Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/36d19c61-2356-453b-bdde-185259d9b804.roa
File:                     36d19c61-2356-453b-bdde-185259d9b804.roa (raw, json)
Hash identifier:          UeEGJvp0m90Vt6Zf8VlfZjXPmqIb6g7odAksnuLNNMk=
Subject key identifier:   83:9B:D8:4F:7D:5F:1D:7D:09:D7:A7:6A:CC:C3:B1:67:06:DA:5C:73
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       2BB7D269DA1C9A639BF56E412610E1D09DC7B53D
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/36d19c61-2356-453b-bdde-185259d9b804.roa
Signing time:             Tue 05 Aug 2025 18:00:51 +0000
ROA not before:           Tue 05 Aug 2025 18:00:51 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        173.82.5.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:b7:d2:69:da:1c:9a:63:9b:f5:6e:41:26:10:e1:d0:9d:c7:b5:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Aug  5 18:00:51 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=7402e208faf707a576a665a693ea902196497f160a700dd4f09ef1b6f91c59e6, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:4b:f8:a0:f5:ab:59:fd:6c:ee:cf:95:0d:16:
                    82:1e:66:2d:12:db:e5:3e:eb:15:fe:b7:43:a4:5a:
                    51:18:88:f3:2f:71:93:c2:8d:36:5d:cb:92:2f:ef:
                    9f:a9:1c:5f:b1:0a:6c:dc:c3:5e:57:70:8b:37:5e:
                    3c:cc:b3:43:7e:10:35:1b:0f:3f:b9:9d:1d:3b:87:
                    a2:9d:8a:a4:2c:56:76:d7:b6:be:66:c3:7b:15:ef:
                    d0:45:19:42:99:bf:c9:ae:02:84:d4:75:1e:bf:c5:
                    c2:6f:5d:1f:45:64:62:99:2b:fd:23:95:73:3a:02:
                    08:b6:66:29:14:40:23:86:03:7b:0a:62:e8:d1:f2:
                    a5:b5:c5:7a:9f:e4:c3:b1:8d:16:a6:62:a4:af:b5:
                    cf:33:d4:2a:05:09:09:69:7f:e9:5a:ce:98:ac:70:
                    87:6e:01:fe:0f:dc:f0:d6:3e:69:43:14:91:f1:e2:
                    14:ad:59:78:1e:69:da:b7:1a:c0:2f:80:bc:0c:df:
                    a5:11:e4:6e:94:bb:f3:54:3a:a6:c8:c4:e3:84:82:
                    f1:37:93:d0:96:09:7a:5f:8c:cd:b4:22:d6:6f:ea:
                    5b:d4:a6:cf:9a:e4:01:5f:75:ff:12:d4:2f:70:64:
                    0b:33:f1:77:43:86:0d:29:59:19:4b:61:be:cd:46:
                    da:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:9B:D8:4F:7D:5F:1D:7D:09:D7:A7:6A:CC:C3:B1:67:06:DA:5C:73
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/36d19c61-2356-453b-bdde-185259d9b804.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.82.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:1f:72:bb:86:ba:f4:fe:e0:4b:cc:39:d7:60:c2:5a:04:ef:
         61:96:bb:27:4d:de:b6:ff:57:07:92:66:59:20:b4:67:1a:da:
         32:63:38:cc:89:7e:46:5a:d5:fd:70:70:2b:bd:b4:d9:87:7f:
         cf:62:c4:a6:3d:14:ef:d7:5a:0f:7c:23:ec:55:2b:c5:e5:f7:
         db:99:36:65:e5:a4:07:a5:87:ef:0d:3f:72:c0:a3:ad:53:f0:
         bb:2c:7b:41:1b:56:00:54:d1:4d:ba:73:1c:ba:1a:04:85:6f:
         92:49:89:c7:39:42:81:16:0a:9c:fc:f8:db:75:a8:a7:e7:3c:
         93:5e:91:64:53:e3:05:35:96:d2:6d:26:0f:08:bb:89:f4:50:
         bd:f1:91:46:a1:85:4a:6b:37:03:3a:b1:5b:1f:5e:5d:c2:7b:
         10:e3:d4:cd:81:46:c7:27:80:ab:d2:4e:c7:63:8c:07:04:22:
         ff:1a:d5:8e:e4:7b:9b:22:9e:57:89:bf:1d:90:fa:12:88:7a:
         aa:b2:7e:3a:da:c1:df:34:e9:a7:c1:db:a7:71:ec:2a:a3:8e:
         16:ce:1c:c9:e3:f7:7c:09:67:d0:d2:5f:85:0a:1b:86:77:de:
         fb:c3:57:72:32:26:98:89:fc:c8:0f:12:51:73:25:ea:5b:be:
         d7:9a:57:80
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUK7fSadocmmOb9W5BJhDh0J3HtT0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwODA1MTgwMDUxWhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A3NDAyZTIwOGZhZjcwN2E1NzZhNjY1YTY5M2VhOTAyMTk2
NDk3ZjE2MGE3MDBkZDRmMDllZjFiNmY5MWM1OWU2MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCNS/ig9atZ/Wzuz5UNFoIeZi0S2+U+6xX+t0OkWlEYiPMv
cZPCjTZdy5Iv75+pHF+xCmzcw15XcIs3XjzMs0N+EDUbDz+5nR07h6KdiqQsVnbX
tr5mw3sV79BFGUKZv8muAoTUdR6/xcJvXR9FZGKZK/0jlXM6Agi2ZikUQCOGA3sK
YujR8qW1xXqf5MOxjRamYqSvtc8z1CoFCQlpf+lazpiscIduAf4P3PDWPmlDFJHx
4hStWXgeadq3GsAvgLwM36UR5G6Uu/NUOqbIxOOEgvE3k9CWCXpfjM20ItZv6lvU
ps+a5AFfdf8S1C9wZAsz8XdDhg0pWRlLYb7NRtrVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUg5vYT31fHX0J16dqzMOxZwbaXHMwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzM2ZDE5YzYxLTIzNTYtNDUzYi1iZGRlLTE4NTI1OWQ5YjgwNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACtUgUwDQYJKoZIhvcNAQELBQADggEBAF4fcruGuvT+4EvMOddgwloE72GW
uydN3rb/VweSZlkgtGca2jJjOMyJfkZa1f1wcCu9tNmHf89ixKY9FO/XWg98I+xV
K8Xl99uZNmXlpAelh+8NP3LAo61T8Lsse0EbVgBU0U26cxy6GgSFb5JJicc5QoEW
Cpz8+Nt1qKfnPJNekWRT4wU1ltJtJg8Iu4n0UL3xkUahhUprNwM6sVsfXl3CexDj
1M2BRscngKvSTsdjjAcEIv8a1Y7ke5sinleJvx2Q+hKIeqqyfjrawd806afB26dx
7CqjjhbOHMnj93wJZ9DSX4UKG4Z33vvDV3IyJpiJ/MgPElFzJepbvteaV4A=
-----END CERTIFICATE-----
Generated at Wed Aug 6 00:50:32 2025 by rpki-client