Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e36adac9-e07b-4bfb-a010-ba91f9df170a.roa
File:                     e36adac9-e07b-4bfb-a010-ba91f9df170a.roa (raw, json)
Hash identifier:          RPHoNsIY/4cI01g76SIAl0nvLs3+sUKrJNF3NKC6Fak=
Subject key identifier:   33:C5:B9:B3:59:11:DF:F9:B9:A1:B0:7B:2A:D1:10:F8:68:08:4B:3F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       627480F3147A6AEF24EE1A19E32C1107E8CF42F7
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e36adac9-e07b-4bfb-a010-ba91f9df170a.roa
Signing time:             Sat 18 Oct 2025 05:30:22 +0000
ROA not before:           Sat 18 Oct 2025 05:30:22 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.253.96.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:74:80:f3:14:7a:6a:ef:24:ee:1a:19:e3:2c:11:07:e8:cf:42:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 18 05:30:22 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=0543c1511674ebb419879286d4377f0fa9b32807eb1a5e60f7b8f96f1170a8a8, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:f5:9e:6b:b8:01:92:b3:a5:20:e8:98:a3:39:
                    67:9e:e5:a4:2d:d2:48:27:7b:21:86:f7:4b:15:83:
                    99:81:0b:8e:43:82:ab:2c:3a:73:1b:29:2c:f3:a8:
                    63:fb:58:92:f9:af:78:51:0d:04:29:4c:6d:4f:34:
                    6c:0a:93:81:57:44:b3:53:58:de:c6:5b:b0:cd:96:
                    ac:e0:16:c1:49:56:b9:52:f8:b6:de:8e:c6:fd:44:
                    8b:c6:20:b4:ac:b7:f3:19:59:ba:df:2a:90:78:81:
                    87:22:6d:37:42:ab:3b:50:fc:6e:7b:e5:5e:f9:8f:
                    27:99:bf:fd:16:a3:7b:b7:5a:00:4e:e5:49:af:59:
                    07:4a:20:f5:36:bf:31:48:99:8b:11:37:4a:be:ae:
                    59:ce:8a:a2:fc:07:26:df:4a:18:4f:15:2a:70:1b:
                    f6:aa:ee:96:42:26:91:48:67:e7:d6:73:39:66:cc:
                    25:68:bc:54:e9:93:5d:a0:8c:23:e9:50:5d:a6:2f:
                    7b:df:65:74:79:42:da:bf:43:c1:97:03:a3:da:00:
                    81:3d:18:64:5d:1d:ec:c2:e0:1a:e9:4a:e3:79:66:
                    31:f0:b5:89:e7:63:03:41:d1:f1:e7:b8:b6:e0:7c:
                    ad:56:06:0b:71:ab:08:69:9b:51:7c:07:f3:11:5d:
                    56:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:C5:B9:B3:59:11:DF:F9:B9:A1:B0:7B:2A:D1:10:F8:68:08:4B:3F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e36adac9-e07b-4bfb-a010-ba91f9df170a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.253.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         3f:5b:13:60:e5:24:9b:ec:c2:a3:45:ac:5b:92:80:9a:ff:95:
         0a:88:1d:cf:d7:8c:75:f1:83:f9:6e:8b:d7:d8:0a:e0:7d:fd:
         82:35:f5:35:60:47:4e:00:27:2d:4c:30:43:a2:b3:c4:dd:e4:
         4c:a7:11:82:e0:7d:c4:82:13:b4:68:6b:79:e4:ed:17:bd:5f:
         21:63:04:39:b2:fd:86:19:bc:6c:fe:bf:41:9d:6d:c8:ed:40:
         7f:5e:bc:0a:25:2f:f3:65:24:70:10:23:3a:63:ec:9e:ac:34:
         b0:87:b2:79:52:fa:4b:50:d9:c4:00:78:da:b1:0d:87:a7:19:
         71:7f:93:dc:ac:a3:2f:f2:36:4f:0a:07:73:fc:9a:41:33:fb:
         fa:1c:3b:8f:7e:5b:99:95:e8:4e:8c:bd:9e:8c:37:e4:68:96:
         73:6e:fe:32:49:7b:97:c0:78:04:6b:2a:35:10:57:c6:eb:60:
         b2:49:67:62:cc:56:ef:33:77:70:61:4f:50:29:06:48:80:42:
         32:64:d1:38:12:43:de:c9:c6:90:cb:a0:2f:5a:f7:d2:a3:80:
         f5:d6:ec:a5:57:91:6a:a6:ed:ab:39:52:3d:90:84:d6:84:fe:
         bd:ef:f7:16:2f:a7:25:d8:2f:07:fd:1b:24:be:1c:3b:e7:da:
         27:db:c9:a7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYnSA8xR6au8k7hoZ4ywRB+jPQvcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE4MDUzMDIyWhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0AwNTQzYzE1MTE2NzRlYmI0MTk4NzkyODZkNDM3N2YwZmE5
YjMyODA3ZWIxYTVlNjBmN2I4Zjk2ZjExNzBhOGE4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDK9Z5ruAGSs6Ug6JijOWee5aQt0kgneyGG90sVg5mBC45D
gqssOnMbKSzzqGP7WJL5r3hRDQQpTG1PNGwKk4FXRLNTWN7GW7DNlqzgFsFJVrlS
+Lbejsb9RIvGILSst/MZWbrfKpB4gYcibTdCqztQ/G575V75jyeZv/0Wo3u3WgBO
5UmvWQdKIPU2vzFImYsRN0q+rlnOiqL8BybfShhPFSpwG/aq7pZCJpFIZ+fWczlm
zCVovFTpk12gjCPpUF2mL3vfZXR5Qtq/Q8GXA6PaAIE9GGRdHezC4BrpSuN5ZjHw
tYnnYwNB0fHnuLbgfK1WBgtxqwhpm1F8B/MRXVY3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUM8W5s1kR3/m5obB7KtEQ+GgISz8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2UzNmFkYWM5LWUwN2ItNGJmYi1hMDEwLWJhOTFmOWRmMTcwYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQ2/WAwDQYJKoZIhvcNAQELBQADggEBAD9bE2DlJJvswqNFrFuSgJr/lQqI
Hc/XjHXxg/lui9fYCuB9/YI19TVgR04AJy1MMEOis8Td5EynEYLgfcSCE7Roa3nk
7Re9XyFjBDmy/YYZvGz+v0GdbcjtQH9evAolL/NlJHAQIzpj7J6sNLCHsnlS+ktQ
2cQAeNqxDYenGXF/k9ysoy/yNk8KB3P8mkEz+/ocO49+W5mV6E6MvZ6MN+RolnNu
/jJJe5fAeARrKjUQV8brYLJJZ2LMVu8zd3BhT1ApBkiAQjJk0TgSQ97JxpDLoC9a
99KjgPXW7KVXkWqm7as5Uj2QhNaE/r3v9xYvpyXYLwf9GyS+HDvn2ifbyac=
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:56:46 2025 by rpki-client