Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9a940647-9b39-4038-a2cf-62b1ee6a2712.roa
File:                     9a940647-9b39-4038-a2cf-62b1ee6a2712.roa (raw, json)
Hash identifier:          qYmtVYE7biL6wl8pGDDMEo8d1kvHTXmgLM1091WJC8A=
Subject key identifier:   C2:7A:B4:BA:19:82:1D:AE:CE:71:4A:12:2A:41:76:B4:14:B6:D0:6F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       147BC1178E2A09D3E06346C3725BB0952D8FE39E
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9a940647-9b39-4038-a2cf-62b1ee6a2712.roa
Signing time:             Sun 19 Oct 2025 04:52:37 +0000
ROA not before:           Sun 19 Oct 2025 04:52:37 +0000
ROA not after:            Sun 23 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.239.210.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:7b:c1:17:8e:2a:09:d3:e0:63:46:c3:72:5b:b0:95:2d:8f:e3:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 19 04:52:37 2025 GMT
            Not After : Nov 23 23:59:59 2025 GMT
        Subject: serialNumber=ea5a68c4f6a74bc7f80a8f768c101aff7ae452a614cb79ddf8a81bab0b1bf384, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:ea:b0:f9:0b:31:14:4c:d4:d2:0f:fc:09:f9:
                    31:da:f5:ee:e9:94:fd:de:9b:11:b0:37:61:5c:da:
                    08:fb:50:b9:fb:89:92:59:92:01:02:3e:72:e6:bb:
                    5d:f0:fd:b1:aa:36:58:fe:e0:ff:86:55:46:0c:4c:
                    a3:80:83:22:59:fa:cf:43:98:5d:cd:36:fa:c2:63:
                    99:28:46:47:8c:18:68:0e:6e:c5:bc:88:7e:34:c9:
                    35:67:85:a9:b0:57:1c:18:bf:52:73:55:34:96:b6:
                    f7:f9:2f:a5:ca:14:4c:4a:99:68:bb:25:65:85:74:
                    67:6f:bb:d4:01:2c:60:c6:d5:4b:f2:7c:1b:bd:e0:
                    38:54:a3:d6:4c:e5:6f:ca:59:0a:0b:bc:25:a0:e8:
                    1b:ee:76:59:c0:ea:44:96:20:65:a0:92:06:23:a1:
                    e8:99:7c:ec:cf:3b:ed:63:5a:a0:f6:50:cc:13:12:
                    99:6c:b8:99:98:83:da:7f:64:85:00:47:55:34:1a:
                    4c:60:17:18:55:ce:25:95:48:4e:1b:dd:21:1b:db:
                    db:3d:c2:8a:a4:f4:7f:16:bb:b6:11:fc:d7:6d:d7:
                    33:40:5b:de:fa:ff:10:b9:56:de:b4:03:15:96:3d:
                    56:f5:54:8d:ac:9f:bc:01:45:2d:f7:31:b3:92:ec:
                    1b:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:7A:B4:BA:19:82:1D:AE:CE:71:4A:12:2A:41:76:B4:14:B6:D0:6F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9a940647-9b39-4038-a2cf-62b1ee6a2712.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.239.210.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4a:30:c7:28:e8:48:cd:cd:d3:0c:dd:5f:7b:6c:28:8d:86:15:
         95:10:27:d0:3f:f3:27:2e:5d:48:84:93:24:df:e3:01:fa:b0:
         ff:1b:a6:fb:e2:90:f1:7e:66:0d:af:5f:69:96:99:d1:45:41:
         09:ce:39:36:2d:06:a7:3d:d8:3c:2f:c0:90:cc:30:90:e0:80:
         cf:1b:58:94:3f:c1:46:39:a4:e0:90:11:57:5f:8c:ca:2b:22:
         37:75:4b:4c:92:55:36:2f:ee:18:96:a0:eb:04:b6:ce:1e:76:
         0a:26:70:2f:f4:d4:0c:36:1d:a5:4c:22:d2:64:8d:26:57:01:
         ac:f7:30:f5:fc:e8:04:df:90:c5:60:b7:68:b7:c8:6d:26:ec:
         c9:c9:86:f1:f6:b8:6a:0d:21:10:4d:a5:2e:ad:5d:ef:b2:e9:
         27:7f:40:cf:b3:34:c3:aa:cc:82:b3:7a:0c:58:7c:b5:86:25:
         b5:b1:d4:d7:8c:12:e8:b9:b0:f1:66:2a:cc:a1:4a:3c:23:1e:
         9b:b1:2e:df:45:40:11:a1:6d:f1:b9:e8:11:c6:5e:6d:c2:0b:
         0e:1f:27:3f:3b:57:1b:a1:fc:45:54:c8:3e:65:67:eb:d0:d5:
         88:53:f9:e7:7e:6b:1a:a3:be:ff:5f:f6:0b:22:51:c1:59:0e:
         ad:51:2f:29
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFHvBF44qCdPgY0bDcluwlS2P454wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE5MDQ1MjM3WhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlYTVhNjhjNGY2YTc0YmM3ZjgwYThmNzY4YzEwMWFmZjdh
ZTQ1MmE2MTRjYjc5ZGRmOGE4MWJhYjBiMWJmMzg0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDr6rD5CzEUTNTSD/wJ+THa9e7plP3emxGwN2Fc2gj7ULn7
iZJZkgECPnLmu13w/bGqNlj+4P+GVUYMTKOAgyJZ+s9DmF3NNvrCY5koRkeMGGgO
bsW8iH40yTVnhamwVxwYv1JzVTSWtvf5L6XKFExKmWi7JWWFdGdvu9QBLGDG1Uvy
fBu94DhUo9ZM5W/KWQoLvCWg6BvudlnA6kSWIGWgkgYjoeiZfOzPO+1jWqD2UMwT
EplsuJmYg9p/ZIUAR1U0GkxgFxhVziWVSE4b3SEb29s9woqk9H8Wu7YR/Ndt1zNA
W976/xC5Vt60AxWWPVb1VI2sn7wBRS33MbOS7BubAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUwnq0uhmCHa7OcUoSKkF2tBS20G8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzlhOTQwNjQ3LTliMzktNDAzOC1hMmNmLTYyYjFlZTZhMjcxMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAES79IwDQYJKoZIhvcNAQELBQADggEBAEowxyjoSM3N0wzdX3tsKI2GFZUQ
J9A/8ycuXUiEkyTf4wH6sP8bpvvikPF+Zg2vX2mWmdFFQQnOOTYtBqc92DwvwJDM
MJDggM8bWJQ/wUY5pOCQEVdfjMorIjd1S0ySVTYv7hiWoOsEts4edgomcC/01Aw2
HaVMItJkjSZXAaz3MPX86ATfkMVgt2i3yG0m7MnJhvH2uGoNIRBNpS6tXe+y6Sd/
QM+zNMOqzIKzegxYfLWGJbWx1NeMEui5sPFmKsyhSjwjHpuxLt9FQBGhbfG56BHG
Xm3CCw4fJz87Vxuh/EVUyD5lZ+vQ1YhT+ed+axqjvv9f9gsiUcFZDq1RLyk=
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:03:01 2025 by rpki-client