Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/4dec765a-fd07-492c-af7f-ec695090cc13.roa
File:                     4dec765a-fd07-492c-af7f-ec695090cc13.roa (raw, json)
Hash identifier:          MnI8L3t+FcObK4LyGHY2+/W6Sl3hZqkB5/Mg6yi/7OU=
Subject key identifier:   67:FC:5E:D0:1E:69:A6:FB:0D:0A:03:63:53:5B:08:A0:9C:54:4F:95
Certificate issuer:       /CN=c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173
Certificate serial:       7C88CDE69250CDA7F216946DE1381F80B02A4EEC
Authority key identifier: CC:10:61:27:3F:FF:76:3F:76:D2:DE:E2:85:83:E8:BA:3B:05:C4:30
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/4dec765a-fd07-492c-af7f-ec695090cc13.roa
Signing time:             Mon 04 Aug 2025 15:00:09 +0000
ROA not before:           Mon 04 Aug 2025 15:00:09 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        198.41.99.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:88:cd:e6:92:50:cd:a7:f2:16:94:6d:e1:38:1f:80:b0:2a:4e:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173
        Validity
            Not Before: Aug  4 15:00:09 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=fd14e43738f4491fbd37a46c6ca1067bda33114be72a4916d96d6c8b809cafb5, CN=88af7b95-2ef7-49fc-a37d-1b8f0547180d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:49:e0:57:b6:9a:3b:2a:a3:ae:68:44:a3:45:
                    80:32:ea:7b:d3:6e:f9:70:8a:53:e5:57:70:12:1a:
                    f2:b6:41:a9:87:6d:89:f3:b7:da:b2:91:06:54:e8:
                    ce:b7:75:5a:9c:f7:08:74:1b:22:0e:5b:35:96:47:
                    5e:63:f0:97:76:a5:4a:71:c8:35:60:66:35:67:2d:
                    59:46:fd:d9:d3:ab:3a:76:5c:3b:ab:29:09:7a:38:
                    b5:57:e0:22:9a:18:34:70:2b:52:71:ce:be:76:f0:
                    0d:82:1c:e8:3c:54:e6:9a:cd:e4:0c:b3:69:f6:e7:
                    a4:32:d3:01:e3:b1:80:93:fa:b8:ef:bf:52:9d:c1:
                    d3:9f:6b:e1:8e:91:c2:56:05:43:53:91:54:b5:90:
                    a5:0a:1d:9a:41:07:3b:4e:90:a7:34:6c:77:d7:35:
                    d6:bf:47:9d:0f:13:03:c9:60:20:65:a6:dd:dd:d4:
                    f0:39:7c:19:9c:ea:61:6c:fc:86:4b:3e:6c:e7:14:
                    c0:e3:4c:26:5c:a0:34:d4:3e:4e:b9:ac:85:e5:7c:
                    60:8b:8e:b4:74:e5:1e:2f:99:62:60:7a:e5:41:a7:
                    44:9f:a7:a1:6c:cd:dd:ba:93:9c:b8:65:5f:02:0a:
                    53:f4:f6:a8:df:e7:38:77:dd:54:10:ba:f9:70:58:
                    1e:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:FC:5E:D0:1E:69:A6:FB:0D:0A:03:63:53:5B:08:A0:9C:54:4F:95
            X509v3 Authority Key Identifier:
                keyid:CC:10:61:27:3F:FF:76:3F:76:D2:DE:E2:85:83:E8:BA:3B:05:C4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/4dec765a-fd07-492c-af7f-ec695090cc13.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  198.41.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:02:57:fe:0a:e6:39:89:8b:16:34:1d:94:f3:bd:d6:0a:11:
         ee:27:7b:a0:1a:fa:5b:e1:54:bb:7b:62:7e:50:14:5c:1f:23:
         f6:74:48:5d:6c:81:2d:b2:54:21:b9:93:fb:06:3c:f4:f0:45:
         de:78:a2:1a:b1:ee:5e:57:c4:e7:77:de:f3:30:3a:2b:f9:3a:
         94:e2:24:0d:76:16:4d:db:29:18:64:c4:1e:1f:1d:9d:94:c1:
         ce:61:80:b7:4d:5c:17:8d:a1:8b:9e:bb:dc:5f:c8:a2:e6:d3:
         0b:73:07:65:4b:bf:ca:dd:5f:5d:6d:d7:f8:77:e7:88:0f:58:
         62:6b:19:ea:1c:3d:5f:98:3c:ec:86:17:6d:51:1a:e3:22:d5:
         3e:0c:38:e2:77:c4:3b:42:6d:3a:1d:0d:80:9e:19:21:86:3e:
         d1:08:08:7b:28:8f:08:9a:b8:a0:4d:ab:26:54:0c:2f:56:11:
         f3:d7:fc:0b:b9:fb:d8:77:be:0b:8f:9f:af:17:7d:ad:d6:46:
         66:a1:98:95:75:d8:8a:7f:d7:75:40:ad:d4:ab:4e:90:a8:01:
         3a:9a:1a:9f:14:47:d4:6f:fd:50:b2:d5:62:99:15:02:5b:b7:
         15:a1:60:ae:71:2e:93:88:4f:19:4c:72:7d:12:bb:30:67:37:
         6f:af:45:8f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfIjN5pJQzafyFpRt4TgfgLAqTuwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzMxOTQyNGUwMzlmODZkNmFkOWZjNGU3MjIzZGY4NDFk
MjBhZTZkMGZmMTI0MjgxNzMwHhcNMjUwODA0MTUwMDA5WhcNMjUwOTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BmZDE0ZTQzNzM4ZjQ0OTFmYmQzN2E0NmM2Y2ExMDY3YmRh
MzMxMTRiZTcyYTQ5MTZkOTZkNmM4YjgwOWNhZmI1MS0wKwYDVQQDEyQ4OGFmN2I5
NS0yZWY3LTQ5ZmMtYTM3ZC0xYjhmMDU0NzE4MGQwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwSeBXtpo7KqOuaESjRYAy6nvTbvlwilPlV3ASGvK2QamH
bYnzt9qykQZU6M63dVqc9wh0GyIOWzWWR15j8Jd2pUpxyDVgZjVnLVlG/dnTqzp2
XDurKQl6OLVX4CKaGDRwK1Jxzr528A2CHOg8VOaazeQMs2n256Qy0wHjsYCT+rjv
v1KdwdOfa+GOkcJWBUNTkVS1kKUKHZpBBztOkKc0bHfXNda/R50PEwPJYCBlpt3d
1PA5fBmc6mFs/IZLPmznFMDjTCZcoDTUPk65rIXlfGCLjrR05R4vmWJgeuVBp0Sf
p6Fszd26k5y4ZV8CClP09qjf5zh33VQQuvlwWB43AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUZ/xe0B5ppvsNCgNjU1sIoJxUT5UwHwYDVR0jBBgwFoAUzBBhJz//dj92
0t7ihYPoujsFxDAwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Q2YjVhZDI4LTFjYmMtNDdhYi05MDRlLTQ1MzYxYTU0ODdjMy9lNWRlYTY2MC1i
ZjU5LTRiNGMtYjlhZC00YTY3ODdlMDNmY2UvYzMxOTQyNGUwMzlmODZkNmFkOWZj
NGU3MjIzZGY4NDFkMjBhZTZkMGZmMTI0MjgxNzMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmRmNTFjZDItZTZhZi00OTNhLWE4OGEtMzIy
MWQwMWY3ZDkwLzRkZWM3NjVhLWZkMDctNDkyYy1hZjdmLWVjNjk1MDkwY2MxMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJkZjUxY2QyLWU2YWYtNDkzYS1hODhh
LTMyMjFkMDFmN2Q5MC9uNGJXclpfRTV5STktRUhTQ3ViUV94SkNnWE0uY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADGKWMwDQYJKoZIhvcNAQELBQADggEBAGoCV/4K5jmJixY0HZTzvdYKEe4n
e6Aa+lvhVLt7Yn5QFFwfI/Z0SF1sgS2yVCG5k/sGPPTwRd54ohqx7l5XxOd33vMw
Oiv5OpTiJA12Fk3bKRhkxB4fHZ2Uwc5hgLdNXBeNoYueu9xfyKLm0wtzB2VLv8rd
X11t1/h354gPWGJrGeocPV+YPOyGF21RGuMi1T4MOOJ3xDtCbTodDYCeGSGGPtEI
CHsojwiauKBNqyZUDC9WEfPX/Au5+9h3vguPn68Xfa3WRmahmJV12Ip/13VArdSr
TpCoATqaGp8UR9Rv/VCy1WKZFQJbtxWhYK5xLpOITxlMcn0SuzBnN2+vRY8=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:45:31 2025 by rpki-client