Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bb137ef6-15e7-4d0d-9872-00d472b0776b.roa
File:                     bb137ef6-15e7-4d0d-9872-00d472b0776b.roa (raw, json)
Hash identifier:          AcE59LaUMyxmukWBDNGWGKbxts66Z5PM8HcZz+lagwk=
Subject key identifier:   1B:F4:BE:23:01:80:DE:D7:D6:2C:58:01:F0:BD:A5:D6:3F:CF:B4:B2
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       4BE4EC29093877F0CFEABBA84ED7082D4A499475
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bb137ef6-15e7-4d0d-9872-00d472b0776b.roa
Signing time:             Fri 25 Jul 2025 16:41:26 +0000
ROA not before:           Fri 25 Jul 2025 16:41:26 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        35.96.60.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:e4:ec:29:09:38:77:f0:cf:ea:bb:a8:4e:d7:08:2d:4a:49:94:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Jul 25 16:41:26 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=e0cc5e252aafa26c0bc862af81ce9a5c8a2c7fcae6b2d4d8eb8edb6f43b488e1, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:5c:13:ae:4f:24:b7:87:d8:cb:04:59:86:da:
                    8f:30:72:70:ba:f4:dc:e9:f3:fe:b8:93:2e:b0:d0:
                    04:00:8e:98:83:81:70:dc:a9:29:7f:41:98:3a:2d:
                    ff:5d:e6:a8:f6:f1:9a:79:d3:38:79:e8:0a:80:af:
                    6a:be:53:d9:62:94:88:04:23:04:e0:60:53:5a:da:
                    fe:2d:9f:5e:32:d1:7f:96:ae:16:ad:e8:27:77:3f:
                    a4:2c:45:ab:62:c1:bf:84:03:7f:26:76:27:24:d3:
                    53:6c:1d:59:6d:a1:e9:ce:a3:05:29:24:81:01:b4:
                    81:5f:76:8f:07:09:b1:d1:7f:2f:2d:e5:2a:8b:94:
                    60:eb:38:80:09:ef:b4:c8:13:d6:19:85:34:a3:b5:
                    78:aa:67:6b:7f:32:75:30:ce:a8:23:87:04:34:6e:
                    25:51:30:d3:fd:36:1d:c4:3b:29:c3:14:13:d3:dd:
                    8b:51:9e:c5:f3:a5:8b:be:f5:19:6a:28:c0:1f:58:
                    ff:8c:8e:6f:01:9c:78:59:03:a9:b7:6d:f6:fa:5c:
                    17:09:07:7b:7e:a7:3f:61:67:53:9d:12:02:eb:5c:
                    0e:3f:8a:91:a6:d5:c2:dd:bb:ab:f2:ae:6e:6d:a4:
                    5f:db:62:0b:ed:d8:3e:c8:3b:b1:7d:e8:b3:5d:37:
                    1c:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:F4:BE:23:01:80:DE:D7:D6:2C:58:01:F0:BD:A5:D6:3F:CF:B4:B2
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bb137ef6-15e7-4d0d-9872-00d472b0776b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.60.0/22

    Signature Algorithm: sha256WithRSAEncryption
         21:46:59:94:34:54:a0:a0:98:4e:73:20:db:a9:fb:0e:91:e8:
         68:72:71:ec:70:2f:14:5d:80:39:f7:8c:c8:a2:97:c0:97:b0:
         0d:f9:8c:f0:cf:59:41:1a:b6:bd:cd:b4:30:2e:5b:09:25:98:
         d5:a4:e5:e1:ef:50:00:4e:04:91:d0:09:5f:6d:2a:eb:3a:a3:
         14:9b:2f:90:d1:1f:b3:01:7f:1e:c6:66:8f:67:e3:27:bd:8c:
         ed:0a:94:e9:dc:c7:8a:e6:73:96:0b:3b:a7:a8:b7:c6:e7:f3:
         42:90:8c:fa:0b:23:30:77:da:0c:84:4f:a6:fb:59:eb:7a:77:
         f0:be:67:33:79:19:15:41:33:a7:cb:fd:df:cf:ec:41:a3:78:
         d2:d9:68:90:06:b0:d9:1f:45:5d:88:b4:9e:b5:4c:f2:53:ee:
         2c:83:a3:cf:c2:f3:f9:41:50:ff:c0:e7:0b:7b:48:b4:f8:34:
         84:da:7c:57:80:c6:69:8b:ee:34:a8:6f:ca:f0:c3:8d:dd:0b:
         76:d4:0d:73:30:a9:ae:63:b4:e3:2c:d9:31:39:0a:49:ea:11:
         87:3f:55:ea:18:b4:ba:e3:9f:be:4e:f8:8b:14:5c:97:e5:d6:
         be:57:8d:6e:ab:94:97:59:08:d4:b1:78:81:a8:dd:ac:2c:f8:
         ab:f0:81:5e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUS+TsKQk4d/DP6ruoTtcILUpJlHUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwNzI1MTY0MTI2WhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlMGNjNWUyNTJhYWZhMjZjMGJjODYyYWY4MWNlOWE1Yzhh
MmM3ZmNhZTZiMmQ0ZDhlYjhlZGI2ZjQzYjQ4OGUxMS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDaXBOuTyS3h9jLBFmG2o8wcnC69Nzp8/64ky6w0AQAjpiD
gXDcqSl/QZg6Lf9d5qj28Zp50zh56AqAr2q+U9lilIgEIwTgYFNa2v4tn14y0X+W
rhat6Cd3P6QsRatiwb+EA38mdick01NsHVltoenOowUpJIEBtIFfdo8HCbHRfy8t
5SqLlGDrOIAJ77TIE9YZhTSjtXiqZ2t/MnUwzqgjhwQ0biVRMNP9Nh3EOynDFBPT
3YtRnsXzpYu+9RlqKMAfWP+Mjm8BnHhZA6m3bfb6XBcJB3t+pz9hZ1OdEgLrXA4/
ipGm1cLdu6vyrm5tpF/bYgvt2D7IO7F96LNdNxznAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUG/S+IwGA3tfWLFgB8L2l1j/PtLIwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyL2JiMTM3ZWY2LTE1ZTctNGQwZC05ODcyLTAwZDQ3MmIwNzc2Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIjYDwwDQYJKoZIhvcNAQELBQADggEBACFGWZQ0VKCgmE5zINup+w6R6Ghy
cexwLxRdgDn3jMiil8CXsA35jPDPWUEatr3NtDAuWwklmNWk5eHvUABOBJHQCV9t
Kus6oxSbL5DRH7MBfx7GZo9n4ye9jO0KlOncx4rmc5YLO6eot8bn80KQjPoLIzB3
2gyET6b7Wet6d/C+ZzN5GRVBM6fL/d/P7EGjeNLZaJAGsNkfRV2ItJ61TPJT7iyD
o8/C8/lBUP/A5wt7SLT4NITafFeAxmmL7jSob8rww43dC3bUDXMwqa5jtOMs2TE5
CknqEYc/VeoYtLrjn75O+IsUXJfl1r5XjW6rlJdZCNSxeIGo3aws+KvwgV4=
-----END CERTIFICATE-----
Generated at Wed Aug 6 13:05:50 2025 by rpki-client