Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/26fc08da-85a4-4d3c-8d66-1c6767e44c24.roa
File:                     26fc08da-85a4-4d3c-8d66-1c6767e44c24.roa (raw, json)
Hash identifier:          8sXyvVel1c01FndPOb6EN1yCrlTHUBx603QM9KoeUp8=
Subject key identifier:   69:D8:FC:4F:C1:88:22:D5:82:52:92:6C:D2:30:A1:C0:35:46:66:2D
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       395EA08ABE7F6E3FA940A3D3A0D8BFC02C9BA081
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/26fc08da-85a4-4d3c-8d66-1c6767e44c24.roa
Signing time:             Fri 25 Jul 2025 16:30:21 +0000
ROA not before:           Fri 25 Jul 2025 16:30:21 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        173.82.79.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 01:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:5e:a0:8a:be:7f:6e:3f:a9:40:a3:d3:a0:d8:bf:c0:2c:9b:a0:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jul 25 16:30:21 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=40d908dffc011c7e1eb6b4c75002a2b7328f0df7ef4cb0cc7a50eb3e290c1983, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:d1:de:91:a1:ee:de:6f:54:c5:1f:31:46:08:
                    07:7b:ba:c4:7f:ce:6e:53:8b:2e:d5:1e:c4:ad:f9:
                    0f:27:1a:5f:03:ef:60:e1:b9:f1:1d:6e:b8:2c:f5:
                    39:d9:66:f8:aa:97:ad:40:a7:71:32:fa:fe:4e:5f:
                    f8:c9:31:bc:bb:8b:6a:64:56:ac:01:e4:cc:ae:e6:
                    75:fc:67:10:fa:5c:20:bf:59:bb:32:19:4a:aa:73:
                    fb:28:01:b4:30:6c:fb:ac:d0:95:d2:db:95:3f:4e:
                    9c:14:ba:84:3b:5d:27:10:85:3f:d5:c0:99:e0:ad:
                    54:ba:64:aa:f0:01:9c:d6:b0:f4:6d:5f:10:51:b8:
                    cf:c6:15:c9:6f:24:b3:0f:9c:36:3a:fa:bf:9b:38:
                    21:d5:49:d9:2b:0a:cd:b0:18:3a:db:c3:64:3e:e4:
                    0a:2c:77:14:3d:99:1f:fd:06:0d:0d:83:b8:3e:f3:
                    fa:50:e7:d6:d1:ff:36:4d:52:cb:13:75:ef:36:5d:
                    b9:72:a7:de:7d:6e:1b:79:2f:ad:e1:24:e4:54:e6:
                    97:62:e1:29:52:4d:b9:ca:78:cc:93:63:bc:4d:04:
                    55:dd:ae:3e:7d:81:00:dd:c6:e1:63:d3:27:73:f4:
                    cd:70:a8:df:db:3e:77:43:13:00:c3:dd:94:46:15:
                    11:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:D8:FC:4F:C1:88:22:D5:82:52:92:6C:D2:30:A1:C0:35:46:66:2D
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/26fc08da-85a4-4d3c-8d66-1c6767e44c24.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.82.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:38:66:36:68:31:1e:3d:c5:5d:8e:6c:ee:23:32:7b:a0:fc:
         5e:2a:b9:6b:a0:e7:f7:51:d8:d7:40:d8:93:76:0e:37:a2:b4:
         57:33:60:cf:e9:5d:ca:d2:6f:42:f3:76:24:79:cb:51:42:8d:
         91:f7:29:a0:f1:e5:94:53:29:e8:bf:46:40:21:51:31:0d:74:
         98:c4:88:8f:ac:36:a9:2e:73:1f:56:fa:77:cd:fa:9f:37:26:
         b2:54:fe:ad:7f:22:f3:a6:92:ea:1b:f8:4c:17:3c:40:6c:1c:
         2f:12:5e:e9:76:5f:85:13:2b:d4:d8:96:97:47:b0:21:f8:cf:
         bd:d9:ee:87:04:b5:db:a3:11:f7:38:3f:a8:d0:28:bf:0c:02:
         16:a9:2b:7b:de:42:2a:99:87:fd:70:7e:ef:d4:e2:11:3d:0b:
         8e:bf:ff:6b:a3:7d:53:3b:d8:bd:a0:6f:ac:71:30:84:ff:68:
         18:73:b8:c2:fc:89:80:b1:78:75:59:f8:d3:16:95:c1:3b:34:
         0a:dd:fb:18:d6:39:b0:9a:c3:70:7f:8a:a3:c5:a5:55:e8:0c:
         0a:32:b1:4b:35:6f:70:72:6f:0e:12:b1:37:e2:8b:5f:01:b3:
         24:ae:be:9b:24:07:1f:ea:57:86:ba:ac:3d:a1:09:dd:a7:22:
         e6:0b:34:e4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOV6gir5/bj+pQKPToNi/wCyboIEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNzI1MTYzMDIxWhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MGQ5MDhkZmZjMDExYzdlMWViNmI0Yzc1MDAyYTJiNzMy
OGYwZGY3ZWY0Y2IwY2M3YTUwZWIzZTI5MGMxOTgzMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZ0d6Roe7eb1TFHzFGCAd7usR/zm5Tiy7VHsSt+Q8nGl8D
72DhufEdbrgs9TnZZviql61Ap3Ey+v5OX/jJMby7i2pkVqwB5Myu5nX8ZxD6XCC/
WbsyGUqqc/soAbQwbPus0JXS25U/TpwUuoQ7XScQhT/VwJngrVS6ZKrwAZzWsPRt
XxBRuM/GFclvJLMPnDY6+r+bOCHVSdkrCs2wGDrbw2Q+5AosdxQ9mR/9Bg0Ng7g+
8/pQ59bR/zZNUssTde82Xblyp959bht5L63hJORU5pdi4SlSTbnKeMyTY7xNBFXd
rj59gQDdxuFj0ydz9M1wqN/bPndDEwDD3ZRGFRHnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUadj8T8GIItWCUpJs0jChwDVGZi0wHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzI2ZmMwOGRhLTg1YTQtNGQzYy04ZDY2LTFjNjc2N2U0NGMyNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACtUk8wDQYJKoZIhvcNAQELBQADggEBABU4ZjZoMR49xV2ObO4jMnug/F4q
uWug5/dR2NdA2JN2DjeitFczYM/pXcrSb0LzdiR5y1FCjZH3KaDx5ZRTKei/RkAh
UTENdJjEiI+sNqkucx9W+nfN+p83JrJU/q1/IvOmkuob+EwXPEBsHC8SXul2X4UT
K9TYlpdHsCH4z73Z7ocEtdujEfc4P6jQKL8MAhapK3veQiqZh/1wfu/U4hE9C46/
/2ujfVM72L2gb6xxMIT/aBhzuML8iYCxeHVZ+NMWlcE7NArd+xjWObCaw3B/iqPF
pVXoDAoysUs1b3Bybw4SsTfii18BsySuvpskBx/qV4a6rD2hCd2nIuYLNOQ=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:45:10 2025 by rpki-client