Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4cab92bc-9aa1-4b48-83bd-11590a716fb1.roa
File:                     4cab92bc-9aa1-4b48-83bd-11590a716fb1.roa (raw, json)
Hash identifier:          X899RwH0swfC7CZSuMIn5izG3FyWWbmcrjMjgXYDUJI=
Subject key identifier:   44:1C:B5:83:D1:00:45:CB:B1:43:EE:D6:BE:E1:1D:16:08:4E:FE:ED
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       712BA2B1D10CA07CE613B0E4340BBE7BF8D1F2B4
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4cab92bc-9aa1-4b48-83bd-11590a716fb1.roa
Signing time:             Fri 25 Jul 2025 15:21:54 +0000
ROA not before:           Fri 25 Jul 2025 15:21:54 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.88.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:2b:a2:b1:d1:0c:a0:7c:e6:13:b0:e4:34:0b:be:7b:f8:d1:f2:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 25 15:21:54 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=afdc5cf6b2d608655f0cb3f7c4ed5346ea4459d818702691d191558985409420, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:3a:ad:ad:53:41:fa:f3:b8:53:ed:39:bf:5d:
                    b4:f7:33:9c:37:31:7d:80:0c:91:be:f9:42:8e:b3:
                    0a:4f:03:cd:4b:01:e1:13:d4:9c:03:ff:84:f8:6c:
                    a6:c9:0b:9d:65:56:ab:c2:cd:4a:6a:d4:e3:55:39:
                    57:79:25:d6:55:c5:59:39:ce:d4:db:09:17:9f:24:
                    5b:58:a8:0a:5c:00:0e:bc:66:ab:2e:cc:b2:1b:dd:
                    04:f8:d8:56:85:d1:30:10:6e:b0:d5:c4:0a:f5:ec:
                    ac:d8:10:fd:b3:e4:54:88:28:11:3d:c4:5a:e0:c3:
                    8d:7e:1e:fb:d3:a6:7e:01:cd:78:9b:19:fe:0b:3c:
                    e4:64:8b:8c:a2:95:dc:a1:fe:fc:1b:79:5c:1b:c0:
                    16:27:fb:45:6a:9a:79:be:38:82:82:2b:f9:cd:86:
                    4e:e2:94:2f:a0:04:6c:67:56:59:e4:51:38:32:a0:
                    84:ca:f8:e1:fe:21:3d:ad:a9:3d:d5:b6:6a:35:40:
                    67:07:22:7e:a3:0f:37:ea:c5:ee:5a:e7:47:4e:58:
                    c9:50:61:46:d0:dc:21:74:d7:b5:34:5f:2b:d0:e4:
                    b8:dd:46:50:68:c4:d9:e8:28:99:7e:fc:38:69:ad:
                    78:87:99:7d:96:90:57:ac:f7:ff:95:78:82:91:55:
                    44:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:1C:B5:83:D1:00:45:CB:B1:43:EE:D6:BE:E1:1D:16:08:4E:FE:ED
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4cab92bc-9aa1-4b48-83bd-11590a716fb1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.88.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         57:45:39:8e:68:31:6b:56:4d:d7:cd:31:2a:f5:85:b2:6b:ef:
         f5:50:fe:b0:54:6b:e7:40:78:00:e0:b0:c3:72:fe:23:a1:23:
         44:36:68:7b:32:85:6d:04:4c:5c:08:ed:50:c4:33:e4:97:01:
         4b:8b:31:43:95:c2:b1:26:6d:bf:86:f5:0d:d1:24:e0:f2:c9:
         4a:76:76:f3:8b:fd:be:fb:36:b6:f4:e9:85:82:db:c7:70:86:
         1e:b4:5f:e3:0c:4c:6d:06:4f:4f:d6:b9:d0:38:44:f2:ee:5a:
         36:10:74:d4:19:81:95:7f:a9:ac:78:67:e1:c1:7d:87:39:77:
         ea:35:6d:65:bf:10:71:c9:42:bf:2a:62:1c:72:1e:04:43:43:
         a9:f4:04:bb:6b:e1:5e:e9:07:03:00:02:53:1a:3c:2b:13:28:
         b0:af:ff:68:04:50:b1:2e:e6:e7:c5:8f:a5:22:ed:f1:aa:65:
         ac:1e:e4:5d:9b:a5:3c:3c:8a:15:2c:cd:e8:cd:15:86:07:e9:
         58:92:3a:3d:2f:58:20:f5:35:2e:04:a9:70:0b:c3:94:b0:b9:
         3a:0a:98:84:dc:e9:0e:00:d1:07:55:b5:73:5a:b9:b2:3d:cd:
         3c:b3:30:2c:c7:ce:bc:09:68:39:de:64:4a:cb:14:b7:fe:31:
         56:44:4b:f3
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUcSuisdEMoHzmE7DkNAu+e/jR8rQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI1MTUyMTU0WhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BhZmRjNWNmNmIyZDYwODY1NWYwY2IzZjdjNGVkNTM0NmVh
NDQ1OWQ4MTg3MDI2OTFkMTkxNTU4OTg1NDA5NDIwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBOq2tU0H687hT7Tm/XbT3M5w3MX2ADJG++UKOswpPA81L
AeET1JwD/4T4bKbJC51lVqvCzUpq1ONVOVd5JdZVxVk5ztTbCRefJFtYqApcAA68
ZqsuzLIb3QT42FaF0TAQbrDVxAr17KzYEP2z5FSIKBE9xFrgw41+HvvTpn4BzXib
Gf4LPORki4yildyh/vwbeVwbwBYn+0Vqmnm+OIKCK/nNhk7ilC+gBGxnVlnkUTgy
oITK+OH+IT2tqT3Vtmo1QGcHIn6jDzfqxe5a50dOWMlQYUbQ3CF017U0XyvQ5Ljd
RlBoxNnoKJl+/DhprXiHmX2WkFes9/+VeIKRVUStAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQURBy1g9EARcuxQ+7WvuEdFghO/u0wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzRjYWI5MmJjLTlhYTEtNGI0OC04M2JkLTExNTkwYTcxNmZiMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwESWDANBgkqhkiG9w0BAQsFAAOCAQEAV0U5jmgxa1ZN180xKvWFsmvv9VD+
sFRr50B4AOCww3L+I6EjRDZoezKFbQRMXAjtUMQz5JcBS4sxQ5XCsSZtv4b1DdEk
4PLJSnZ284v9vvs2tvTphYLbx3CGHrRf4wxMbQZPT9a50DhE8u5aNhB01BmBlX+p
rHhn4cF9hzl36jVtZb8QcclCvypiHHIeBENDqfQEu2vhXukHAwACUxo8KxMosK//
aARQsS7m58WPpSLt8aplrB7kXZulPDyKFSzN6M0VhgfpWJI6PS9YIPU1LgSpcAvD
lLC5OgqYhNzpDgDRB1W1c1q5sj3NPLMwLMfOvAloOd5kSssUt/4xVkRL8w==
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:26:02 2025 by rpki-client