Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/dc1d84a1-c7dd-41ad-a8b0-11bd7703102b.roa
File:                     dc1d84a1-c7dd-41ad-a8b0-11bd7703102b.roa (raw, json)
Hash identifier:          FAVv9CdLF2msKpnEBx6+IqYls043cKoC18UBb7xB3R8=
Subject key identifier:   66:DA:13:D7:33:7F:83:D3:82:BC:97:E7:57:1A:10:CD:E2:E4:C4:72
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6BB88A33CD85808D0054C4C3B229B165CE157BC2
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/dc1d84a1-c7dd-41ad-a8b0-11bd7703102b.roa
Signing time:             Fri 17 Oct 2025 23:42:35 +0000
ROA not before:           Fri 17 Oct 2025 23:42:35 +0000
ROA not after:            Fri 21 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.192.115.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:b8:8a:33:cd:85:80:8d:00:54:c4:c3:b2:29:b1:65:ce:15:7b:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 17 23:42:35 2025 GMT
            Not After : Nov 21 23:59:59 2025 GMT
        Subject: serialNumber=305781074d774d5979f1435fe60ef78033090ff62c41f8f78d5e94f33933ec5a, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:75:26:bb:b3:a6:63:46:c0:c6:66:0e:66:e7:
                    8e:a7:b9:be:2d:d0:fc:ad:e5:c1:40:85:db:22:f2:
                    58:83:16:fc:98:dc:9f:80:f4:f9:8b:c8:85:84:a3:
                    d8:e2:8e:83:d4:68:f7:e7:f4:d9:78:7b:8a:52:9e:
                    a5:cc:0f:2f:fb:f4:e5:b1:38:e0:8f:6d:d1:9c:9d:
                    d6:18:62:f6:2f:09:df:74:1c:48:b3:b1:83:78:95:
                    69:bc:54:10:de:f9:c9:2f:59:1f:5a:bc:68:4c:68:
                    45:f8:b6:a2:94:c4:44:9e:e6:c6:6c:0a:f2:98:95:
                    bd:a3:73:b3:07:42:dd:4d:93:ca:54:7f:2f:b2:aa:
                    f7:40:af:b5:3a:1d:8d:07:c0:ce:6e:39:ff:5e:bd:
                    d2:62:d3:79:7f:d8:80:31:d5:69:6e:b8:99:85:dc:
                    a6:1c:45:a3:3c:32:8d:33:96:5a:92:2f:5c:8b:87:
                    96:2b:1d:d5:91:c1:f6:3e:d8:70:eb:63:b7:e9:7a:
                    b1:58:0d:17:16:f2:c3:86:98:b1:85:1e:c2:45:47:
                    3a:f1:3b:e1:3c:55:5b:5b:1a:94:62:48:43:9a:7c:
                    83:88:4f:4a:4d:da:af:2b:6b:dd:f7:ed:90:b0:c4:
                    2d:07:e0:57:64:39:a6:ab:be:ce:0c:d5:2b:6d:d9:
                    19:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:DA:13:D7:33:7F:83:D3:82:BC:97:E7:57:1A:10:CD:E2:E4:C4:72
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/dc1d84a1-c7dd-41ad-a8b0-11bd7703102b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.192.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:70:3c:a0:cf:c5:b6:e3:15:f6:c8:2f:ac:46:be:3c:0b:ff:
         13:c0:ea:3c:65:ad:24:44:a2:3a:3c:f9:8a:32:7e:8d:da:de:
         ae:5c:f1:45:d1:f6:fa:f3:a8:fc:97:cf:6d:aa:a1:ff:ca:ae:
         ae:e1:6f:65:36:03:c9:7a:4b:e3:45:bb:2b:a2:e3:56:01:52:
         f8:a1:c8:b0:0f:0c:b3:c8:a9:4c:8c:60:bd:5d:42:26:e4:f6:
         4c:55:92:a7:04:56:ad:3f:f5:c0:a5:c1:a9:81:3f:97:41:93:
         16:69:c7:49:bd:83:bb:58:16:89:5d:77:30:58:3b:ad:c0:ce:
         8f:66:f4:65:77:fd:c0:aa:fa:d5:c5:63:01:30:a6:41:a2:39:
         9f:0b:e9:9e:c2:42:58:05:27:5a:fb:49:17:e6:b9:b3:9d:d5:
         f7:20:d9:d0:1c:e1:e3:46:52:46:a5:6a:9f:cb:54:6c:20:eb:
         f3:8d:d4:26:e5:27:23:55:f4:2f:e2:d0:42:fe:86:46:e6:13:
         da:02:47:94:d9:15:c3:68:71:a7:49:c8:1a:66:86:45:0b:96:
         79:47:bc:70:bb:24:15:af:0e:8e:32:81:7b:87:80:7f:50:cc:
         90:56:28:bf:4b:74:04:74:b1:06:6c:cb:ae:e6:cb:05:f9:78:
         b8:e6:15:23
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUa7iKM82FgI0AVMTDsimxZc4Ve8IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE3MjM0MjM1WhcNMjUxMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AzMDU3ODEwNzRkNzc0ZDU5NzlmMTQzNWZlNjBlZjc4MDMz
MDkwZmY2MmM0MWY4Zjc4ZDVlOTRmMzM5MzNlYzVhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLdSa7s6ZjRsDGZg5m546nub4t0Pyt5cFAhdsi8liDFvyY
3J+A9PmLyIWEo9jijoPUaPfn9Nl4e4pSnqXMDy/79OWxOOCPbdGcndYYYvYvCd90
HEizsYN4lWm8VBDe+ckvWR9avGhMaEX4tqKUxESe5sZsCvKYlb2jc7MHQt1Nk8pU
fy+yqvdAr7U6HY0HwM5uOf9evdJi03l/2IAx1WluuJmF3KYcRaM8Mo0zllqSL1yL
h5YrHdWRwfY+2HDrY7fperFYDRcW8sOGmLGFHsJFRzrxO+E8VVtbGpRiSEOafIOI
T0pN2q8ra9337ZCwxC0H4FdkOaarvs4M1Stt2Rm9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUZtoT1zN/g9OCvJfnVxoQzeLkxHIwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2RjMWQ4NGExLWM3ZGQtNDFhZC1hOGIwLTExYmQ3NzAzMTAyYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA2wHMwDQYJKoZIhvcNAQELBQADggEBAJRwPKDPxbbjFfbIL6xGvjwL/xPA
6jxlrSREojo8+Yoyfo3a3q5c8UXR9vrzqPyXz22qof/Krq7hb2U2A8l6S+NFuyui
41YBUvihyLAPDLPIqUyMYL1dQibk9kxVkqcEVq0/9cClwamBP5dBkxZpx0m9g7tY
FolddzBYO63Azo9m9GV3/cCq+tXFYwEwpkGiOZ8L6Z7CQlgFJ1r7SRfmubOd1fcg
2dAc4eNGUkalap/LVGwg6/ON1CblJyNV9C/i0EL+hkbmE9oCR5TZFcNocadJyBpm
hkULlnlHvHC7JBWvDo4ygXuHgH9QzJBWKL9LdAR0sQZsy67mywX5eLjmFSM=
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:58:50 2025 by rpki-client