Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d15d167d-2e7d-474f-9c76-9c2953809836.roa
File:                     d15d167d-2e7d-474f-9c76-9c2953809836.roa (raw, json)
Hash identifier:          ddLbWYnG/m59cdGLfZGhrTSQdvsIBlsDD13YYb6D9vc=
Subject key identifier:   9F:6B:13:70:2A:97:AB:85:03:7B:55:5F:3D:23:F1:29:DB:6D:CB:B3
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       3D27A7A77F19BC35199F97E0F60032B8C181AB27
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d15d167d-2e7d-474f-9c76-9c2953809836.roa
Signing time:             Sun 19 Oct 2025 12:51:14 +0000
ROA not before:           Sun 19 Oct 2025 12:51:14 +0000
ROA not after:            Sun 23 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.226.124.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 23 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:27:a7:a7:7f:19:bc:35:19:9f:97:e0:f6:00:32:b8:c1:81:ab:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 19 12:51:14 2025 GMT
            Not After : Nov 23 23:59:59 2025 GMT
        Subject: serialNumber=9fd3bf7770a32f2b9de7dfe8abcc59d0ac51ef8651fae4f2e86c797ee45ee4bc, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:c5:7b:74:be:6b:ea:73:12:a2:e3:51:7f:8e:
                    b0:6b:34:85:63:61:0c:d3:b0:15:24:13:24:94:e6:
                    b2:9d:35:b9:f5:3d:38:b1:2b:ef:52:c0:8d:5b:27:
                    d0:b0:fe:e9:ea:06:58:46:9d:05:bb:89:2a:7d:78:
                    bd:40:6c:7d:7c:39:1e:a9:13:41:e4:26:ba:23:b2:
                    88:29:72:bd:8f:40:c3:6b:7e:76:a7:cf:1f:e7:75:
                    65:09:d6:a1:19:cc:70:21:e8:6f:ec:03:91:ac:a4:
                    c0:95:7a:e2:60:c6:eb:c6:1e:4c:93:07:77:89:70:
                    39:ac:d4:26:cd:5a:46:06:49:af:0b:a8:42:5b:f6:
                    ba:d6:86:6f:8f:b6:16:cd:35:12:f3:57:24:ea:8b:
                    64:d9:2a:9f:5c:e4:72:af:22:e6:7c:a7:1a:ee:a9:
                    44:00:3f:4c:9a:67:73:5f:8b:d6:c8:a6:b6:e2:98:
                    98:57:8d:62:c9:29:93:98:e3:53:b3:56:6f:3b:fc:
                    c6:f1:49:8f:e5:f6:f9:de:63:98:b5:e8:9f:27:7d:
                    dd:e0:de:7a:f1:2f:93:61:58:2c:23:96:2d:2a:1e:
                    5d:0b:f3:59:eb:d6:ff:e6:3a:f1:99:94:c6:19:14:
                    48:23:e9:85:20:86:0c:61:04:72:7a:00:27:1d:82:
                    4d:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:6B:13:70:2A:97:AB:85:03:7B:55:5F:3D:23:F1:29:DB:6D:CB:B3
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d15d167d-2e7d-474f-9c76-9c2953809836.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.226.124.0/23

    Signature Algorithm: sha256WithRSAEncryption
         24:a9:e3:b6:91:f5:b8:d3:1c:13:b9:03:aa:00:77:ff:3e:9e:
         08:a2:2c:6b:60:0a:54:d0:02:cf:59:91:57:59:5c:66:fb:4b:
         41:4b:3c:2c:99:a3:70:35:97:d1:01:83:6d:8e:63:e5:aa:5b:
         92:49:f3:a5:bf:c7:1e:a2:9a:66:c9:2d:6a:47:3c:5d:1a:a7:
         55:3c:45:bf:fb:3d:e9:b6:c1:ca:aa:d5:d5:c0:0f:8c:8c:f0:
         6c:2d:a1:ca:f3:d4:ea:d6:8e:e8:7a:40:b8:02:01:a2:61:0a:
         53:53:79:b6:d0:2b:36:cc:e5:34:4b:50:6d:3c:85:d7:fc:7e:
         36:f8:74:06:6f:d4:5c:2d:9c:e5:11:c7:af:d3:52:60:b2:e9:
         5e:cd:b8:e1:a0:24:f3:7c:6d:88:b9:d3:75:d5:16:a8:ea:1a:
         db:65:ff:3e:3a:72:75:e8:70:95:98:3f:e1:a7:6c:67:31:20:
         0d:52:b5:56:d4:07:fc:95:28:40:52:34:17:aa:39:48:41:f8:
         cb:53:45:71:8e:8f:86:5e:ef:37:df:fd:7a:f5:98:51:0b:c3:
         35:95:85:eb:38:7f:fa:b9:60:69:34:54:2e:12:2a:15:25:ea:
         0c:74:3e:28:87:8b:39:b9:4a:9f:3b:b0:ad:6c:a0:98:be:80:
         56:e7:5e:1f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPSenp38ZvDUZn5fg9gAyuMGBqycwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE5MTI1MTE0WhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZmQzYmY3NzcwYTMyZjJiOWRlN2RmZThhYmNjNTlkMGFj
NTFlZjg2NTFmYWU0ZjJlODZjNzk3ZWU0NWVlNGJjMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7xXt0vmvqcxKi41F/jrBrNIVjYQzTsBUkEySU5rKdNbn1
PTixK+9SwI1bJ9Cw/unqBlhGnQW7iSp9eL1AbH18OR6pE0HkJrojsogpcr2PQMNr
fnanzx/ndWUJ1qEZzHAh6G/sA5GspMCVeuJgxuvGHkyTB3eJcDms1CbNWkYGSa8L
qEJb9rrWhm+PthbNNRLzVyTqi2TZKp9c5HKvIuZ8pxruqUQAP0yaZ3Nfi9bIprbi
mJhXjWLJKZOY41OzVm87/MbxSY/l9vneY5i16J8nfd3g3nrxL5NhWCwjli0qHl0L
81nr1v/mOvGZlMYZFEgj6YUghgxhBHJ6ACcdgk1ZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUn2sTcCqXq4UDe1VfPSPxKdtty7MwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2QxNWQxNjdkLTJlN2QtNDc0Zi05Yzc2LTljMjk1MzgwOTgzNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEN4nwwDQYJKoZIhvcNAQELBQADggEBACSp47aR9bjTHBO5A6oAd/8+ngii
LGtgClTQAs9ZkVdZXGb7S0FLPCyZo3A1l9EBg22OY+WqW5JJ86W/xx6immbJLWpH
PF0ap1U8Rb/7Pem2wcqq1dXAD4yM8Gwtocrz1OrWjuh6QLgCAaJhClNTebbQKzbM
5TRLUG08hdf8fjb4dAZv1FwtnOURx6/TUmCy6V7NuOGgJPN8bYi503XVFqjqGttl
/z46cnXocJWYP+GnbGcxIA1StVbUB/yVKEBSNBeqOUhB+MtTRXGOj4Ze7zff/Xr1
mFELwzWVhes4f/q5YGk0VC4SKhUl6gx0PiiHizm5Sp87sK1soJi+gFbnXh8=
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:25:11 2025 by rpki-client