Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3e920445-55a0-4820-a968-654871f4bb8e.roa
File:                     3e920445-55a0-4820-a968-654871f4bb8e.roa (raw, json)
Hash identifier:          VXqjuRHx0ZzsuwZmRI9fyRdkzJwwNUy7Rcvx1V4UOI4=
Subject key identifier:   79:52:4F:65:79:42:91:65:7A:A7:F6:B7:33:45:84:65:27:AF:06:4E
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       082DF316FBE1317F5D7AB53BA1EF6C15FC00722D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3e920445-55a0-4820-a968-654871f4bb8e.roa
Signing time:             Fri 25 Jul 2025 15:20:14 +0000
ROA not before:           Fri 25 Jul 2025 15:20:14 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.100.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:2d:f3:16:fb:e1:31:7f:5d:7a:b5:3b:a1:ef:6c:15:fc:00:72:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 25 15:20:14 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=8b3e7ed08e13101021cba988d42a2e9eea1bf34bee5b51136eb23f76ea89ff41, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:08:8a:bf:d3:cb:b9:ff:13:fe:4c:fd:a0:ec:
                    a9:5f:11:d4:e0:89:02:5c:fd:f6:d6:3a:37:11:06:
                    af:a5:30:47:23:84:d9:b8:e6:71:de:5e:01:50:5a:
                    2a:07:88:3d:95:ec:64:16:54:8a:28:27:3e:f5:8e:
                    b8:ff:14:5e:fe:fb:5f:80:fd:41:fb:de:09:2d:83:
                    eb:4e:92:f7:ac:0f:06:95:e7:11:e4:d4:29:8f:32:
                    ff:58:64:41:00:63:43:9d:8d:0f:aa:3a:b6:ae:53:
                    d6:2e:d0:29:18:b2:a4:9b:f6:0a:60:79:a9:35:4a:
                    91:dd:60:f9:30:bd:02:07:75:d2:81:f7:82:79:04:
                    49:f8:82:8d:c8:07:56:91:c0:85:fe:4d:94:2d:36:
                    35:55:9e:4b:3c:16:ed:da:b0:d8:7a:f2:34:63:12:
                    00:35:09:ef:47:2f:f2:65:77:76:d0:85:e9:74:ad:
                    9f:26:8b:1a:e6:52:cd:f4:91:c0:ae:13:97:8d:d8:
                    8c:68:31:bd:eb:8e:39:95:d6:3a:41:ba:98:5d:30:
                    25:ca:e6:2e:49:d7:07:5a:50:b2:b6:17:28:19:34:
                    b2:fc:7b:e9:69:8e:12:f2:3d:5b:52:2e:09:b5:9d:
                    f4:fc:74:76:d6:fc:7b:00:87:e2:3b:dd:c8:02:be:
                    5c:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:52:4F:65:79:42:91:65:7A:A7:F6:B7:33:45:84:65:27:AF:06:4E
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3e920445-55a0-4820-a968-654871f4bb8e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.100.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         34:25:70:5a:60:6f:2d:9d:3e:a2:d9:39:89:e4:c5:ad:48:c7:
         1e:eb:e7:2f:51:dc:c0:fb:f0:eb:d6:39:0a:ec:fc:66:e3:bb:
         a5:60:8f:b4:0b:9f:15:ab:b9:7b:68:6f:48:f6:9c:b0:69:78:
         07:d6:fc:d9:40:24:de:16:1e:f6:2f:87:69:5c:e5:94:e4:f7:
         9d:f8:5e:19:d1:a1:89:3e:8f:b8:1d:5f:2e:88:05:5b:7e:74:
         7d:b9:67:b2:30:f4:ea:d4:1e:78:fa:3a:5c:0f:ee:69:d3:b8:
         a6:b4:5e:69:bd:3b:86:31:12:3d:e3:4b:3e:90:84:83:d8:74:
         75:83:3a:8e:2b:b1:a4:6a:82:46:ad:0b:46:31:60:c7:86:a0:
         e5:4f:99:7e:f5:af:4e:d5:2c:0d:09:b3:b5:06:83:94:04:43:
         d5:0e:82:45:d5:61:83:77:79:8c:f6:d5:e5:2c:13:d9:80:0b:
         0d:c9:cf:4e:b5:36:30:48:8e:1c:e2:dc:f8:c3:f8:b4:42:d5:
         db:f4:12:30:c6:1a:93:47:c3:5b:52:70:ed:2c:b8:cf:69:8f:
         8b:7f:7f:37:69:dd:1f:76:7b:4f:6c:ca:b9:a6:35:7c:c0:54:
         9f:04:ce:d4:5f:ae:8a:0a:2f:00:7c:5d:87:f8:08:76:af:72:
         ff:ff:0b:bc
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUCC3zFvvhMX9derU7oe9sFfwAci0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI1MTUyMDE0WhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A4YjNlN2VkMDhlMTMxMDEwMjFjYmE5ODhkNDJhMmU5ZWVh
MWJmMzRiZWU1YjUxMTM2ZWIyM2Y3NmVhODlmZjQxMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMCIq/08u5/xP+TP2g7KlfEdTgiQJc/fbWOjcRBq+lMEcj
hNm45nHeXgFQWioHiD2V7GQWVIooJz71jrj/FF7++1+A/UH73gktg+tOkvesDwaV
5xHk1CmPMv9YZEEAY0OdjQ+qOrauU9Yu0CkYsqSb9gpgeak1SpHdYPkwvQIHddKB
94J5BEn4go3IB1aRwIX+TZQtNjVVnks8Fu3asNh68jRjEgA1Ce9HL/Jld3bQhel0
rZ8mixrmUs30kcCuE5eN2IxoMb3rjjmV1jpBuphdMCXK5i5J1wdaULK2FygZNLL8
e+lpjhLyPVtSLgm1nfT8dHbW/HsAh+I73cgCvlyFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUeVJPZXlCkWV6p/a3M0WEZSevBk4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzNlOTIwNDQ1LTU1YTAtNDgyMC1hOTY4LTY1NDg3MWY0YmI4ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwADZDANBgkqhkiG9w0BAQsFAAOCAQEANCVwWmBvLZ0+otk5ieTFrUjHHuvn
L1HcwPvw69Y5Cuz8ZuO7pWCPtAufFau5e2hvSPacsGl4B9b82UAk3hYe9i+HaVzl
lOT3nfheGdGhiT6PuB1fLogFW350fblnsjD06tQeePo6XA/uadO4prReab07hjES
PeNLPpCEg9h0dYM6jiuxpGqCRq0LRjFgx4ag5U+ZfvWvTtUsDQmztQaDlARD1Q6C
RdVhg3d5jPbV5SwT2YALDcnPTrU2MEiOHOLc+MP4tELV2/QSMMYak0fDW1Jw7Sy4
z2mPi39/N2ndH3Z7T2zKuaY1fMBUnwTO1F+uigovAHxdh/gIdq9y//8LvA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:11:13 2025 by rpki-client