:c9:4f:
         4a:66:24:d9:91:92:20:fd:48:cf:8e:6c:76:91:72:82:28:7e:
         7c:78:3b:be:06:ce:67:c0:58:79:5d:c2:46:c5:b3:c8:08:44:
         4a:85:91:73
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJtp+2tpODz0bBQcQExP9qsPk9uIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE4MTEwMDA5WhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZmViMGRiODExMWFjMWE2ZjQ2MTYzMzkwNDk2ODcxNTcy
NDdkNjc2ZWUwZmVhYjJkNzE2MjZjZmM1MGRmZmQyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCRnBAxRTZfm0DssI6pK909d6wHMFPr/c6qbtb5r8tjrrlk
xkKuIgHeOkNLZpB6kgnWCl2AcPNHdXWbJKc8t2JKzipYEXELogsv3RfLwfGQL8Ln
2FLuzx5ip6OyqZv29rYhJU/XssK5/J2eYzeqxEBlstqNoevERQqKIdPyRLudhMV+
s3AfeZQsZWBJi1KDR+l4R54wBY0u5ZwlMPELNkcuFQkRERUxpqi+8xZdCUxZf6Tr
KmQZYeBzwBDZaeRrw4BFMgDS21SyLgnqC0oEDzT+d+7dNq/NucLovMmmZ3czse8q
DvOmDquDtSSE/ewcXbH0ZGBmrXow8ewVmiw4zVdjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUoAX5SbhlDC/mmY6hr0uomx6FDvcwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzk0M2JiNWE5LWFiMmItNDdjZi04ZmIyLWY1MjAwOTEwMTE5Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAASmz0wDQYJKoZIhvcNAQELBQADggEBAKrxTdwxk9zDV1hSyScgnp7KclFa
Ney4LvgWqTU4BjFN6htq511Iq3ZJ+BDQWHckSRORQew15XgpuZpy7qIgVzqwTZJq
/Qesz6P1nRrlfcuzuOnUsVpysgMfN9h1T3tZfaViEMNZvkYmh9pfgNO2r1/vfaAa
PcyLsrQCak8iol0TJnoJzku2acvR9p5Gc27eN09nfJXBfCqHoHdM1Z/s9tl5nBTA
xpB1v2NniLGLGV71A0/oH2dB4ynimJrrVhk8U2uLll+9bxelMjQ7QaxLYnpbzNJk
px7JT0pmJNmRkiD9SM+ObHaRcoIofnx4O74GzmfAWHldwkbFs8gIREqFkXM=
-----END CERTIFICATE-----
Generated at Mon Oct 20 17:33:25 2025 by rpki-client