Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/dcff3ac3-db09-4ba9-b777-4c029c18793b.roa
File:                     dcff3ac3-db09-4ba9-b777-4c029c18793b.roa (raw, json)
Hash identifier:          XJrgjOXz0YyeCp7+AEF28FuttW+bGWzbsXlPEXf+7wY=
Subject key identifier:   A4:D3:E5:1C:FA:B6:E9:DB:FF:77:9A:68:22:6C:6B:AE:8D:FC:59:AB
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       204661D73F79D1570EA2A58CB1B6CDF4FBD2C922
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/dcff3ac3-db09-4ba9-b777-4c029c18793b.roa
Signing time:             Sat 18 Oct 2025 10:51:16 +0000
ROA not before:           Sat 18 Oct 2025 10:51:16 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.238.215.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:46:61:d7:3f:79:d1:57:0e:a2:a5:8c:b1:b6:cd:f4:fb:d2:c9:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 18 10:51:16 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=684fad51ddd6bac39df327bbf783f7f6a88b3fb0f3c91a3a291d9c068b939597, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:4a:17:63:30:18:0e:bc:08:25:d9:67:b5:76:
                    73:3c:84:5d:f9:47:17:b2:ae:4c:9e:1b:7e:26:50:
                    55:86:29:7c:e2:2c:da:e3:4f:2f:bb:bc:8b:26:80:
                    c8:c4:3d:c7:fb:88:f5:77:fa:e9:9f:dc:7f:84:b6:
                    5e:f9:7b:1c:d2:e1:2e:3a:a5:f8:19:18:f8:63:5f:
                    7b:a0:67:72:b1:91:56:65:0c:c2:59:df:b4:f1:02:
                    4a:68:50:1e:46:c9:47:d7:5e:7d:6a:cc:3f:f9:45:
                    48:36:4c:f9:76:45:36:b0:7d:15:a8:e9:00:2a:8b:
                    b0:7b:ca:87:42:00:36:4a:81:ea:47:5c:7e:2c:1f:
                    ae:55:91:71:52:fb:6e:a1:f5:bc:52:f0:a6:17:dd:
                    91:0b:1a:ad:c4:cf:c0:94:1c:9f:99:c7:71:34:23:
                    95:26:dc:84:19:d8:5f:b2:1f:22:e5:11:03:cc:64:
                    bb:3a:5b:52:ac:4a:0f:99:db:ee:19:f5:a3:46:74:
                    f2:99:ad:55:75:e6:e8:ec:6a:c5:1a:0e:97:7b:f1:
                    34:e3:17:04:ea:8f:50:93:6f:c5:bf:3e:68:04:47:
                    54:87:3d:f7:6d:d6:1b:b3:6f:18:90:ec:45:c0:eb:
                    40:a9:a3:60:7e:ef:e4:28:c5:e9:5f:68:20:43:3b:
                    99:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:D3:E5:1C:FA:B6:E9:DB:FF:77:9A:68:22:6C:6B:AE:8D:FC:59:AB
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/dcff3ac3-db09-4ba9-b777-4c029c18793b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.238.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:47:e8:88:48:c1:9f:f3:2d:e8:0b:3f:dc:e8:cb:d9:87:4d:
         fb:20:62:03:39:ab:a0:1a:27:fe:d8:53:90:03:b8:46:52:34:
         65:18:a2:e4:31:3f:14:0f:6a:70:e0:30:73:a6:32:db:53:5d:
         20:a8:dc:91:4b:97:b4:47:b3:ab:91:e2:0a:2a:be:19:4f:51:
         e7:99:68:bd:de:ba:1d:29:bb:c0:40:2c:21:0b:57:b4:e8:db:
         1e:7a:e0:2e:fd:84:64:68:0b:08:18:3e:79:0b:c3:55:82:0b:
         2f:f9:1b:ca:8d:4e:d4:25:63:09:b3:52:6e:aa:5d:df:71:ac:
         ac:ea:52:2b:8f:c9:73:d8:4e:aa:10:c0:f2:f4:bb:d2:a1:e6:
         2c:c4:9a:bd:eb:fc:82:31:23:8e:dd:b4:05:15:f6:12:dd:62:
         07:e2:3d:5b:73:12:71:4f:64:0e:5b:8a:85:2d:92:59:31:df:
         25:29:d2:78:04:70:c6:ba:e1:ed:f6:66:29:2f:dd:72:77:ed:
         d9:57:a6:de:df:d3:e8:ac:78:1c:67:8d:19:b5:2e:22:c2:b5:
         13:35:c1:5b:b5:42:1c:1f:35:bf:6e:d5:cb:e0:c6:6b:48:20:
         ee:33:6c:cc:37:a3:65:af:a8:fa:b3:b3:d0:96:62:1c:69:89:
         41:51:84:70
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIEZh1z950VcOoqWMsbbN9PvSySIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE4MTA1MTE2WhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A2ODRmYWQ1MWRkZDZiYWMzOWRmMzI3YmJmNzgzZjdmNmE4
OGIzZmIwZjNjOTFhM2EyOTFkOWMwNjhiOTM5NTk3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpShdjMBgOvAgl2We1dnM8hF35RxeyrkyeG34mUFWGKXzi
LNrjTy+7vIsmgMjEPcf7iPV3+umf3H+Etl75exzS4S46pfgZGPhjX3ugZ3KxkVZl
DMJZ37TxAkpoUB5GyUfXXn1qzD/5RUg2TPl2RTawfRWo6QAqi7B7yodCADZKgepH
XH4sH65VkXFS+26h9bxS8KYX3ZELGq3Ez8CUHJ+Zx3E0I5Um3IQZ2F+yHyLlEQPM
ZLs6W1KsSg+Z2+4Z9aNGdPKZrVV15ujsasUaDpd78TTjFwTqj1CTb8W/PmgER1SH
Pfdt1huzbxiQ7EXA60Cpo2B+7+QoxelfaCBDO5k7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUpNPlHPq26dv/d5poImxrro38WaswHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2RjZmYzYWMzLWRiMDktNGJhOS1iNzc3LTRjMDI5YzE4NzkzYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAS7tcwDQYJKoZIhvcNAQELBQADggEBALRH6IhIwZ/zLegLP9zoy9mHTfsg
YgM5q6AaJ/7YU5ADuEZSNGUYouQxPxQPanDgMHOmMttTXSCo3JFLl7RHs6uR4goq
vhlPUeeZaL3euh0pu8BALCELV7To2x564C79hGRoCwgYPnkLw1WCCy/5G8qNTtQl
YwmzUm6qXd9xrKzqUiuPyXPYTqoQwPL0u9Kh5izEmr3r/IIxI47dtAUV9hLdYgfi
PVtzEnFPZA5bioUtklkx3yUp0ngEcMa64e32Zikv3XJ37dlXpt7f0+iseBxnjRm1
LiLCtRM1wVu1QhwfNb9u1cvgxmtIIO4zbMw3o2WvqPqzs9CWYhxpiUFRhHA=
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:03:08 2025 by rpki-client