Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/db0b227f-9958-4ebb-9f23-65cc24c5c799.roa
File:                     db0b227f-9958-4ebb-9f23-65cc24c5c799.roa (raw, json)
Hash identifier:          k2tszS9HPx+URZdmp9YoNA8TYzOGKi189x8CS49Dq1A=
Subject key identifier:   A8:DB:96:83:46:26:3C:DF:10:B2:98:65:C1:31:A5:B2:0F:95:29:6A
Certificate issuer:       /CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d
Certificate serial:       53648801117C59F5EEB1E0D97FFB3697A7EB6BC6
Authority key identifier: 7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/db0b227f-9958-4ebb-9f23-65cc24c5c799.roa
Signing time:             Sat 26 Jul 2025 00:20:40 +0000
ROA not before:           Sat 26 Jul 2025 00:20:40 +0000
ROA not after:            Sat 30 Aug 2025 23:59:59 +0000
asID:                     62785
IP address blocks:        172.96.96.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 11 Aug 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:64:88:01:11:7c:59:f5:ee:b1:e0:d9:7f:fb:36:97:a7:eb:6b:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d
        Validity
            Not Before: Jul 26 00:20:40 2025 GMT
            Not After : Aug 30 23:59:59 2025 GMT
        Subject: serialNumber=3f3ab9b0c911027c28392150a29a0e9c632ecc70e54cd12a3392a83a413ed710, CN=b0dbbb6a-5472-4b68-ae4d-401518603039
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:3a:3e:85:3e:8d:a9:11:96:ac:8f:33:9a:d9:
                    b2:ad:55:79:2f:77:e5:b8:b3:de:07:d2:39:8b:8e:
                    bf:40:c7:8e:93:80:80:75:ca:fd:e8:cd:3a:2c:fb:
                    7a:8a:06:21:52:e7:5b:83:d9:e8:0a:71:d0:ed:9f:
                    8e:52:3f:fa:77:07:26:bd:c4:70:38:79:b3:4e:f3:
                    23:73:4d:ba:b3:23:af:ac:a0:18:0e:ad:4f:e3:3e:
                    0d:cf:53:9b:cf:87:5e:9d:6d:80:b1:47:0b:aa:8d:
                    99:4f:d7:9f:74:db:7e:43:65:a9:d7:e6:e2:2b:75:
                    44:6f:05:3e:2a:a5:85:43:88:ef:f3:6a:c9:49:bb:
                    e3:72:d5:c0:ac:72:f3:72:39:76:ea:fc:e5:1e:c1:
                    aa:26:9b:d6:ea:0f:33:64:50:4d:6e:df:c3:99:f1:
                    64:16:8c:28:10:fb:d6:35:cd:d1:32:d6:7a:04:71:
                    90:e3:b8:a2:a6:22:c1:1a:79:af:22:ce:50:a3:7c:
                    3f:a9:0e:e1:61:bd:bc:1f:cb:89:96:b5:3c:36:0b:
                    c1:f9:10:cc:ea:4a:69:59:b4:86:bc:42:35:f7:5d:
                    c6:94:83:d5:79:a1:2f:08:bd:b9:da:72:5b:cb:a0:
                    db:1c:65:71:41:16:15:af:59:38:96:ad:e9:f5:de:
                    eb:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:DB:96:83:46:26:3C:DF:10:B2:98:65:C1:31:A5:B2:0F:95:29:6A
            X509v3 Authority Key Identifier:
                keyid:7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/db0b227f-9958-4ebb-9f23-65cc24c5c799.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  172.96.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         77:76:9d:50:93:51:4f:28:a2:25:03:35:ee:2f:59:a3:88:82:
         f1:7f:6f:59:c7:f5:47:05:b6:af:cb:0b:1e:35:8c:64:fc:32:
         0f:ca:fb:8f:e2:d7:2b:9d:e7:a7:40:96:f9:7d:e5:f3:25:49:
         5d:81:d2:c9:dd:c6:7a:0e:41:27:a4:98:7c:e3:53:de:b1:70:
         be:92:4f:cd:a8:c5:95:53:91:8d:4c:d3:d0:f8:ca:fc:5e:d7:
         3b:1e:55:ba:fe:75:5c:a5:e3:43:c4:4f:ee:4d:4f:7c:d6:d1:
         d0:94:c2:04:7b:74:ba:d4:07:5a:e6:93:a5:95:cd:dd:d9:75:
         df:b5:1f:69:ef:29:3c:11:25:99:8a:c2:0c:2e:32:42:96:3a:
         e2:d0:fe:80:d8:a0:36:ab:50:71:af:a3:a6:e4:a5:4c:ac:79:
         ac:65:a4:40:a4:83:f9:4c:4d:8f:c8:33:06:b9:ea:11:90:e2:
         e0:30:0d:72:18:5c:9d:cc:92:23:04:eb:66:b0:0d:3c:3c:7e:
         61:4e:72:c8:2c:5f:60:48:9e:b3:c8:16:be:a4:1b:38:3a:4f:
         ff:df:54:83:fc:7c:17:ed:48:66:4d:11:59:7c:a9:64:e6:31:
         46:7b:99:03:a1:a5:c2:14:9d:4c:cd:3e:14:bc:f2:af:e6:af:
         3e:8c:8e:24
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUU2SIARF8WfXuseDZf/s2l6fra8YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMGVlNDU4M2Q4NGQ5YjRmMDgyNGNiODBiYThmYzEyNDBi
NDc5NGI1MTUwNzFlOTc1MWQwHhcNMjUwNzI2MDAyMDQwWhcNMjUwODMwMjM1OTU5
WjB6MUkwRwYDVQQFE0AzZjNhYjliMGM5MTEwMjdjMjgzOTIxNTBhMjlhMGU5YzYz
MmVjYzcwZTU0Y2QxMmEzMzkyYTgzYTQxM2VkNzEwMS0wKwYDVQQDEyRiMGRiYmI2
YS01NDcyLTRiNjgtYWU0ZC00MDE1MTg2MDMwMzkwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyOj6FPo2pEZasjzOa2bKtVXkvd+W4s94H0jmLjr9Ax46T
gIB1yv3ozTos+3qKBiFS51uD2egKcdDtn45SP/p3Bya9xHA4ebNO8yNzTbqzI6+s
oBgOrU/jPg3PU5vPh16dbYCxRwuqjZlP1590235DZanX5uIrdURvBT4qpYVDiO/z
aslJu+Ny1cCscvNyOXbq/OUewaomm9bqDzNkUE1u38OZ8WQWjCgQ+9Y1zdEy1noE
cZDjuKKmIsEaea8izlCjfD+pDuFhvbwfy4mWtTw2C8H5EMzqSmlZtIa8QjX3XcaU
g9V5oS8IvbnaclvLoNscZXFBFhWvWTiWren13uvVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUqNuWg0YmPN8QsphlwTGlsg+VKWowHwYDVR0jBBgwFoAUfYRHxJeKC0xz
m+v2kuJMdd0/vK4wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9iNGU0ZmVjNS0z
NTEwLTQwMTctOTBlZi04MzkxNDEyZWNkNmMvMGVlNDU4M2Q4NGQ5YjRmMDgyNGNi
ODBiYThmYzEyNDBiNDc5NGI1MTUwNzFlOTc1MWQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZGZkN2Y2ZDMtZTZlOS00OTg3LTlhZTctZDA1
MmM1MzUzODk4L2RiMGIyMjdmLTk5NTgtNGViYi05ZjIzLTY1Y2MyNGM1Yzc5OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2RmZDdmNmQzLWU2ZTktNDk4Ny05YWU3
LWQwNTJjNTM1Mzg5OC8yYlR3Z2t5NEM2ajhFa0MwZVV0UlVISHBkUjAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBASsYGAwDQYJKoZIhvcNAQELBQADggEBAHd2nVCTUU8ooiUDNe4vWaOIgvF/
b1nH9UcFtq/LCx41jGT8Mg/K+4/i1yud56dAlvl95fMlSV2B0sndxnoOQSekmHzj
U96xcL6ST82oxZVTkY1M09D4yvxe1zseVbr+dVyl40PET+5NT3zW0dCUwgR7dLrU
B1rmk6WVzd3Zdd+1H2nvKTwRJZmKwgwuMkKWOuLQ/oDYoDarUHGvo6bkpUyseaxl
pECkg/lMTY/IMwa56hGQ4uAwDXIYXJ3MkiME62awDTw8fmFOcsgsX2BInrPIFr6k
Gzg6T//fVIP8fBftSGZNEVl8qWTmMUZ7mQOhpcIUnUzNPhS88q/mrz6MjiQ=
-----END CERTIFICATE-----
Generated at Sat Aug 9 20:34:41 2025 by rpki-client