Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ed189534-d2e4-4332-b337-1944b2e9e431.roa
File:                     ed189534-d2e4-4332-b337-1944b2e9e431.roa (raw, json)
Hash identifier:          4S12KXl8ygalmi1mymlogKfF3qk7NDksthWPM3X66Fk=
Subject key identifier:   26:ED:63:BD:97:F5:29:22:9C:34:31:7B:A1:97:F3:6A:B0:E4:9F:F6
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0B6ED0E1845C9EF5776246145C95E00F3B25AB69
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ed189534-d2e4-4332-b337-1944b2e9e431.roa
Signing time:             Sat 18 Oct 2025 13:50:09 +0000
ROA not before:           Sat 18 Oct 2025 13:50:09 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.160.128.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:6e:d0:e1:84:5c:9e:f5:77:62:46:14:5c:95:e0:0f:3b:25:ab:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 18 13:50:09 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=283db96d75ccb5e276e5e42d5a23b96785cda4c9be7b9f640561a279bf2a40cf, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:17:49:f3:71:3a:ad:4e:5b:4a:58:f0:64:d5:
                    5f:ab:07:ad:e3:8a:11:40:e4:85:9c:6c:1b:78:1a:
                    55:d0:e9:e0:cd:c0:e1:28:7b:ca:42:39:b1:50:a9:
                    16:c3:89:c3:bc:34:b5:b3:f7:8b:1b:c1:2e:d8:48:
                    61:e7:ad:7d:a3:24:4d:84:c6:67:de:cc:ea:c5:8d:
                    48:49:a9:3d:11:6b:04:86:df:76:2b:25:42:42:5b:
                    8a:5d:e0:12:4e:1a:e5:da:de:d2:2b:9c:36:67:53:
                    70:42:7f:8c:71:2a:cf:dd:6f:00:02:72:88:d2:d8:
                    c1:89:44:67:35:31:6b:9d:ec:e5:42:eb:f7:eb:b9:
                    cc:4a:35:5e:42:18:d5:89:79:72:a8:1e:d6:1f:07:
                    1c:7e:28:6b:56:a3:0c:6e:8b:2e:70:44:cd:ab:aa:
                    3e:99:fb:d2:2f:1b:9a:3f:62:33:9a:7f:ef:e3:7a:
                    2d:f0:38:0b:11:8c:d1:c5:2d:5d:bf:72:5d:d0:25:
                    9c:5c:42:1b:e0:39:cd:61:85:0e:85:cd:90:18:1a:
                    16:ef:99:1f:69:c0:59:80:13:80:31:28:c8:50:85:
                    22:db:05:0e:79:69:81:22:42:f9:30:4f:2d:ba:36:
                    92:c9:12:56:f0:73:01:90:dc:b3:ab:dd:a3:47:07:
                    46:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:ED:63:BD:97:F5:29:22:9C:34:31:7B:A1:97:F3:6A:B0:E4:9F:F6
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ed189534-d2e4-4332-b337-1944b2e9e431.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.160.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         47:08:36:2e:16:bf:d3:48:c5:63:d4:c6:bb:ae:ff:16:97:4c:
         f5:27:f6:23:f3:74:3d:97:d5:46:18:e6:8a:14:24:d2:66:82:
         a5:24:78:6b:9f:b4:84:a8:06:dc:6e:e5:49:67:06:fe:41:e4:
         40:24:23:09:28:c9:23:8c:5d:88:be:4a:79:e2:79:84:39:a7:
         52:56:74:1c:07:d9:26:42:0c:d7:06:f8:d3:14:2a:c9:09:f5:
         e9:19:fa:75:7f:10:90:36:44:ab:91:40:c3:75:57:84:b9:35:
         1f:5e:23:cb:07:3b:06:a4:52:fa:8e:d0:5d:6c:fd:5d:5e:fa:
         49:03:5d:63:51:15:ee:7b:18:f2:43:54:f7:bf:5c:a8:9b:d6:
         94:38:d6:d2:7f:5c:ee:ef:00:ea:f5:98:57:52:c6:d1:1d:ae:
         84:5e:20:b3:30:15:4d:f5:fa:8c:30:c2:fa:8b:20:74:3c:26:
         7b:1d:0f:49:9d:ad:21:dc:25:2c:48:c3:ec:95:3f:ae:73:6b:
         b7:3b:b0:da:0f:09:71:e1:dc:d3:05:1e:2a:89:d1:5d:ff:83:
         7b:e6:98:97:3b:fa:8f:68:2a:09:b7:fe:19:63:cf:6a:98:02:
         65:2f:30:e9:a5:c5:9d:09:bd:da:dc:d6:af:2e:15:af:b5:e1:
         fa:d8:64:fa
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUC27Q4YRcnvV3YkYUXJXgDzslq2kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE4MTM1MDA5WhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0AyODNkYjk2ZDc1Y2NiNWUyNzZlNWU0MmQ1YTIzYjk2Nzg1
Y2RhNGM5YmU3YjlmNjQwNTYxYTI3OWJmMmE0MGNmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWF0nzcTqtTltKWPBk1V+rB63jihFA5IWcbBt4GlXQ6eDN
wOEoe8pCObFQqRbDicO8NLWz94sbwS7YSGHnrX2jJE2ExmfezOrFjUhJqT0RawSG
33YrJUJCW4pd4BJOGuXa3tIrnDZnU3BCf4xxKs/dbwACcojS2MGJRGc1MWud7OVC
6/frucxKNV5CGNWJeXKoHtYfBxx+KGtWowxuiy5wRM2rqj6Z+9IvG5o/YjOaf+/j
ei3wOAsRjNHFLV2/cl3QJZxcQhvgOc1hhQ6FzZAYGhbvmR9pwFmAE4AxKMhQhSLb
BQ55aYEiQvkwTy26NpLJElbwcwGQ3LOr3aNHB0a3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUJu1jvZf1KSKcNDF7oZfzarDkn/YwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2VkMTg5NTM0LWQyZTQtNDMzMi1iMzM3LTE5NDRiMmU5ZTQzMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAcSoIAwDQYJKoZIhvcNAQELBQADggEBAEcINi4Wv9NIxWPUxruu/xaXTPUn
9iPzdD2X1UYY5ooUJNJmgqUkeGuftISoBtxu5UlnBv5B5EAkIwkoySOMXYi+Snni
eYQ5p1JWdBwH2SZCDNcG+NMUKskJ9ekZ+nV/EJA2RKuRQMN1V4S5NR9eI8sHOwak
UvqO0F1s/V1e+kkDXWNRFe57GPJDVPe/XKib1pQ41tJ/XO7vAOr1mFdSxtEdroRe
ILMwFU31+owwwvqLIHQ8JnsdD0mdrSHcJSxIw+yVP65za7c7sNoPCXHh3NMFHiqJ
0V3/g3vmmJc7+o9oKgm3/hljz2qYAmUvMOmlxZ0Jvdrc1q8uFa+14frYZPo=
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:08:10 2025 by rpki-client