Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/8e88398f-80cd-4b06-bbdf-e3fab6e6abe1.roa
File:                     8e88398f-80cd-4b06-bbdf-e3fab6e6abe1.roa (raw, json)
Hash identifier:          8TisopfrQAanGcx20lAxOSn5+3ovIpCe/Igd1h5V/4I=
Subject key identifier:   49:FE:7A:9B:3A:85:B8:7B:48:F1:37:87:03:C1:CD:1A:77:C1:71:A2
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       309CF8B4E01A901015505D4251414BA82CF34E4A
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/8e88398f-80cd-4b06-bbdf-e3fab6e6abe1.roa
Signing time:             Fri 25 Jul 2025 16:40:53 +0000
ROA not before:           Fri 25 Jul 2025 16:40:53 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     801
IP address blocks:        35.96.8.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 12 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:9c:f8:b4:e0:1a:90:10:15:50:5d:42:51:41:4b:a8:2c:f3:4e:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Jul 25 16:40:53 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=a97658d9f215c887e68566a5694668598cffd3614d2106bfac73df964de0f169, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:88:85:81:44:b9:ea:98:20:22:d8:1a:d6:94:
                    2f:6b:39:96:d3:b6:61:a2:94:bb:ce:78:b5:41:7d:
                    c7:ea:66:6a:4b:8f:d6:9a:1c:9c:bc:1f:46:ff:f0:
                    87:72:30:42:07:a1:52:7c:36:78:c3:26:fb:69:96:
                    7a:a3:02:b3:33:e2:1f:55:b0:a9:83:5b:45:18:f2:
                    3e:a9:a3:34:b6:e4:60:37:05:fb:87:15:52:7f:91:
                    31:19:0f:c3:75:b1:92:e3:c5:bb:8b:18:ea:29:2c:
                    fd:e7:c6:0b:6b:f0:9d:07:ae:3b:3b:99:f7:7b:fc:
                    bc:80:4a:65:b3:33:76:fd:16:fa:36:ec:26:3e:18:
                    d1:39:c8:87:61:15:cd:13:48:f9:cd:42:1e:c7:c1:
                    f1:bb:8c:8f:79:e5:6d:53:da:9c:f5:ef:7e:1d:4d:
                    5f:91:3c:18:1e:0a:cd:11:2d:e5:4c:8d:9c:b7:aa:
                    84:d5:84:8e:40:37:5d:3a:ff:fa:5f:c6:f9:b2:e1:
                    19:88:c9:58:61:5c:32:0b:85:37:62:8e:5f:29:47:
                    35:48:63:3a:9d:0f:97:18:b6:22:f5:1d:de:72:78:
                    89:cd:9f:f8:4e:b1:63:4d:3b:cd:3e:7e:45:93:e7:
                    93:74:31:b0:f6:fd:cc:88:75:07:8e:28:14:dc:cc:
                    fe:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:FE:7A:9B:3A:85:B8:7B:48:F1:37:87:03:C1:CD:1A:77:C1:71:A2
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/8e88398f-80cd-4b06-bbdf-e3fab6e6abe1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:c8:31:e8:dc:37:a1:8b:01:b6:c5:76:90:8f:9a:9e:cb:fb:
         73:d8:f3:a8:12:48:ae:ec:fe:cd:7d:7e:3d:36:35:47:00:ef:
         ea:fd:83:9d:9a:53:f1:9a:5e:cf:63:2c:b2:04:b3:fe:e8:89:
         be:3c:6a:c5:87:16:c9:ad:35:72:49:90:98:f1:cf:ee:69:dd:
         5e:d6:d3:7d:f0:1b:cc:b4:4b:0a:d5:8d:53:9b:aa:30:b3:75:
         fe:70:8d:a0:c3:5d:7e:40:9f:4f:f4:60:97:e1:48:f0:ec:0e:
         a3:d8:d0:ae:bc:e2:15:9b:81:66:4c:a9:c3:0d:26:3f:5f:d3:
         a2:12:10:98:a3:29:d3:ad:6f:84:34:18:94:75:b6:d8:01:71:
         97:26:4f:2d:d1:c0:66:53:ae:f6:ca:20:a6:83:55:00:1d:c6:
         30:58:08:54:e0:42:e5:2c:2d:46:1d:85:90:89:7b:aa:ec:5c:
         df:0c:a9:ca:3e:20:45:3d:cb:42:58:d8:4d:e2:49:08:ff:85:
         85:67:47:f5:92:8c:bf:30:e4:03:71:9a:b2:c3:9e:e2:be:80:
         8e:f2:02:03:29:34:4c:bf:48:2d:5f:5f:ac:45:00:b7:67:00:
         dc:b5:1b:4c:2f:de:c7:30:42:12:b8:10:fa:8d:78:14:78:0b:
         ea:5b:ad:ae
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMJz4tOAakBAVUF1CUUFLqCzzTkowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwNzI1MTY0MDUzWhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BhOTc2NThkOWYyMTVjODg3ZTY4NTY2YTU2OTQ2Njg1OThj
ZmZkMzYxNGQyMTA2YmZhYzczZGY5NjRkZTBmMTY5MS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCkiIWBRLnqmCAi2BrWlC9rOZbTtmGilLvOeLVBfcfqZmpL
j9aaHJy8H0b/8IdyMEIHoVJ8NnjDJvtplnqjArMz4h9VsKmDW0UY8j6pozS25GA3
BfuHFVJ/kTEZD8N1sZLjxbuLGOopLP3nxgtr8J0Hrjs7mfd7/LyASmWzM3b9Fvo2
7CY+GNE5yIdhFc0TSPnNQh7HwfG7jI955W1T2pz1734dTV+RPBgeCs0RLeVMjZy3
qoTVhI5AN106//pfxvmy4RmIyVhhXDILhTdijl8pRzVIYzqdD5cYtiL1Hd5yeInN
n/hOsWNNO80+fkWT55N0MbD2/cyIdQeOKBTczP5JAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUSf56mzqFuHtI8TeHA8HNGnfBcaIwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyLzhlODgzOThmLTgwY2QtNGIwNi1iYmRmLWUzZmFiNmU2YWJlMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAjYAgwDQYJKoZIhvcNAQELBQADggEBAAXIMejcN6GLAbbFdpCPmp7L+3PY
86gSSK7s/s19fj02NUcA7+r9g52aU/GaXs9jLLIEs/7oib48asWHFsmtNXJJkJjx
z+5p3V7W033wG8y0SwrVjVObqjCzdf5wjaDDXX5An0/0YJfhSPDsDqPY0K684hWb
gWZMqcMNJj9f06ISEJijKdOtb4Q0GJR1ttgBcZcmTy3RwGZTrvbKIKaDVQAdxjBY
CFTgQuUsLUYdhZCJe6rsXN8Mqco+IEU9y0JY2E3iSQj/hYVnR/WSjL8w5ANxmrLD
nuK+gI7yAgMpNEy/SC1fX6xFALdnANy1G0wv3scwQhK4EPqNeBR4C+pbra4=
-----END CERTIFICATE-----
Generated at Mon Aug 11 04:08:10 2025 by rpki-client