Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e1f0a816-1364-4917-888a-675b4cccc750.roa
File:                     e1f0a816-1364-4917-888a-675b4cccc750.roa (raw, json)
Hash identifier:          sMGh6kUcSnqirOpFX8xdVwiuDveRTl7rfKbJk/cUiU0=
Subject key identifier:   8E:80:FD:54:C7:DE:CB:CE:E1:53:1F:4E:3D:D4:66:EA:C1:B0:1C:1E
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6A094FA60B71FA6FF47A7C94582792CCC9397C35
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e1f0a816-1364-4917-888a-675b4cccc750.roa
Signing time:             Fri 26 Sep 2025 16:04:57 +0000
ROA not before:           Fri 26 Sep 2025 16:04:57 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        170.58.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:09:4f:a6:0b:71:fa:6f:f4:7a:7c:94:58:27:92:cc:c9:39:7c:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 26 16:04:57 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=b9f4d4e2d13aad6815508ff7274e4ae455c0109f380e1cd242a246f91f8db962, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:39:66:6c:75:1d:89:63:23:2e:9c:e9:17:1c:
                    53:2f:89:ce:28:2b:ee:00:88:dd:71:c8:41:e8:88:
                    c3:6a:84:8d:45:30:7d:20:11:51:9b:57:f9:9b:fe:
                    9f:a0:3d:76:20:72:2a:31:00:6a:8b:82:98:ac:2b:
                    f9:11:da:d8:2b:06:2f:9d:3a:45:1e:47:86:cd:e1:
                    71:92:4f:a5:5d:d8:07:c0:38:63:41:df:4a:9c:ea:
                    be:80:e8:cd:e3:50:a6:7f:bf:fb:f2:18:0b:2e:b0:
                    d4:5f:76:7a:d4:96:31:21:26:88:11:e2:2d:88:89:
                    22:15:e6:55:c9:aa:a0:b3:ab:6b:1c:0b:97:5f:09:
                    9a:93:e2:3c:a6:fd:d4:09:fc:4a:ee:9a:9e:16:ca:
                    ba:eb:4a:ef:78:24:83:8e:f5:19:6b:9c:ae:c9:28:
                    d0:33:c9:f7:64:64:8a:9d:7e:3b:26:9f:f2:f0:e0:
                    06:09:86:90:30:69:ef:81:a0:98:2e:f9:a0:25:4a:
                    00:79:79:16:9d:96:ba:d7:43:f6:df:a3:84:33:f0:
                    8e:28:92:d9:cb:bb:14:a0:aa:6c:84:70:b1:af:aa:
                    f6:cf:03:98:83:ac:d9:d1:4d:22:94:dd:5b:ba:47:
                    2d:17:5a:89:09:e4:ec:6c:90:ea:ca:58:bf:f5:32:
                    bb:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:80:FD:54:C7:DE:CB:CE:E1:53:1F:4E:3D:D4:66:EA:C1:B0:1C:1E
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e1f0a816-1364-4917-888a-675b4cccc750.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.58.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         40:90:4e:b5:83:98:08:0c:58:23:f9:a5:fa:59:4c:6e:b2:d5:
         16:9d:74:6e:70:e1:03:03:a1:1d:54:1b:37:a0:d4:2f:c7:bf:
         49:30:01:d8:9d:4e:66:4b:ba:b4:5c:8f:e9:a2:61:7d:a6:ae:
         77:76:ff:58:6e:c3:5a:29:f2:b3:c2:2f:72:af:2f:18:41:6c:
         d1:d3:b7:6e:da:92:22:60:61:81:b1:a4:08:07:88:69:10:47:
         cd:04:15:99:4d:d1:16:20:e7:5d:0e:08:25:a9:54:88:28:0b:
         2f:4b:da:22:ac:72:bc:b4:b9:18:36:0d:f5:6a:15:f8:5d:d1:
         be:2a:7d:ae:57:93:56:68:3e:8c:5a:75:b9:86:30:3c:21:d8:
         43:c7:ea:e3:e8:4e:70:3b:a5:dc:61:9f:d9:73:ce:07:6c:00:
         bd:79:f2:1e:9f:a9:5a:5a:c4:14:4e:67:aa:60:cd:48:b2:e8:
         2d:b3:6b:92:af:53:01:ea:15:4d:38:ee:63:81:14:f8:5e:23:
         dc:51:04:d0:b8:f8:79:56:d9:43:c2:a1:26:84:64:15:3d:f6:
         3b:5e:82:a9:a8:23:c6:c6:1b:0b:02:de:50:f3:ba:3f:bf:61:
         9a:22:02:3a:f4:20:7a:a2:31:05:db:bb:5e:94:b7:a3:21:25:
         02:5a:18:65
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUaglPpgtx+m/0enyUWCeSzMk5fDUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI2MTYwNDU3WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiOWY0ZDRlMmQxM2FhZDY4MTU1MDhmZjcyNzRlNGFlNDU1
YzAxMDlmMzgwZTFjZDI0MmEyNDZmOTFmOGRiOTYyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyOWZsdR2JYyMunOkXHFMvic4oK+4AiN1xyEHoiMNqhI1F
MH0gEVGbV/mb/p+gPXYgcioxAGqLgpisK/kR2tgrBi+dOkUeR4bN4XGST6Vd2AfA
OGNB30qc6r6A6M3jUKZ/v/vyGAsusNRfdnrUljEhJogR4i2IiSIV5lXJqqCzq2sc
C5dfCZqT4jym/dQJ/Erump4WyrrrSu94JIOO9RlrnK7JKNAzyfdkZIqdfjsmn/Lw
4AYJhpAwae+BoJgu+aAlSgB5eRadlrrXQ/bfo4Qz8I4oktnLuxSgqmyEcLGvqvbP
A5iDrNnRTSKU3Vu6Ry0XWokJ5OxskOrKWL/1MruNAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUjoD9VMfey87hUx9OPdRm6sGwHB4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2UxZjBhODE2LTEzNjQtNDkxNy04ODhhLTY3NWI0Y2NjYzc1MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCqOjANBgkqhkiG9w0BAQsFAAOCAQEAQJBOtYOYCAxYI/ml+llMbrLVFp10
bnDhAwOhHVQbN6DUL8e/STAB2J1OZku6tFyP6aJhfaaud3b/WG7DWinys8Ivcq8v
GEFs0dO3btqSImBhgbGkCAeIaRBHzQQVmU3RFiDnXQ4IJalUiCgLL0vaIqxyvLS5
GDYN9WoV+F3Rvip9rleTVmg+jFp1uYYwPCHYQ8fq4+hOcDul3GGf2XPOB2wAvXny
Hp+pWlrEFE5nqmDNSLLoLbNrkq9TAeoVTTjuY4EU+F4j3FEE0Lj4eVbZQ8KhJoRk
FT32O16CqagjxsYbCwLeUPO6P79hmiICOvQgeqIxBdu7XpS3oyElAloYZQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:04:08 2025 by rpki-client