Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/66496eeb-98fc-4220-823f-0c3b38023275.roa
File:                     66496eeb-98fc-4220-823f-0c3b38023275.roa (raw, json)
Hash identifier:          hTXzcQnTcJ5S7/27OOjTJ71UHAUKa5DNzaSAfKXkrTM=
Subject key identifier:   ED:62:E6:34:96:8C:E2:D4:73:E7:A3:D6:0C:A4:B9:99:57:A4:57:6B
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6A0B1C13EEA9053618D41BDF2CDC85093C36138C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/66496eeb-98fc-4220-823f-0c3b38023275.roa
Signing time:             Tue 21 Oct 2025 04:02:41 +0000
ROA not before:           Tue 21 Oct 2025 04:02:41 +0000
ROA not after:            Tue 25 Nov 2025 23:59:59 +0000
asID:                     7224
IP address blocks:        15.248.105.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 06 Nov 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:0b:1c:13:ee:a9:05:36:18:d4:1b:df:2c:dc:85:09:3c:36:13:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 21 04:02:41 2025 GMT
            Not After : Nov 25 23:59:59 2025 GMT
        Subject: serialNumber=41304922c8a0bbdd37eb8d65bb7312f19cb47e70874526dbe49030dd72a8df13, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:cc:7e:93:dd:70:e6:56:34:12:72:94:94:ed:
                    cf:99:c9:26:85:e7:30:c6:3d:73:cf:84:ba:d5:21:
                    ed:31:fd:bb:70:b9:2c:d4:49:8d:ca:6f:46:42:47:
                    bc:a3:7d:ea:dc:b3:83:39:66:d4:39:a6:60:44:60:
                    d5:40:49:6a:86:b8:f0:91:68:b2:77:3e:11:77:1c:
                    cb:a1:7b:d1:df:55:21:a6:a0:64:cf:97:ac:63:8d:
                    33:9e:bf:cf:40:95:95:69:60:65:0d:3a:91:ec:46:
                    31:18:24:fc:db:43:be:d4:18:6f:0b:6e:0d:15:f4:
                    c9:f5:b0:a1:19:d3:43:6d:e7:0a:03:67:0c:62:9d:
                    8d:0a:b6:6f:44:b0:92:5b:fb:5d:9d:4f:ca:9d:64:
                    6d:71:36:81:58:02:b9:b1:fe:c6:92:87:d3:42:24:
                    cb:3a:c4:0b:9c:1d:93:14:32:86:07:60:14:f1:d0:
                    44:2f:d4:99:e0:9a:f7:ad:89:9d:16:c4:d0:90:db:
                    6d:63:19:ab:00:4a:75:5f:93:13:b1:27:c9:00:fd:
                    e6:cb:5b:93:e2:02:3a:3b:05:77:4d:24:aa:8e:a0:
                    2f:32:54:20:06:2f:f7:bb:58:17:f5:8a:8f:ca:93:
                    d7:e7:06:54:ac:27:c3:86:46:ad:ed:18:60:f6:06:
                    6d:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:62:E6:34:96:8C:E2:D4:73:E7:A3:D6:0C:A4:B9:99:57:A4:57:6B
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/66496eeb-98fc-4220-823f-0c3b38023275.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.248.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:81:96:d8:8b:13:16:d2:70:2d:18:4f:4d:8f:8e:25:ee:88:
         24:4b:8a:4f:28:16:f9:1b:3a:2e:94:ef:3a:b3:12:70:b1:8b:
         2f:d1:cf:41:35:58:6e:e3:13:db:2a:b3:4b:b8:f1:fb:6b:ef:
         06:73:45:16:ae:9a:9e:89:ed:6d:f3:bd:4c:44:54:2a:70:b3:
         c0:a5:df:98:9b:ba:2f:2f:74:24:4d:bd:69:7f:9b:0a:4e:d7:
         00:8b:f5:85:0d:a1:8c:12:8f:f6:6f:ba:57:2d:a7:1d:83:02:
         c0:9c:70:06:e3:c2:c7:78:6c:84:ee:ea:fa:f3:b6:8d:f2:9d:
         a0:5f:a8:5d:46:19:0c:17:af:9b:dc:9d:f5:aa:1b:62:f9:58:
         df:82:3a:63:35:15:e4:42:f2:66:9f:db:0e:11:d7:f6:65:e4:
         4a:d9:af:31:4b:5a:04:85:dc:75:14:b3:c2:3c:75:b4:dc:64:
         76:f6:94:7f:7c:a0:fa:fd:57:d9:5c:20:a5:c7:64:db:4f:b4:
         6a:6b:0f:4d:ce:b9:f2:8d:9a:66:f2:b5:07:9e:72:c5:e7:7d:
         9a:f4:51:67:08:2b:df:77:b8:eb:49:99:ee:64:b9:28:29:f8:
         cd:d6:30:5b:19:98:63:db:47:dd:e3:55:86:7d:dc:b9:81:e6:
         45:e8:19:02
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUagscE+6pBTYY1BvfLNyFCTw2E4wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDIxMDQwMjQxWhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MTMwNDkyMmM4YTBiYmRkMzdlYjhkNjViYjczMTJmMTlj
YjQ3ZTcwODc0NTI2ZGJlNDkwMzBkZDcyYThkZjEzMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCozH6T3XDmVjQScpSU7c+ZySaF5zDGPXPPhLrVIe0x/btw
uSzUSY3Kb0ZCR7yjfercs4M5ZtQ5pmBEYNVASWqGuPCRaLJ3PhF3HMuhe9HfVSGm
oGTPl6xjjTOev89AlZVpYGUNOpHsRjEYJPzbQ77UGG8Lbg0V9Mn1sKEZ00Nt5woD
ZwxinY0Ktm9EsJJb+12dT8qdZG1xNoFYArmx/saSh9NCJMs6xAucHZMUMoYHYBTx
0EQv1JngmvetiZ0WxNCQ221jGasASnVfkxOxJ8kA/ebLW5PiAjo7BXdNJKqOoC8y
VCAGL/e7WBf1io/Kk9fnBlSsJ8OGRq3tGGD2Bm1bAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU7WLmNJaM4tRz56PWDKS5mVekV2swHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzY2NDk2ZWViLTk4ZmMtNDIyMC04MjNmLTBjM2IzODAyMzI3NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAP+GkwDQYJKoZIhvcNAQELBQADggEBAKKBltiLExbScC0YT02PjiXuiCRL
ik8oFvkbOi6U7zqzEnCxiy/Rz0E1WG7jE9sqs0u48ftr7wZzRRaump6J7W3zvUxE
VCpws8Cl35ibui8vdCRNvWl/mwpO1wCL9YUNoYwSj/Zvulctpx2DAsCccAbjwsd4
bITu6vrzto3ynaBfqF1GGQwXr5vcnfWqG2L5WN+COmM1FeRC8maf2w4R1/Zl5ErZ
rzFLWgSF3HUUs8I8dbTcZHb2lH98oPr9V9lcIKXHZNtPtGprD03OufKNmmbytQee
csXnfZr0UWcIK993uOtJme5kuSgp+M3WMFsZmGPbR93jVYZ93LmB5kXoGQI=
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:14:11 2025 by rpki-client