Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f8310f48-21ad-4896-a95f-54c5ea8de0af.roa
File:                     f8310f48-21ad-4896-a95f-54c5ea8de0af.roa (raw, json)
Hash identifier:          q246EuOOWziVTySYbno+QZm4U0sNRnW8vFdvZkkYDNM=
Subject key identifier:   A7:D9:FD:8E:A8:81:E8:2A:C2:93:2E:35:E0:06:86:04:00:3C:F4:07
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7A3C0B16B39D48A445FD4CD13A5D66AB89149F8F
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f8310f48-21ad-4896-a95f-54c5ea8de0af.roa
Signing time:             Sat 18 Oct 2025 10:12:21 +0000
ROA not before:           Sat 18 Oct 2025 10:12:21 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.165.218.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:3c:0b:16:b3:9d:48:a4:45:fd:4c:d1:3a:5d:66:ab:89:14:9f:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 18 10:12:21 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=4ad905cbddbf0973372e50f02d2c9cb60fbd2c5475aea771551e7cf86afd0565, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:92:4f:56:a2:86:ec:74:92:a7:23:82:9a:3e:
                    aa:89:53:dd:9e:a7:11:81:0b:22:c2:48:f1:b4:d4:
                    d3:8a:e7:35:b7:93:e5:83:48:2c:2c:3f:ac:6c:fa:
                    79:df:f4:e5:6f:32:f2:4d:af:25:0a:63:3c:5a:72:
                    3b:1c:f6:0c:50:da:b4:72:63:f5:6c:1b:a4:59:5e:
                    76:f1:cf:7b:0a:56:22:e5:6c:60:d4:4c:dd:87:55:
                    32:9b:cf:4f:0c:d4:87:15:32:ee:21:0b:86:12:4d:
                    e3:3c:09:a0:79:b4:4b:81:6b:4d:55:66:34:dc:95:
                    b0:2d:c7:a1:13:2a:8a:84:28:00:e0:96:62:a2:6e:
                    e7:ae:45:68:e7:d3:69:c9:ec:2e:d7:c9:fb:04:bb:
                    3a:a2:65:72:b6:cd:ca:3c:6a:c6:4f:46:d7:82:4b:
                    1c:ed:fc:a5:01:1e:13:e6:ae:4a:c4:76:18:2c:c5:
                    61:76:5e:27:59:94:2e:5f:cd:c4:b2:5f:ed:a8:2d:
                    41:5a:1f:7f:5f:65:93:b1:c4:68:84:1a:c2:49:c1:
                    4d:95:46:c1:5b:0e:f4:b9:dd:ec:b1:53:e2:37:46:
                    e7:aa:4a:42:40:dc:19:56:a4:e7:86:80:fe:48:d3:
                    3d:48:5f:74:82:6e:6b:81:d0:2e:cf:59:69:cf:6a:
                    d0:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:D9:FD:8E:A8:81:E8:2A:C2:93:2E:35:E0:06:86:04:00:3C:F4:07
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f8310f48-21ad-4896-a95f-54c5ea8de0af.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.165.218.0/23

    Signature Algorithm: sha256WithRSAEncryption
         41:35:97:d9:7a:e4:49:19:e4:c9:92:70:53:68:69:71:93:68:
         bf:c8:e5:63:37:ed:75:4b:f4:83:7c:f0:8a:a1:6c:73:b8:09:
         b6:32:ee:b6:0b:8c:01:12:1f:98:21:53:86:b9:bd:8f:f3:63:
         64:a8:97:20:85:b8:85:52:1a:49:7b:0b:82:af:98:eb:e9:89:
         35:97:cf:24:f7:da:29:d4:3a:0f:10:0f:e6:ac:86:5f:08:26:
         91:fa:b6:ce:51:be:88:fa:78:82:3d:e5:67:50:1c:8a:cb:19:
         78:88:a2:4a:46:a2:74:05:32:c1:8d:69:a1:16:73:db:f6:7a:
         6c:fa:2a:d9:72:3c:14:89:27:f9:cb:b9:6a:9a:34:7a:f9:28:
         61:50:fe:1e:c3:ed:90:de:57:3d:25:f7:9f:9c:f9:ac:c5:83:
         5e:32:db:70:a1:e5:2e:4b:83:8d:1d:3d:fa:03:cf:f1:aa:dc:
         9f:74:11:8b:3e:ff:1c:0c:c5:9c:29:5e:63:12:7b:91:32:30:
         c7:74:48:b8:de:2e:4f:63:b1:d0:ef:c3:46:07:14:a7:d8:43:
         fe:38:20:30:2e:91:ce:ca:8e:19:5a:fc:4b:ad:cf:19:b1:fe:
         71:7d:cd:ef:db:6e:07:82:ee:39:00:e7:12:73:17:bd:dc:95:
         91:29:b4:55
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUejwLFrOdSKRF/UzROl1mq4kUn48wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE4MTAxMjIxWhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A0YWQ5MDVjYmRkYmYwOTczMzcyZTUwZjAyZDJjOWNiNjBm
YmQyYzU0NzVhZWE3NzE1NTFlN2NmODZhZmQwNTY1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCOkk9WoobsdJKnI4KaPqqJU92epxGBCyLCSPG01NOK5zW3
k+WDSCwsP6xs+nnf9OVvMvJNryUKYzxacjsc9gxQ2rRyY/VsG6RZXnbxz3sKViLl
bGDUTN2HVTKbz08M1IcVMu4hC4YSTeM8CaB5tEuBa01VZjTclbAtx6ETKoqEKADg
lmKibueuRWjn02nJ7C7XyfsEuzqiZXK2zco8asZPRteCSxzt/KUBHhPmrkrEdhgs
xWF2XidZlC5fzcSyX+2oLUFaH39fZZOxxGiEGsJJwU2VRsFbDvS53eyxU+I3Rueq
SkJA3BlWpOeGgP5I0z1IX3SCbmuB0C7PWWnPatDHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUp9n9jqiB6CrCky414AaGBAA89AcwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2Y4MzEwZjQ4LTIxYWQtNDg5Ni1hOTVmLTU0YzVlYThkZTBhZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAESpdowDQYJKoZIhvcNAQELBQADggEBAEE1l9l65EkZ5MmScFNoaXGTaL/I
5WM37XVL9IN88IqhbHO4CbYy7rYLjAESH5ghU4a5vY/zY2SolyCFuIVSGkl7C4Kv
mOvpiTWXzyT32inUOg8QD+ashl8IJpH6ts5Rvoj6eII95WdQHIrLGXiIokpGonQF
MsGNaaEWc9v2emz6KtlyPBSJJ/nLuWqaNHr5KGFQ/h7D7ZDeVz0l95+c+azFg14y
23Ch5S5Lg40dPfoDz/Gq3J90EYs+/xwMxZwpXmMSe5EyMMd0SLjeLk9jsdDvw0YH
FKfYQ/44IDAukc7Kjhla/Eutzxmx/nF9ze/bbgeC7jkA5xJzF73clZEptFU=
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:40:22 2025 by rpki-client