Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5b5152de-771f-4c48-b716-e245ddec9efe.roa
File:                     5b5152de-771f-4c48-b716-e245ddec9efe.roa (raw, json)
Hash identifier:          PpADqJgOBgUleLodtmmUoasSH8mOkw32OwIG1hP32+A=
Subject key identifier:   12:1C:C4:55:10:0E:AC:C6:68:06:2D:6C:C4:97:63:6E:60:66:0C:1C
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5D6E3AA6D9248024C4D1878D6DCB3661EA31142A
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5b5152de-771f-4c48-b716-e245ddec9efe.roa
Signing time:             Thu 16 Oct 2025 15:18:37 +0000
ROA not before:           Thu 16 Oct 2025 15:18:37 +0000
ROA not after:            Thu 20 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.68.100.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 06 Nov 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:6e:3a:a6:d9:24:80:24:c4:d1:87:8d:6d:cb:36:61:ea:31:14:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 16 15:18:37 2025 GMT
            Not After : Nov 20 23:59:59 2025 GMT
        Subject: serialNumber=203dbc905b864b6e7fb462051e8009aea44114606a883e316d38f32aea0f325a, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:6f:1a:e0:8e:83:4f:ee:7e:c4:80:7e:fb:e0:
                    7f:78:60:4c:d4:bf:0b:60:b8:62:c4:5e:16:25:b1:
                    d4:1d:2a:6c:31:6c:84:5d:b6:f4:e4:6d:fe:62:64:
                    3a:6f:e0:a2:0e:9d:ad:54:c8:58:6f:7b:2d:89:3d:
                    92:19:c0:21:04:35:91:b4:c9:58:8c:01:75:86:4f:
                    f5:32:29:57:8b:7d:8d:69:64:57:4a:bd:0f:1a:26:
                    22:4c:c5:7a:ae:93:4b:35:cf:ba:8e:2a:ff:de:76:
                    4f:f0:10:4d:ac:b6:f4:c6:e4:01:60:5f:af:b7:c6:
                    15:4e:2a:32:e9:13:64:c0:cf:bd:54:94:e9:dd:4b:
                    c8:01:1a:53:d9:2e:c8:ae:8d:c0:ee:95:e2:b7:b2:
                    53:f7:e5:e7:1c:86:fd:a9:d6:de:fa:ef:53:85:2f:
                    8f:83:1e:c4:e0:fc:6f:ad:de:98:4f:ae:97:5f:13:
                    16:28:95:53:66:23:6c:5c:ba:d1:0d:43:76:ba:bd:
                    68:3b:1e:f3:b0:05:45:73:02:7b:2a:db:f8:2d:4a:
                    99:4c:8e:d9:65:a3:f6:1a:9d:09:7b:6a:0b:df:83:
                    ff:fe:c1:6c:5d:bf:81:aa:c9:02:9f:02:64:eb:04:
                    e4:31:96:a0:41:78:9a:ff:f7:4f:f9:1d:60:de:85:
                    ce:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:1C:C4:55:10:0E:AC:C6:68:06:2D:6C:C4:97:63:6E:60:66:0C:1C
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5b5152de-771f-4c48-b716-e245ddec9efe.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.68.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:57:9a:0c:21:ed:6c:ec:58:85:ef:41:5e:e4:b3:54:ca:3f:
         86:80:a3:f8:cd:34:ce:00:19:9b:04:2f:13:b4:a1:44:77:87:
         f8:14:d3:49:18:42:f6:d3:10:ea:ee:09:61:22:72:2c:bb:63:
         75:4a:55:3b:2d:c4:e0:f1:8d:49:10:6d:3a:d7:ae:77:ea:5c:
         ca:ce:6f:8a:9d:28:3b:b3:5f:12:ed:54:42:04:68:2d:c1:5a:
         be:6b:33:52:a2:5a:12:d4:43:4e:0d:ef:2a:cf:3b:35:00:ba:
         35:5e:d8:93:9e:0a:c9:46:87:6f:c2:74:36:c9:31:a6:cc:69:
         22:2f:bf:ee:c0:13:60:27:77:45:d8:62:d7:9d:79:49:f5:b4:
         8f:7c:ba:94:ac:ca:f9:75:46:e5:e3:0f:ef:e5:e7:10:c7:20:
         fc:c4:58:6a:13:7e:ea:db:ba:f6:40:7f:5b:87:27:0a:27:67:
         33:b8:3f:42:d6:5d:62:f5:d7:2b:09:d0:f4:38:a9:f1:2b:b1:
         83:38:6d:c9:81:1d:5d:c4:96:01:ee:a4:0a:1c:2d:9f:40:82:
         2b:5a:3e:d2:67:00:7f:c4:51:f8:b9:93:ed:6f:4a:13:bd:4e:
         ce:a8:74:17:d5:39:b9:33:8d:24:c7:cd:a3:46:b5:9a:6e:19:
         26:a3:8b:af
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXW46ptkkgCTE0YeNbcs2YeoxFCowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE2MTUxODM3WhcNMjUxMTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMDNkYmM5MDViODY0YjZlN2ZiNDYyMDUxZTgwMDlhZWE0
NDExNDYwNmE4ODNlMzE2ZDM4ZjMyYWVhMGYzMjVhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXbxrgjoNP7n7EgH774H94YEzUvwtguGLEXhYlsdQdKmwx
bIRdtvTkbf5iZDpv4KIOna1UyFhvey2JPZIZwCEENZG0yViMAXWGT/UyKVeLfY1p
ZFdKvQ8aJiJMxXquk0s1z7qOKv/edk/wEE2stvTG5AFgX6+3xhVOKjLpE2TAz71U
lOndS8gBGlPZLsiujcDuleK3slP35ecchv2p1t7671OFL4+DHsTg/G+t3phPrpdf
ExYolVNmI2xcutENQ3a6vWg7HvOwBUVzAnsq2/gtSplMjtllo/YanQl7agvfg//+
wWxdv4GqyQKfAmTrBOQxlqBBeJr/90/5HWDehc4nAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUEhzEVRAOrMZoBi1sxJdjbmBmDBwwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzViNTE1MmRlLTc3MWYtNGM0OC1iNzE2LWUyNDVkZGVjOWVmZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAASRGQwDQYJKoZIhvcNAQELBQADggEBAHZXmgwh7WzsWIXvQV7ks1TKP4aA
o/jNNM4AGZsELxO0oUR3h/gU00kYQvbTEOruCWEiciy7Y3VKVTstxODxjUkQbTrX
rnfqXMrOb4qdKDuzXxLtVEIEaC3BWr5rM1KiWhLUQ04N7yrPOzUAujVe2JOeCslG
h2/CdDbJMabMaSIvv+7AE2And0XYYtedeUn1tI98upSsyvl1RuXjD+/l5xDHIPzE
WGoTfurbuvZAf1uHJwonZzO4P0LWXWL11ysJ0PQ4qfErsYM4bcmBHV3ElgHupAoc
LZ9AgitaPtJnAH/EUfi5k+1vShO9Ts6odBfVObkzjSTHzaNGtZpuGSaji68=
-----END CERTIFICATE-----
Generated at Wed Nov 5 01:53:23 2025 by rpki-client