Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c9234647-3de9-4206-9cce-065a865c13aa.roa
File:                     c9234647-3de9-4206-9cce-065a865c13aa.roa (raw, json)
Hash identifier:          ZR/ujgCVB9GMqbq/Hc+Kp6RQbGuYox3gYPvRBxnc4mE=
Subject key identifier:   22:69:BF:0E:07:A5:94:82:40:EF:B2:11:0F:CE:F5:D4:9E:F3:20:A4
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       05CDBEE738550964F35845A0C531CDCE92B08038
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c9234647-3de9-4206-9cce-065a865c13aa.roa
Signing time:             Sun 19 Oct 2025 15:30:11 +0000
ROA not before:           Sun 19 Oct 2025 15:30:11 +0000
ROA not after:            Sun 23 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.224.161.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:cd:be:e7:38:55:09:64:f3:58:45:a0:c5:31:cd:ce:92:b0:80:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 19 15:30:11 2025 GMT
            Not After : Nov 23 23:59:59 2025 GMT
        Subject: serialNumber=a49682ac8f7b28ca6dc54c46dd038f1e777ec81154c2060a1d387b3885d51e59, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:d0:3e:17:f6:9c:42:6f:65:e0:c2:99:d4:c7:
                    a9:26:8d:7c:5a:de:cd:a1:93:4b:58:34:67:89:0b:
                    15:0b:0b:5e:d3:d9:53:dc:f3:7d:53:9e:44:25:87:
                    41:6f:58:62:d2:ee:32:09:48:0e:33:75:5c:08:40:
                    21:e6:45:b2:e3:1c:31:7d:95:a6:88:7c:d3:81:be:
                    f4:79:72:d9:11:a3:76:65:98:99:fe:59:c6:e9:ee:
                    c9:db:b9:80:df:49:b4:dd:50:83:a1:dd:9c:3b:66:
                    42:ea:cb:6a:24:21:9f:1b:ee:74:38:a7:f2:29:1a:
                    83:f5:26:3b:8f:4a:c8:57:7f:e2:44:6a:c4:10:2a:
                    ed:75:b2:0d:b3:e9:87:32:cc:fd:54:c0:ce:8a:3a:
                    e4:a9:26:31:4f:ae:20:b0:41:fd:e0:4e:24:e6:76:
                    a6:00:42:c9:89:11:06:28:06:92:1d:b9:42:5f:8e:
                    76:40:73:c2:cd:a5:aa:a8:fb:36:d2:bc:ad:1d:0c:
                    62:c8:df:3a:92:0a:2b:94:9e:d0:f9:66:ab:6b:a1:
                    80:5f:42:35:c5:99:2b:65:fe:4a:ed:ac:71:2d:e0:
                    67:90:ea:70:8a:4d:73:5f:35:94:e8:74:0d:ea:d0:
                    73:75:f9:08:ba:93:bd:2d:6a:d9:d6:c0:24:df:dc:
                    2f:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:69:BF:0E:07:A5:94:82:40:EF:B2:11:0F:CE:F5:D4:9E:F3:20:A4
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c9234647-3de9-4206-9cce-065a865c13aa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.224.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:d5:d9:ed:1f:8a:1c:38:fd:78:24:40:08:48:2e:2f:b0:2e:
         f2:d6:25:93:78:82:dc:13:15:29:bf:f0:29:1a:e8:14:f8:85:
         45:b5:fd:ae:4f:4b:29:61:18:ac:44:25:43:41:ae:3e:55:ef:
         ad:1e:a3:16:f7:4d:c4:55:bb:16:ce:95:5b:6b:86:1b:e0:91:
         92:41:ac:78:9d:18:24:f5:99:50:f6:be:09:16:f8:79:77:8f:
         03:b3:55:30:53:2e:2a:a4:94:2b:49:e1:f4:53:74:f4:56:57:
         e8:79:98:ff:8b:70:91:ac:54:30:57:a4:e1:b1:a1:1c:a5:54:
         f9:5b:8c:86:6a:a0:95:c9:ca:32:2d:5c:e8:4b:26:89:7e:fd:
         55:8e:d1:8b:06:f1:8f:7c:30:5b:c1:2e:c8:c5:e1:89:ac:a3:
         76:fc:1e:7b:5b:76:02:e3:bf:91:60:bc:48:ed:3f:4c:37:f0:
         a8:50:af:20:81:0e:92:82:c9:68:3b:02:58:4d:15:f3:7d:14:
         37:7d:7c:e3:80:b8:fa:73:54:1a:15:2a:98:aa:97:6d:ab:55:
         52:4d:0e:1a:f1:bb:d4:20:3b:fa:e8:4d:1d:0a:3e:72:4e:eb:
         db:85:a3:3f:34:1f:01:71:a6:2c:9a:1a:f4:ae:31:7c:32:59:
         11:cb:4a:e4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBc2+5zhVCWTzWEWgxTHNzpKwgDgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE5MTUzMDExWhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BhNDk2ODJhYzhmN2IyOGNhNmRjNTRjNDZkZDAzOGYxZTc3
N2VjODExNTRjMjA2MGExZDM4N2IzODg1ZDUxZTU5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDH0D4X9pxCb2XgwpnUx6kmjXxa3s2hk0tYNGeJCxULC17T
2VPc831TnkQlh0FvWGLS7jIJSA4zdVwIQCHmRbLjHDF9laaIfNOBvvR5ctkRo3Zl
mJn+Wcbp7snbuYDfSbTdUIOh3Zw7ZkLqy2okIZ8b7nQ4p/IpGoP1JjuPSshXf+JE
asQQKu11sg2z6YcyzP1UwM6KOuSpJjFPriCwQf3gTiTmdqYAQsmJEQYoBpIduUJf
jnZAc8LNpaqo+zbSvK0dDGLI3zqSCiuUntD5ZqtroYBfQjXFmStl/krtrHEt4GeQ
6nCKTXNfNZTodA3q0HN1+Qi6k70tatnWwCTf3C8XAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUImm/DgellIJA77IRD8711J7zIKQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2M5MjM0NjQ3LTNkZTktNDIwNi05Y2NlLTA2NWE4NjVjMTNhYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAN4KEwDQYJKoZIhvcNAQELBQADggEBAGvV2e0fihw4/XgkQAhILi+wLvLW
JZN4gtwTFSm/8Cka6BT4hUW1/a5PSylhGKxEJUNBrj5V760eoxb3TcRVuxbOlVtr
hhvgkZJBrHidGCT1mVD2vgkW+Hl3jwOzVTBTLiqklCtJ4fRTdPRWV+h5mP+LcJGs
VDBXpOGxoRylVPlbjIZqoJXJyjItXOhLJol+/VWO0YsG8Y98MFvBLsjF4Ymso3b8
HntbdgLjv5FgvEjtP0w38KhQryCBDpKCyWg7AlhNFfN9FDd9fOOAuPpzVBoVKpiq
l22rVVJNDhrxu9QgO/roTR0KPnJO69uFoz80HwFxpiyaGvSuMXwyWRHLSuQ=
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:06:59 2025 by rpki-client