Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/ab93a760-7847-474c-be70-5bb33a070942.roa
File:                     ab93a760-7847-474c-be70-5bb33a070942.roa (raw, json)
Hash identifier:          r2z+odiLC9Dq6ukyYlKrYEyjJv/J5I34fh5RdW2OBZI=
Subject key identifier:   D4:4B:36:4B:99:9A:F3:91:4C:DC:48:D9:72:07:A2:5F:F5:30:C3:43
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       1A56858FBCB5658F11FD393532064CC8566D090C
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/ab93a760-7847-474c-be70-5bb33a070942.roa
Signing time:             Fri 25 Apr 2025 17:40:41 +0000
ROA not before:           Fri 25 Apr 2025 17:40:41 +0000
ROA not after:            Fri 30 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        35.96.64.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:56:85:8f:bc:b5:65:8f:11:fd:39:35:32:06:4c:c8:56:6d:09:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Apr 25 17:40:41 2025 GMT
            Not After : May 30 23:59:59 2025 GMT
        Subject: serialNumber=370fecff0b031aee1d1ca18c9c3c4269360dae9dbf4bc0e997eb2880ccab9fe6, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ac:d6:76:2d:11:d3:b1:7b:df:2a:23:e9:65:
                    53:7d:bf:25:48:80:fb:b6:7e:73:e0:34:8e:c3:de:
                    4e:a8:b2:0f:a3:4b:6d:d4:b1:75:3c:af:31:a0:94:
                    8f:1d:1c:34:dc:7e:80:dd:f0:88:03:85:1e:ee:0a:
                    83:db:f0:db:26:92:25:62:33:f7:04:1f:37:eb:1f:
                    0f:d7:5d:69:6e:34:9a:aa:84:f8:1b:63:10:54:97:
                    3b:fa:6e:e0:f0:bf:1e:97:b6:29:2a:31:bc:e4:7a:
                    d5:ef:46:0a:e2:cd:c4:ad:fb:e1:80:e2:7b:ae:9b:
                    d8:0d:d9:9d:df:91:86:09:11:d5:49:70:34:e1:44:
                    df:ab:32:8e:b1:7e:a1:93:39:c3:d5:08:1e:56:29:
                    dc:22:5f:6e:95:10:68:f1:8c:16:00:f9:7f:73:68:
                    7b:5f:8f:6b:d4:76:c9:ea:75:d5:e8:d6:be:89:bd:
                    c2:45:29:c3:10:fc:50:64:77:f1:60:6d:53:69:d4:
                    5b:eb:5d:85:15:7b:79:29:af:af:8f:1a:ea:e1:9b:
                    68:eb:46:9c:f4:7e:ba:3d:3e:db:f7:86:26:55:ef:
                    62:a0:89:7c:13:20:33:44:13:18:de:54:d2:26:76:
                    d8:a5:bf:4b:03:34:02:b6:90:b5:a9:e1:fd:95:4f:
                    7d:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:4B:36:4B:99:9A:F3:91:4C:DC:48:D9:72:07:A2:5F:F5:30:C3:43
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/ab93a760-7847-474c-be70-5bb33a070942.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         6b:37:75:1f:d7:4d:3e:d3:68:ca:53:80:94:a4:20:6c:fa:ea:
         07:d4:4f:ff:5f:a1:4d:d2:03:93:2d:1c:30:d0:9e:52:1b:f6:
         38:81:38:ab:87:76:79:8f:ec:c2:5b:30:b3:33:67:62:90:25:
         74:f8:c4:e7:ed:48:25:20:55:3e:15:04:87:8b:01:68:cd:0e:
         b3:e3:c6:99:00:df:23:7e:df:20:98:e5:ad:b0:ed:79:a6:08:
         76:1a:79:6e:67:7c:60:fe:3b:af:c6:47:3b:02:0c:ef:9f:a7:
         73:85:c4:41:27:50:f0:4a:89:b6:5e:76:e2:46:06:12:f0:4b:
         a8:30:b2:99:10:27:0e:c4:43:62:6a:05:a8:07:67:d6:cc:29:
         36:9d:d7:27:91:36:4f:f6:67:76:8a:e1:41:f2:21:c7:ce:23:
         3e:54:37:a5:73:55:a7:48:a4:60:30:45:de:da:fb:ba:06:ee:
         90:e4:fd:69:67:31:c4:df:cf:63:8c:2d:c6:b8:95:aa:ca:a0:
         97:a5:53:9e:c7:ba:bc:44:df:26:d3:e8:eb:4a:9c:0d:84:ad:
         e8:d1:95:a9:a2:74:54:8c:ce:26:25:a9:b4:64:94:81:0f:72:
         0e:60:3f:7d:43:e1:27:3a:f9:19:67:3d:7f:5c:44:4f:0b:fb:
         40:1f:d8:d9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGlaFj7y1ZY8R/Tk1MgZMyFZtCQwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwNDI1MTc0MDQxWhcNMjUwNTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0AzNzBmZWNmZjBiMDMxYWVlMWQxY2ExOGM5YzNjNDI2OTM2
MGRhZTlkYmY0YmMwZTk5N2ViMjg4MGNjYWI5ZmU2MS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDArNZ2LRHTsXvfKiPpZVN9vyVIgPu2fnPgNI7D3k6osg+j
S23UsXU8rzGglI8dHDTcfoDd8IgDhR7uCoPb8NsmkiViM/cEHzfrHw/XXWluNJqq
hPgbYxBUlzv6buDwvx6XtikqMbzketXvRgrizcSt++GA4nuum9gN2Z3fkYYJEdVJ
cDThRN+rMo6xfqGTOcPVCB5WKdwiX26VEGjxjBYA+X9zaHtfj2vUdsnqddXo1r6J
vcJFKcMQ/FBkd/FgbVNp1FvrXYUVe3kpr6+PGurhm2jrRpz0fro9Ptv3hiZV72Kg
iXwTIDNEExjeVNImdtilv0sDNAK2kLWp4f2VT32dAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU1Es2S5ma85FM3EjZcgeiX/Uww0MwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyL2FiOTNhNzYwLTc4NDctNDc0Yy1iZTcwLTViYjMzYTA3MDk0Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQjYEAwDQYJKoZIhvcNAQELBQADggEBAGs3dR/XTT7TaMpTgJSkIGz66gfU
T/9foU3SA5MtHDDQnlIb9jiBOKuHdnmP7MJbMLMzZ2KQJXT4xOftSCUgVT4VBIeL
AWjNDrPjxpkA3yN+3yCY5a2w7XmmCHYaeW5nfGD+O6/GRzsCDO+fp3OFxEEnUPBK
ibZeduJGBhLwS6gwspkQJw7EQ2JqBagHZ9bMKTad1yeRNk/2Z3aK4UHyIcfOIz5U
N6VzVadIpGAwRd7a+7oG7pDk/WlnMcTfz2OMLca4larKoJelU57HurxE3ybT6OtK
nA2ErejRlamidFSMziYlqbRklIEPcg5gP31D4Sc6+RlnPX9cRE8L+0Af2Nk=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:58:17 2025 by rpki-client