Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/b42257a0-4503-414c-9ee6-c20d4a3bf1ae.roa
File:                     b42257a0-4503-414c-9ee6-c20d4a3bf1ae.roa (raw, json)
Hash identifier:          SmSDAOupotfr8OSGIUOM0fhWMKndRoDAYIhyMyOmg70=
Subject key identifier:   C6:86:8D:F3:8D:66:AE:81:3F:86:92:19:20:FF:84:EE:6E:40:FF:B7
Certificate issuer:       /CN=c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173
Certificate serial:       32591F5E081A850C349D8D6D1A3C820274D1D383
Authority key identifier: CC:10:61:27:3F:FF:76:3F:76:D2:DE:E2:85:83:E8:BA:3B:05:C4:30
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/b42257a0-4503-414c-9ee6-c20d4a3bf1ae.roa
Signing time:             Mon 04 Aug 2025 15:00:14 +0000
ROA not before:           Mon 04 Aug 2025 15:00:14 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        198.41.98.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:59:1f:5e:08:1a:85:0c:34:9d:8d:6d:1a:3c:82:02:74:d1:d3:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173
        Validity
            Not Before: Aug  4 15:00:14 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=46ec7aa13d03d2257ccb7fd52cb464b10f2c8339559b9155fdf5b27a60a97fc8, CN=88af7b95-2ef7-49fc-a37d-1b8f0547180d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:21:50:18:84:21:61:4f:24:14:a5:f2:2e:0d:
                    00:65:9b:25:ec:af:4a:64:91:92:67:ad:dd:b4:fa:
                    d5:f2:33:f9:21:c1:55:10:54:16:b7:4b:51:6c:38:
                    55:48:f6:7a:9e:1c:ee:9f:b2:2a:7d:96:32:ba:9b:
                    a1:39:2c:51:a0:8a:5f:86:4d:03:ee:ff:2e:86:94:
                    1c:cb:52:43:1c:b8:2c:bf:e7:79:4e:88:d3:91:ea:
                    cc:6e:3b:fb:61:86:6a:42:d9:9c:1f:86:14:c5:b6:
                    a5:e8:88:8a:01:27:be:2f:a4:5d:ec:d3:dc:bf:27:
                    f8:65:2b:60:71:46:07:89:b3:9b:63:1a:6e:f7:b6:
                    f5:30:e1:82:9c:49:f9:25:32:74:ef:7e:d1:2d:25:
                    7c:03:09:d4:25:40:40:bd:cc:3c:92:2e:4a:86:13:
                    b2:1b:57:57:b4:26:91:06:c1:de:95:ee:f0:98:72:
                    cc:7d:90:77:95:48:30:c3:20:71:27:7c:03:23:f3:
                    21:ed:92:48:76:28:00:7e:39:fa:45:11:2b:9e:cc:
                    04:2f:43:f9:ea:e2:86:95:6c:0b:b4:af:9a:e9:de:
                    a6:eb:fc:5d:50:a8:7c:77:fa:ba:ea:42:4f:99:8d:
                    75:05:6c:fb:0b:de:eb:5e:7c:40:9a:0a:78:c9:5f:
                    ce:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:86:8D:F3:8D:66:AE:81:3F:86:92:19:20:FF:84:EE:6E:40:FF:B7
            X509v3 Authority Key Identifier:
                keyid:CC:10:61:27:3F:FF:76:3F:76:D2:DE:E2:85:83:E8:BA:3B:05:C4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/b42257a0-4503-414c-9ee6-c20d4a3bf1ae.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  198.41.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:06:ef:61:70:e3:ff:d0:19:79:15:f5:24:f2:66:d5:2b:74:
         98:72:0c:5d:fc:0b:bf:a2:c4:99:ac:44:d0:76:aa:3f:6d:b3:
         de:db:09:c3:96:e7:22:f7:c4:c7:22:9b:35:6e:6b:ef:b6:2e:
         4d:27:3d:4b:ec:bc:16:8b:41:9d:b1:33:45:f7:c3:57:97:94:
         17:65:3a:1e:82:3c:26:3d:56:bd:e3:85:50:17:b3:84:d1:f2:
         cb:36:07:e8:4a:9a:7f:e6:9c:f8:87:4d:68:23:81:b5:97:41:
         f6:20:a1:74:7b:7e:b6:0f:9d:63:fe:0a:b6:3e:d2:45:14:49:
         9e:3e:5f:3b:bb:93:aa:2c:16:23:07:99:c7:6b:0b:04:e1:c3:
         6b:1f:f0:11:b8:1f:66:f5:2d:97:bc:29:8e:d5:6e:8a:3f:76:
         ed:52:dd:9c:98:f0:27:00:6e:69:9d:4f:6a:f0:97:43:32:97:
         dc:86:96:d7:d6:eb:c6:c2:c0:64:1e:36:77:e5:c8:da:64:0c:
         30:35:db:6a:39:3f:b4:f8:5e:66:c4:a8:7a:cb:6a:8b:f6:d1:
         c5:da:a8:7e:ba:b7:0d:a7:71:9c:11:66:4f:80:45:69:1e:c2:
         6f:e3:31:c8:8c:b0:2f:af:bd:09:48:78:d9:a9:5d:e5:f3:2e:
         52:a1:80:4a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMlkfXggahQw0nY1tGjyCAnTR04MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzMxOTQyNGUwMzlmODZkNmFkOWZjNGU3MjIzZGY4NDFk
MjBhZTZkMGZmMTI0MjgxNzMwHhcNMjUwODA0MTUwMDE0WhcNMjUwOTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NmVjN2FhMTNkMDNkMjI1N2NjYjdmZDUyY2I0NjRiMTBm
MmM4MzM5NTU5YjkxNTVmZGY1YjI3YTYwYTk3ZmM4MS0wKwYDVQQDEyQ4OGFmN2I5
NS0yZWY3LTQ5ZmMtYTM3ZC0xYjhmMDU0NzE4MGQwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDEIVAYhCFhTyQUpfIuDQBlmyXsr0pkkZJnrd20+tXyM/kh
wVUQVBa3S1FsOFVI9nqeHO6fsip9ljK6m6E5LFGgil+GTQPu/y6GlBzLUkMcuCy/
53lOiNOR6sxuO/thhmpC2ZwfhhTFtqXoiIoBJ74vpF3s09y/J/hlK2BxRgeJs5tj
Gm73tvUw4YKcSfklMnTvftEtJXwDCdQlQEC9zDySLkqGE7IbV1e0JpEGwd6V7vCY
csx9kHeVSDDDIHEnfAMj8yHtkkh2KAB+OfpFESuezAQvQ/nq4oaVbAu0r5rp3qbr
/F1QqHx3+rrqQk+ZjXUFbPsL3utefECaCnjJX87nAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUxoaN841mroE/hpIZIP+E7m5A/7cwHwYDVR0jBBgwFoAUzBBhJz//dj92
0t7ihYPoujsFxDAwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Q2YjVhZDI4LTFjYmMtNDdhYi05MDRlLTQ1MzYxYTU0ODdjMy9lNWRlYTY2MC1i
ZjU5LTRiNGMtYjlhZC00YTY3ODdlMDNmY2UvYzMxOTQyNGUwMzlmODZkNmFkOWZj
NGU3MjIzZGY4NDFkMjBhZTZkMGZmMTI0MjgxNzMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmRmNTFjZDItZTZhZi00OTNhLWE4OGEtMzIy
MWQwMWY3ZDkwL2I0MjI1N2EwLTQ1MDMtNDE0Yy05ZWU2LWMyMGQ0YTNiZjFhZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJkZjUxY2QyLWU2YWYtNDkzYS1hODhh
LTMyMjFkMDFmN2Q5MC9uNGJXclpfRTV5STktRUhTQ3ViUV94SkNnWE0uY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADGKWIwDQYJKoZIhvcNAQELBQADggEBACkG72Fw4//QGXkV9STyZtUrdJhy
DF38C7+ixJmsRNB2qj9ts97bCcOW5yL3xMcimzVua++2Lk0nPUvsvBaLQZ2xM0X3
w1eXlBdlOh6CPCY9Vr3jhVAXs4TR8ss2B+hKmn/mnPiHTWgjgbWXQfYgoXR7frYP
nWP+CrY+0kUUSZ4+Xzu7k6osFiMHmcdrCwThw2sf8BG4H2b1LZe8KY7Vboo/du1S
3ZyY8CcAbmmdT2rwl0Myl9yGltfW68bCwGQeNnflyNpkDDA122o5P7T4XmbEqHrL
aov20cXaqH66tw2ncZwRZk+ARWkewm/jMciMsC+vvQlIeNmpXeXzLlKhgEo=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:38:15 2025 by rpki-client