Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d2111a87-74cd-418d-939a-9f31537e46ec.roa
File:                     d2111a87-74cd-418d-939a-9f31537e46ec.roa (raw, json)
Hash identifier:          c0uQGGvFUHTY8U4anXp7WkF6d9FozVuT1eUMnpA1xKw=
Subject key identifier:   E6:45:E7:F4:5C:06:83:DB:16:F7:27:E1:89:26:3E:ED:54:4F:1F:20
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0E960E7290649142EEB038A0853DF849EDC348F6
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d2111a87-74cd-418d-939a-9f31537e46ec.roa
Signing time:             Sat 18 Oct 2025 13:30:22 +0000
ROA not before:           Sat 18 Oct 2025 13:30:22 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.46.53.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:96:0e:72:90:64:91:42:ee:b0:38:a0:85:3d:f8:49:ed:c3:48:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 18 13:30:22 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=99cc227a8c9065d865ad45ec7c5aa4e62103d48921779b263e232dbc9a3737f1, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:7c:9e:5e:b5:b5:43:fd:92:f6:58:a1:b1:57:
                    38:70:c6:e7:08:a2:3e:7a:bd:60:d6:07:c4:11:9a:
                    de:f4:bf:72:73:1b:95:43:e9:da:84:ed:87:bb:3e:
                    84:1a:f8:3a:db:73:1b:ec:9c:fb:23:25:66:d1:24:
                    e3:f3:eb:dc:ab:8e:5f:af:42:61:64:fa:ca:28:92:
                    01:43:28:4a:78:d3:72:48:d1:38:ab:53:85:0f:82:
                    88:c0:55:e9:7f:60:27:88:0b:24:f5:81:e4:2b:32:
                    bb:e1:71:af:1a:ee:ff:10:52:1d:e5:18:18:75:18:
                    27:e1:33:b7:98:e0:3a:73:ca:68:2a:04:75:1e:00:
                    b8:33:35:23:12:66:fc:ac:c6:f9:ec:e2:d2:76:cd:
                    c6:4b:40:d5:3d:5d:be:b9:bf:c6:a2:3f:5b:11:5e:
                    3b:f0:2d:bd:26:a7:72:98:18:38:3a:88:27:ef:b8:
                    8a:af:2b:a7:a3:9e:39:7a:78:e6:5a:d2:ea:6b:8c:
                    4b:2e:c1:c0:82:75:55:2e:5b:ff:16:d7:b3:12:3c:
                    ac:f6:53:cb:49:f9:7a:6d:c1:dc:9b:c2:15:12:33:
                    3c:98:2c:76:3a:b6:15:d1:90:b7:8a:da:8e:7b:88:
                    eb:71:59:31:9c:4d:87:39:b5:3d:49:90:9b:64:fa:
                    ba:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:45:E7:F4:5C:06:83:DB:16:F7:27:E1:89:26:3E:ED:54:4F:1F:20
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d2111a87-74cd-418d-939a-9f31537e46ec.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.46.53.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:1c:f7:9a:77:3d:f5:7e:20:1a:5f:dc:67:5b:b2:f9:e2:d2:
         67:58:0b:9a:b9:89:67:3d:71:82:21:0b:b7:75:03:05:70:18:
         df:c2:e0:c5:7b:f8:17:4e:a8:4e:2a:34:3f:54:71:13:3b:d9:
         52:c4:f5:ca:b0:8b:f4:91:3e:9b:a2:9c:be:22:fe:ab:72:ff:
         5d:69:bb:e7:94:91:2b:76:27:29:02:f3:92:28:eb:ec:6e:8b:
         5a:cc:8c:b0:f3:03:67:7d:12:09:a0:a8:a2:76:ee:e4:3d:eb:
         3f:14:04:9a:91:b9:6c:08:ce:4d:8d:b9:8f:df:5f:6c:27:fc:
         40:49:62:d0:97:f6:18:09:a3:1f:02:9e:ef:68:e3:1f:14:55:
         5a:00:43:19:e1:19:c6:06:66:83:32:f7:4a:fb:74:8b:ec:95:
         00:92:88:ae:ea:c1:43:60:10:b0:a6:1b:c8:e3:17:a7:1a:22:
         ad:86:c7:22:9c:2a:c3:71:90:56:78:c4:5b:ba:dd:fa:fc:dd:
         04:39:e4:ed:5e:de:6f:b5:7d:12:d2:4d:f6:2e:97:91:05:1f:
         d5:a0:ac:ba:ca:69:d7:28:dc:e6:5d:46:29:42:d7:6e:e7:3e:
         4f:d6:4a:de:c7:6c:3b:0c:d0:da:44:fa:69:e6:5a:d6:a9:93:
         05:41:b7:f6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDpYOcpBkkULusDighT34Se3DSPYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE4MTMzMDIyWhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5OWNjMjI3YThjOTA2NWQ4NjVhZDQ1ZWM3YzVhYTRlNjIx
MDNkNDg5MjE3NzliMjYzZTIzMmRiYzlhMzczN2YxMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3fJ5etbVD/ZL2WKGxVzhwxucIoj56vWDWB8QRmt70v3Jz
G5VD6dqE7Ye7PoQa+DrbcxvsnPsjJWbRJOPz69yrjl+vQmFk+sookgFDKEp403JI
0TirU4UPgojAVel/YCeICyT1geQrMrvhca8a7v8QUh3lGBh1GCfhM7eY4Dpzymgq
BHUeALgzNSMSZvysxvns4tJ2zcZLQNU9Xb65v8aiP1sRXjvwLb0mp3KYGDg6iCfv
uIqvK6ejnjl6eOZa0uprjEsuwcCCdVUuW/8W17MSPKz2U8tJ+XptwdybwhUSMzyY
LHY6thXRkLeK2o57iOtxWTGcTYc5tT1JkJtk+rorAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5kXn9FwGg9sW9yfhiSY+7VRPHyAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2QyMTExYTg3LTc0Y2QtNDE4ZC05MzlhLTlmMzE1MzdlNDZlYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA0LjUwDQYJKoZIhvcNAQELBQADggEBAGUc95p3PfV+IBpf3Gdbsvni0mdY
C5q5iWc9cYIhC7d1AwVwGN/C4MV7+BdOqE4qND9UcRM72VLE9cqwi/SRPpuinL4i
/qty/11pu+eUkSt2JykC85Io6+xui1rMjLDzA2d9EgmgqKJ27uQ96z8UBJqRuWwI
zk2NuY/fX2wn/EBJYtCX9hgJox8Cnu9o4x8UVVoAQxnhGcYGZoMy90r7dIvslQCS
iK7qwUNgELCmG8jjF6caIq2GxyKcKsNxkFZ4xFu63fr83QQ55O1e3m+1fRLSTfYu
l5EFH9WgrLrKadco3OZdRilC127nPk/WSt7HbDsM0NpE+mnmWtapkwVBt/Y=
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:12:08 2025 by rpki-client