Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f525a0b2-7ca2-43f1-951c-7eff24265dc3.roa
File:                     f525a0b2-7ca2-43f1-951c-7eff24265dc3.roa (raw, json)
Hash identifier:          n4k7tsJKbfypFXJcp4QbqLaL/WeWQ3oX6FGl0xkG+aQ=
Subject key identifier:   9F:A7:87:7A:0F:8F:07:EA:74:D5:99:90:D6:FF:D5:EB:A2:1C:AE:8A
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       625FD80DD9504C9F01BE49A3BFAD69A309236DA3
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f525a0b2-7ca2-43f1-951c-7eff24265dc3.roa
Signing time:             Fri 11 Jul 2025 16:40:07 +0000
ROA not before:           Fri 11 Jul 2025 16:40:07 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.45.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:5f:d8:0d:d9:50:4c:9f:01:be:49:a3:bf:ad:69:a3:09:23:6d:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 11 16:40:07 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=0d1e14870d70c7cc2b58cc21cd1bf74c3310ca4a80420db12027feed4b84d2aa, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:83:fe:9d:50:be:13:ae:71:07:b1:8e:d1:c2:
                    9a:75:9c:f3:0d:77:26:05:fc:ab:f5:22:e4:b0:d1:
                    36:f5:5f:63:1f:5e:c3:8f:ff:0b:58:d2:fc:10:5e:
                    cd:4c:3a:ce:b1:f9:1a:df:86:f8:e7:90:5f:49:62:
                    29:e0:67:fc:0c:d3:31:10:28:9c:de:a8:b9:f2:92:
                    74:31:3a:e3:ae:f1:cd:8e:2b:31:ee:dc:a9:45:24:
                    aa:3b:40:13:fa:7d:e4:55:91:1b:52:f6:47:84:83:
                    b3:ed:7f:6f:4d:17:1f:b3:f0:58:da:31:9e:af:69:
                    51:dc:0b:02:aa:92:5b:4f:ee:09:e9:57:8a:17:e8:
                    43:b8:d4:17:57:74:91:44:f7:ed:08:4a:7e:96:50:
                    d9:5d:4f:17:b6:ae:c7:d6:16:65:ed:9b:8f:02:5a:
                    21:d6:3a:e5:88:59:e9:91:22:59:62:7d:12:f7:d1:
                    58:67:97:9a:96:2d:50:e3:19:ee:57:57:16:0b:80:
                    d3:a1:11:8b:d8:9c:e7:c6:c2:cc:b6:15:ff:00:03:
                    f0:c7:a7:43:bd:64:35:25:93:0e:b9:17:05:3d:49:
                    08:32:1a:f0:88:d9:3c:b7:cb:9d:55:e6:1a:2d:49:
                    11:87:2e:0e:e3:5a:79:84:2e:ee:15:db:9c:f8:b2:
                    f2:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:A7:87:7A:0F:8F:07:EA:74:D5:99:90:D6:FF:D5:EB:A2:1C:AE:8A
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f525a0b2-7ca2-43f1-951c-7eff24265dc3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.45.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         2a:2a:0a:42:46:84:b2:ef:66:65:49:40:c3:d9:f1:0b:26:1c:
         84:74:bb:86:42:44:a6:97:8f:4b:6c:1d:27:4b:76:9b:ce:08:
         49:16:15:af:5b:f5:f9:41:f6:49:0a:5e:5e:44:fe:2a:da:95:
         8a:f2:7a:06:51:b6:d8:b4:fc:0e:30:3e:22:18:18:01:c2:69:
         1f:c4:31:cd:3f:ea:ce:92:75:f3:45:9e:2c:08:6a:a6:1a:40:
         bb:6a:ea:8c:1b:d6:07:8b:a4:62:bf:7b:ea:52:1e:97:bc:ae:
         c8:6a:7a:2f:ea:cb:06:c8:8d:f7:85:79:d4:13:6c:c7:2e:e7:
         5f:c6:d5:ab:a5:d4:ca:ce:3b:86:58:63:a0:cb:0d:be:33:96:
         d0:ea:ce:59:45:60:77:66:3d:55:4c:db:3e:06:37:33:54:29:
         c6:99:dc:bc:82:aa:e8:9b:be:f3:7e:16:c6:23:88:20:aa:e4:
         cd:92:99:b2:84:b8:fb:6d:3c:a9:1e:77:88:0f:a6:97:50:9e:
         64:d0:c6:94:38:03:9b:74:b5:1b:62:bf:5f:2a:c8:25:9b:e3:
         ad:01:3f:63:2a:64:a7:cd:d8:2e:f4:e0:79:d9:d7:79:2e:6e:
         fb:23:e9:cb:16:7c:40:90:c5:3a:7d:e7:cb:e3:23:06:d6:dc:
         31:21:7c:e8
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUYl/YDdlQTJ8Bvkmjv61powkjbaMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzExMTY0MDA3WhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0AwZDFlMTQ4NzBkNzBjN2NjMmI1OGNjMjFjZDFiZjc0YzMz
MTBjYTRhODA0MjBkYjEyMDI3ZmVlZDRiODRkMmFhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKg/6dUL4TrnEHsY7Rwpp1nPMNdyYF/Kv1IuSw0Tb1X2Mf
XsOP/wtY0vwQXs1MOs6x+RrfhvjnkF9JYingZ/wM0zEQKJzeqLnyknQxOuOu8c2O
KzHu3KlFJKo7QBP6feRVkRtS9keEg7Ptf29NFx+z8FjaMZ6vaVHcCwKqkltP7gnp
V4oX6EO41BdXdJFE9+0ISn6WUNldTxe2rsfWFmXtm48CWiHWOuWIWemRIllifRL3
0Vhnl5qWLVDjGe5XVxYLgNOhEYvYnOfGwsy2Ff8AA/DHp0O9ZDUlkw65FwU9SQgy
GvCI2Ty3y51V5hotSRGHLg7jWnmELu4V25z4svJFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUn6eHeg+PB+p01ZmQ1v/V66IcroowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2Y1MjVhMGIyLTdjYTItNDNmMS05NTFjLTdlZmYyNDI2NWRjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwASLTANBgkqhkiG9w0BAQsFAAOCAQEAKioKQkaEsu9mZUlAw9nxCyYchHS7
hkJEppePS2wdJ0t2m84ISRYVr1v1+UH2SQpeXkT+KtqVivJ6BlG22LT8DjA+IhgY
AcJpH8QxzT/qzpJ180WeLAhqphpAu2rqjBvWB4ukYr976lIel7yuyGp6L+rLBsiN
94V51BNsxy7nX8bVq6XUys47hlhjoMsNvjOW0OrOWUVgd2Y9VUzbPgY3M1Qpxpnc
vIKq6Ju+834WxiOIIKrkzZKZsoS4+208qR53iA+ml1CeZNDGlDgDm3S1G2K/XyrI
JZvjrQE/Yypkp83YLvTgednXeS5u+yPpyxZ8QJDFOn3ny+MjBtbcMSF86A==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:37:44 2025 by rpki-client