Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/85ecd0ef-6924-4522-bd48-1e263001901c.roa
File:                     85ecd0ef-6924-4522-bd48-1e263001901c.roa (raw, json)
Hash identifier:          V28W4meApbdyjD2QWWkpO5Wi28q4R6WvEFJWnXmJ9aU=
Subject key identifier:   15:BD:1B:68:71:F1:3E:7D:9F:8B:9A:2B:08:1C:CE:43:AC:3F:78:DC
Certificate issuer:       /CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
Certificate serial:       0914F506D2DD25C35E3B6364D027D339C29EBC3F
Authority key identifier: 99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/85ecd0ef-6924-4522-bd48-1e263001901c.roa
Signing time:             Tue 05 Aug 2025 15:01:01 +0000
ROA not before:           Tue 05 Aug 2025 15:01:01 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        96.127.1.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:14:f5:06:d2:dd:25:c3:5e:3b:63:64:d0:27:d3:39:c2:9e:bc:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
        Validity
            Not Before: Aug  5 15:01:01 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=cbf6e5e4271f1b19fda71118c1496046267ed49a285fd435b2ac72a730cbdd5c, CN=0099a7ea-794a-4a28-b164-49547626eb11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:4d:0a:05:ca:18:25:45:8d:3d:94:a1:c6:3f:
                    b8:74:0f:ef:13:32:4d:40:58:a6:4c:07:92:d8:68:
                    1e:81:6f:1c:fd:fc:bf:db:72:53:f9:d5:88:5b:fa:
                    40:40:f8:67:f3:34:b3:16:ea:09:13:3c:b8:41:56:
                    80:67:21:66:2f:0b:6d:a0:2a:d2:69:ef:b0:39:c4:
                    72:0b:db:4e:1c:9c:22:81:85:da:2e:23:73:0b:e7:
                    03:7f:64:e8:66:ec:b6:68:62:67:42:30:08:97:56:
                    45:65:83:ff:81:f2:dd:88:f0:03:31:a0:e7:78:bc:
                    ca:e4:d1:84:95:4e:46:40:99:99:92:52:1a:58:f4:
                    16:fe:7a:d7:ba:3a:b2:62:f2:ac:8b:20:10:3f:4d:
                    b6:eb:fe:00:45:3e:c2:2e:6f:a0:9a:65:d7:4e:34:
                    c6:a6:50:81:98:79:e9:a2:22:9e:62:d2:11:c9:d7:
                    a2:8a:7a:ff:38:f7:d1:29:5f:a9:23:a5:31:ff:77:
                    dc:57:25:ee:ae:fd:76:d8:81:39:3e:2a:1e:21:33:
                    85:6c:ae:d1:aa:fb:2f:9f:ac:10:c6:2b:3f:1f:51:
                    8d:98:28:b9:8e:07:6c:29:ac:68:15:75:89:e1:1c:
                    4c:a8:77:87:65:58:58:2d:b7:22:6e:29:bd:b0:28:
                    45:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:BD:1B:68:71:F1:3E:7D:9F:8B:9A:2B:08:1C:CE:43:AC:3F:78:DC
            X509v3 Authority Key Identifier:
                keyid:99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/85ecd0ef-6924-4522-bd48-1e263001901c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  96.127.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:06:6f:89:0e:6f:c0:31:a5:42:ba:c5:2a:b5:37:4e:03:21:
         7c:d6:49:6c:ba:2f:3e:2c:1d:ff:b6:e2:3b:70:8d:39:46:91:
         b9:c3:00:a5:b4:15:5c:96:17:ba:99:fb:b9:2e:2b:78:5c:1e:
         36:8a:a4:15:a5:e8:1f:f9:b3:2f:a9:37:11:11:37:9f:cd:bf:
         74:60:7b:dc:24:0c:32:74:78:30:bc:bb:ae:e7:6b:20:07:7e:
         b2:04:27:52:24:08:72:6e:2a:dc:2b:35:a2:e6:51:60:f3:58:
         3e:80:4d:7f:db:dc:db:38:70:9b:ab:dd:ef:1d:54:7b:c5:0c:
         a0:59:e9:1e:a6:da:d6:e9:19:2f:7e:ed:36:4c:6a:09:da:69:
         d4:4a:78:2d:f8:9f:72:26:8e:94:de:cc:f2:42:dd:0f:3c:47:
         52:b1:0f:6a:61:21:7d:c8:19:d9:04:d7:a2:63:a5:73:6c:77:
         53:cf:fe:86:8d:64:e9:28:27:79:e5:94:56:e4:a9:d1:6d:ff:
         23:cc:6a:ee:59:19:3d:b7:2a:f4:2f:93:21:5d:60:8a:dd:9e:
         89:46:5d:1f:f1:fc:62:1f:f8:79:6a:1a:9f:8a:4d:80:47:9e:
         b8:fa:9c:80:d4:01:3f:92:9c:1c:40:71:6e:06:e0:61:97:6d:
         f7:56:7e:8c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCRT1BtLdJcNeO2Nk0CfTOcKevD8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzA1Njc2YzczM2ZkOGNjYWU1YmU2M2I5MmJkZGM5MGI3
YTViNzRlNjk0NDljMWViMDQwHhcNMjUwODA1MTUwMTAxWhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BjYmY2ZTVlNDI3MWYxYjE5ZmRhNzExMThjMTQ5NjA0NjI2
N2VkNDlhMjg1ZmQ0MzViMmFjNzJhNzMwY2JkZDVjMS0wKwYDVQQDEyQwMDk5YTdl
YS03OTRhLTRhMjgtYjE2NC00OTU0NzYyNmViMTEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDPTQoFyhglRY09lKHGP7h0D+8TMk1AWKZMB5LYaB6Bbxz9
/L/bclP51Yhb+kBA+GfzNLMW6gkTPLhBVoBnIWYvC22gKtJp77A5xHIL204cnCKB
hdouI3ML5wN/ZOhm7LZoYmdCMAiXVkVlg/+B8t2I8AMxoOd4vMrk0YSVTkZAmZmS
UhpY9Bb+ete6OrJi8qyLIBA/Tbbr/gBFPsIub6CaZddONMamUIGYeemiIp5i0hHJ
16KKev8499EpX6kjpTH/d9xXJe6u/XbYgTk+Kh4hM4VsrtGq+y+frBDGKz8fUY2Y
KLmOB2wprGgVdYnhHEyod4dlWFgttyJuKb2wKEWPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUFb0baHHxPn2fi5orCBzOQ6w/eNwwHwYDVR0jBBgwFoAUmcNUTAjJlFS4
eZUe/6R6j2PIp3cwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi83N2I1NjQyOC05
YjUyLTQxNmYtYjI3OS1iYmFlMTQ0MjJkZTIvYzA1Njc2YzczM2ZkOGNjYWU1YmU2
M2I5MmJkZGM5MGI3YTViNzRlNjk0NDljMWViMDQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNDI1ODJjNjctZGQzZi00YmM1LWJhNjAtZTk3
ZTU1MmM2ZTM1Lzg1ZWNkMGVmLTY5MjQtNDUyMi1iZDQ4LTFlMjYzMDAxOTAxYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzQyNTgyYzY3LWRkM2YtNGJjNS1iYTYw
LWU5N2U1NTJjNmUzNS9fWXpLNWI1anVTdmR5UXQ2VzNUbWxFbkI2d1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABgfwEwDQYJKoZIhvcNAQELBQADggEBAGsGb4kOb8AxpUK6xSq1N04DIXzW
SWy6Lz4sHf+24jtwjTlGkbnDAKW0FVyWF7qZ+7kuK3hcHjaKpBWl6B/5sy+pNxER
N5/Nv3Rge9wkDDJ0eDC8u67nayAHfrIEJ1IkCHJuKtwrNaLmUWDzWD6ATX/b3Ns4
cJur3e8dVHvFDKBZ6R6m2tbpGS9+7TZMagnaadRKeC34n3ImjpTezPJC3Q88R1Kx
D2phIX3IGdkE16JjpXNsd1PP/oaNZOkoJ3nllFbkqdFt/yPMau5ZGT23KvQvkyFd
YIrdnolGXR/x/GIf+HlqGp+KTYBHnrj6nIDUAT+SnBxAcW4G4GGXbfdWfow=
-----END CERTIFICATE-----
Generated at Fri Aug 8 12:53:58 2025 by rpki-client