Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/69d712a7-f3ce-497e-aae6-90aa99ab8e9f.roa
File:                     69d712a7-f3ce-497e-aae6-90aa99ab8e9f.roa (raw, json)
Hash identifier:          zsnJimCa1imUARcabXON10RGjNllVDB3unmoSvEsSYk=
Subject key identifier:   A7:CD:0A:A9:01:5F:9C:10:CE:BA:B8:1E:2B:90:95:C6:89:BD:5C:5C
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       3D34D182673EB052EE7813E2E0FEE1DEDAE49787
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/69d712a7-f3ce-497e-aae6-90aa99ab8e9f.roa
Signing time:             Fri 11 Jul 2025 18:01:00 +0000
ROA not before:           Fri 11 Jul 2025 18:01:00 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        173.82.15.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 01:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:34:d1:82:67:3e:b0:52:ee:78:13:e2:e0:fe:e1:de:da:e4:97:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jul 11 18:01:00 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=8518d908232507d80a8d2756a29a1358470779ed0d99686b6c30ee93a49ca4ec, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:4f:39:2d:46:b4:d0:b7:5d:ef:65:1d:2c:69:
                    ef:17:d3:98:ce:db:e2:bb:73:db:72:fb:5c:99:0a:
                    c3:b8:94:9b:4b:f5:88:59:4e:e3:9e:78:55:15:93:
                    ff:18:c7:f2:51:d8:5a:89:89:58:4f:8a:1a:94:30:
                    88:05:9f:d9:fd:de:91:9b:f1:2f:5d:a0:7a:aa:52:
                    c8:08:d2:dd:4d:7d:55:2a:40:81:b2:a9:44:20:d3:
                    10:37:c9:bf:1e:f2:25:f1:fc:83:76:f6:4f:6d:66:
                    31:e5:c9:fe:38:a9:0a:09:00:47:94:9e:73:98:e4:
                    0f:27:88:4a:6f:d3:83:96:e6:9b:f1:16:eb:6f:bd:
                    a5:b4:b9:cb:5d:d4:6b:b5:35:87:a4:2b:2a:78:35:
                    ae:1f:bb:c8:47:04:d2:c4:ca:ed:bb:68:a0:6b:39:
                    ee:a1:98:90:6b:9b:fc:70:85:af:bd:29:71:f2:73:
                    3c:9c:c0:a9:22:e8:3b:16:d6:dc:bd:58:b2:16:26:
                    ca:a8:c1:66:29:28:15:1d:96:26:b5:4e:36:cd:6b:
                    6d:cf:12:19:53:28:17:77:50:1c:60:9d:71:86:54:
                    ec:ef:32:42:f1:76:68:30:88:5c:21:f6:c3:92:1e:
                    57:cf:79:c1:d8:80:b9:ab:2c:96:1a:82:05:9d:cd:
                    49:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:CD:0A:A9:01:5F:9C:10:CE:BA:B8:1E:2B:90:95:C6:89:BD:5C:5C
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/69d712a7-f3ce-497e-aae6-90aa99ab8e9f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.82.15.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:99:c5:7d:13:a2:41:8e:a1:50:5d:06:49:9a:8b:da:03:38:
         45:28:dc:27:95:6c:39:f5:38:8f:2a:ad:fd:76:9d:e7:57:b4:
         7e:d2:43:2a:0c:d5:04:b3:fd:67:c7:b3:df:7d:9b:af:3a:29:
         46:4d:cd:42:49:f3:3c:89:24:84:e4:eb:6e:1a:e6:33:40:60:
         4a:f0:ba:43:82:98:f1:2f:5d:d1:6e:74:d3:10:b7:5f:20:d2:
         6e:23:47:4b:e2:4d:28:17:5f:28:77:55:56:77:e9:41:f2:ac:
         04:91:c3:84:c4:f8:9f:a4:a5:c8:7a:d7:90:15:a1:0d:3b:f2:
         e6:0e:0b:b0:48:d1:03:aa:c4:a4:3f:37:2b:d0:92:0f:37:f1:
         d5:18:12:ae:1d:70:c3:a5:15:ec:ee:1e:3e:48:c6:ca:67:36:
         47:c4:69:a6:9b:79:45:a9:6c:6a:eb:ed:b2:92:00:35:e9:63:
         f6:1f:85:97:b6:8e:1a:a0:5e:0b:19:e2:34:a2:b8:d2:e9:ad:
         1d:1d:19:4c:49:6f:37:de:c7:75:4b:9f:5d:0f:a7:96:f9:14:
         9b:92:f8:db:bd:d8:8f:70:3c:1c:9b:e8:1d:5b:b6:26:b5:3a:
         91:4e:49:eb:c9:1c:06:f3:b3:b1:32:25:12:b3:36:d1:b7:e8:
         98:91:ad:3a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPTTRgmc+sFLueBPi4P7h3trkl4cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNzExMTgwMTAwWhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NTE4ZDkwODIzMjUwN2Q4MGE4ZDI3NTZhMjlhMTM1ODQ3
MDc3OWVkMGQ5OTY4NmI2YzMwZWU5M2E0OWNhNGVjMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDwTzktRrTQt13vZR0sae8X05jO2+K7c9ty+1yZCsO4lJtL
9YhZTuOeeFUVk/8Yx/JR2FqJiVhPihqUMIgFn9n93pGb8S9doHqqUsgI0t1NfVUq
QIGyqUQg0xA3yb8e8iXx/IN29k9tZjHlyf44qQoJAEeUnnOY5A8niEpv04OW5pvx
FutvvaW0uctd1Gu1NYekKyp4Na4fu8hHBNLEyu27aKBrOe6hmJBrm/xwha+9KXHy
czycwKki6DsW1ty9WLIWJsqowWYpKBUdlia1TjbNa23PEhlTKBd3UBxgnXGGVOzv
MkLxdmgwiFwh9sOSHlfPecHYgLmrLJYaggWdzUm9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUp80KqQFfnBDOurgeK5CVxom9XFwwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzY5ZDcxMmE3LWYzY2UtNDk3ZS1hYWU2LTkwYWE5OWFiOGU5Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACtUg8wDQYJKoZIhvcNAQELBQADggEBAIeZxX0TokGOoVBdBkmai9oDOEUo
3CeVbDn1OI8qrf12nedXtH7SQyoM1QSz/WfHs999m686KUZNzUJJ8zyJJITk624a
5jNAYErwukOCmPEvXdFudNMQt18g0m4jR0viTSgXXyh3VVZ36UHyrASRw4TE+J+k
pch615AVoQ078uYOC7BI0QOqxKQ/NyvQkg838dUYEq4dcMOlFezuHj5IxspnNkfE
aaabeUWpbGrr7bKSADXpY/YfhZe2jhqgXgsZ4jSiuNLprR0dGUxJbzfex3VLn10P
p5b5FJuS+Nu92I9wPByb6B1btia1OpFOSevJHAbzs7EyJRKzNtG36JiRrTo=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:53:30 2025 by rpki-client