Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/af3bd3ad-5ebf-4985-a3e4-16c8346d57a5.roa
File:                     af3bd3ad-5ebf-4985-a3e4-16c8346d57a5.roa (raw, json)
Hash identifier:          rBY+5uDzQXd41OsRKnFV5bmxsg5lb4/zdXPhTj61r5c=
Subject key identifier:   FE:CC:62:64:6A:A8:A9:6B:D6:F9:80:32:00:74:B7:47:C8:C2:CB:20
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       61AA90DFCFEF34A5B77701DADBC6A2636B292740
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/af3bd3ad-5ebf-4985-a3e4-16c8346d57a5.roa
Signing time:             Sat 18 Oct 2025 06:10:07 +0000
ROA not before:           Sat 18 Oct 2025 06:10:07 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.155.16.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:aa:90:df:cf:ef:34:a5:b7:77:01:da:db:c6:a2:63:6b:29:27:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 18 06:10:07 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=7835b7893230505727434a73604d5219aec3ef9918f6419b3b9f29629314142f, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:3c:da:35:b5:1f:fd:9c:2a:9f:ac:d1:a4:cc:
                    f5:8c:88:74:b1:44:aa:2a:f2:b0:e7:bc:54:38:b4:
                    b4:16:f1:2b:48:83:d8:5e:d9:9d:c6:90:18:73:12:
                    9c:1a:3a:ec:50:4c:70:3d:e0:5b:b2:0d:b4:49:65:
                    38:0e:5f:5e:f4:4d:5a:a0:ba:78:7b:40:e8:17:59:
                    71:de:8c:67:f6:97:f0:bc:ab:9d:9a:b6:14:26:9f:
                    82:3b:d2:2b:6f:32:19:c9:1f:62:f9:0f:29:7f:d7:
                    0d:7e:67:06:33:51:d1:15:91:b0:dd:0d:fc:3b:80:
                    8e:63:46:b5:1a:25:e3:4d:8e:a9:8b:23:4a:61:83:
                    43:04:f8:f0:41:80:65:c0:71:aa:9b:5b:bd:94:3d:
                    bc:56:db:9e:c6:b5:7d:a9:ea:8b:54:02:54:b5:da:
                    03:b9:cd:8c:36:95:6d:a0:7d:09:7c:16:a6:6c:a8:
                    70:e0:d1:69:52:f5:60:ce:c9:46:a7:ea:c9:87:9b:
                    fa:7b:99:ea:ce:41:3e:6e:43:29:e0:68:e2:c4:d9:
                    2f:22:d5:11:97:2e:09:91:81:f5:64:ba:4a:a4:5a:
                    e1:88:c8:e2:21:c0:82:dc:53:1d:b1:5c:b9:da:f7:
                    47:75:e9:57:73:3d:5e:1a:b5:44:ee:ed:b6:7c:94:
                    73:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:CC:62:64:6A:A8:A9:6B:D6:F9:80:32:00:74:B7:47:C8:C2:CB:20
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/af3bd3ad-5ebf-4985-a3e4-16c8346d57a5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.155.16.0/21

    Signature Algorithm: sha256WithRSAEncryption
         aa:c5:5f:65:98:ba:b3:06:7c:0d:77:60:9c:fd:70:4e:c4:99:
         2b:e1:a0:b5:cf:6e:d7:1e:7d:82:40:27:18:03:1f:b1:0c:c2:
         f5:83:e1:db:37:27:33:80:95:c5:32:2f:6b:42:71:c5:b6:5e:
         c8:57:c4:1d:b6:ed:83:3f:1d:f0:85:19:4d:06:71:82:64:ae:
         33:c4:0a:71:98:f4:f1:bc:a0:ab:ab:85:98:b0:aa:1b:bf:de:
         f1:e8:77:16:1d:69:45:2c:92:58:bf:2d:e4:2b:43:96:12:08:
         0c:fe:3c:aa:4f:97:c7:03:c4:4a:e4:c7:31:5d:f6:ba:de:58:
         d8:f1:e8:b8:8a:14:a5:7b:8d:3c:d2:28:f9:61:ae:6a:51:f2:
         1d:93:c1:d5:0f:7d:d4:f2:67:3e:62:98:4c:77:97:71:f1:83:
         b0:91:08:f3:b1:bc:a9:73:1c:b4:33:a2:e5:a4:d0:f1:97:ef:
         e2:77:48:38:26:95:68:2c:5c:16:ce:a9:88:e2:fc:1e:3d:82:
         e7:c8:ad:1a:be:7f:e5:8e:71:37:cb:d1:66:12:2b:8a:c2:23:
         62:47:ef:e9:04:e4:f5:21:c0:0d:5b:96:37:15:27:b8:ff:d4:
         b9:c5:11:97:71:67:d2:da:81:63:67:d7:76:27:f5:c7:e9:2b:
         d6:12:2f:74
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYaqQ38/vNKW3dwHa28aiY2spJ0AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE4MDYxMDA3WhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A3ODM1Yjc4OTMyMzA1MDU3Mjc0MzRhNzM2MDRkNTIxOWFl
YzNlZjk5MThmNjQxOWIzYjlmMjk2MjkzMTQxNDJmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAPNo1tR/9nCqfrNGkzPWMiHSxRKoq8rDnvFQ4tLQW8StI
g9he2Z3GkBhzEpwaOuxQTHA94FuyDbRJZTgOX170TVqgunh7QOgXWXHejGf2l/C8
q52athQmn4I70itvMhnJH2L5Dyl/1w1+ZwYzUdEVkbDdDfw7gI5jRrUaJeNNjqmL
I0phg0ME+PBBgGXAcaqbW72UPbxW257GtX2p6otUAlS12gO5zYw2lW2gfQl8FqZs
qHDg0WlS9WDOyUan6smHm/p7merOQT5uQyngaOLE2S8i1RGXLgmRgfVkukqkWuGI
yOIhwILcUx2xXLna90d16VdzPV4atUTu7bZ8lHN9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU/sxiZGqoqWvW+YAyAHS3R8jCyyAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2FmM2JkM2FkLTVlYmYtNDk4NS1hM2U0LTE2YzgzNDZkNTdhNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMSmxAwDQYJKoZIhvcNAQELBQADggEBAKrFX2WYurMGfA13YJz9cE7EmSvh
oLXPbtcefYJAJxgDH7EMwvWD4ds3JzOAlcUyL2tCccW2XshXxB227YM/HfCFGU0G
cYJkrjPECnGY9PG8oKurhZiwqhu/3vHodxYdaUUskli/LeQrQ5YSCAz+PKpPl8cD
xErkxzFd9rreWNjx6LiKFKV7jTzSKPlhrmpR8h2TwdUPfdTyZz5imEx3l3Hxg7CR
CPOxvKlzHLQzouWk0PGX7+J3SDgmlWgsXBbOqYji/B49gufIrRq+f+WOcTfL0WYS
K4rCI2JH7+kE5PUhwA1bljcVJ7j/1LnFEZdxZ9LagWNn13Yn9cfpK9YSL3Q=
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:49:14 2025 by rpki-client