Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/d45c754b-55fa-459b-9d5e-9107618580af.roa
File:                     d45c754b-55fa-459b-9d5e-9107618580af.roa (raw, json)
Hash identifier:          pw/jNuLf0D0a9FlFj4nhYzWfsi3yii9B8D1Yy8kphvY=
Subject key identifier:   EF:C3:07:2F:BF:F7:E2:C2:73:4D:76:99:82:33:DB:1C:D5:B6:5E:60
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       305987B8BEB94258E5BAE81F77FD3D4741569B38
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/d45c754b-55fa-459b-9d5e-9107618580af.roa
Signing time:             Tue 29 Jul 2025 18:20:23 +0000
ROA not before:           Tue 29 Jul 2025 18:20:23 +0000
ROA not after:            Tue 02 Sep 2025 23:59:59 +0000
asID:                     801
IP address blocks:        35.96.41.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 12 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:59:87:b8:be:b9:42:58:e5:ba:e8:1f:77:fd:3d:47:41:56:9b:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Jul 29 18:20:23 2025 GMT
            Not After : Sep  2 23:59:59 2025 GMT
        Subject: serialNumber=d5946d722f809e2820e319f9f0a71f846a29791c0017c804a505413c01c730fe, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:20:f9:3e:89:30:44:ba:5c:af:75:59:af:68:
                    73:33:a6:1a:86:52:5e:47:f9:34:37:86:8a:9e:68:
                    9c:f0:90:12:3a:10:d0:88:1b:74:df:3f:02:d7:46:
                    86:f5:93:55:b7:5b:70:6b:8d:7d:ef:11:f2:24:7d:
                    55:4f:06:08:21:97:06:cc:5d:2a:72:09:f9:8d:b4:
                    ff:4d:41:1e:38:73:67:9a:c6:9c:b6:2a:59:78:c3:
                    f5:6d:52:c8:60:43:c7:a5:58:33:c2:df:95:71:b6:
                    7d:8a:3c:20:b2:b6:6a:e9:8b:f2:4e:d1:65:7f:8d:
                    f1:26:67:06:58:0a:d7:95:08:52:fd:ee:85:fd:e5:
                    02:b4:68:66:66:06:1e:a4:41:59:0c:f2:4a:b8:eb:
                    13:ab:a1:ae:cb:04:f5:78:14:e0:7b:0e:6a:37:24:
                    83:ab:5d:79:34:93:39:a9:bc:a4:19:17:af:25:aa:
                    40:13:5b:62:6d:2e:2a:8a:1e:b0:02:2d:d3:ed:c9:
                    bf:f4:ec:bc:b5:e6:58:9a:77:20:7b:a6:93:7d:8c:
                    a1:65:7b:e4:91:f6:70:7a:9f:b2:9e:c5:89:fe:d5:
                    eb:76:f3:10:bd:07:44:ea:01:99:a0:a2:f5:20:9c:
                    2b:4f:8d:0f:67:95:c9:29:46:65:13:a3:9d:6f:0a:
                    b2:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:C3:07:2F:BF:F7:E2:C2:73:4D:76:99:82:33:DB:1C:D5:B6:5E:60
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/d45c754b-55fa-459b-9d5e-9107618580af.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:b8:b9:18:6c:22:c4:01:63:ea:46:b9:9a:5c:8b:d5:35:c6:
         66:21:9f:52:b7:80:fa:4a:18:57:92:fd:71:a2:9d:27:c6:98:
         3a:81:f7:07:06:a2:f9:8c:23:14:09:35:0a:d6:23:0a:42:c2:
         ad:f1:2b:cf:b2:ff:80:b3:6a:69:d8:88:75:83:2a:17:a9:55:
         3e:9c:02:ab:21:19:ed:a3:27:0c:fc:b0:16:b7:12:5a:47:b1:
         7a:e5:f4:b2:5e:69:8b:bf:6c:3a:f5:b1:d8:15:f4:b9:9f:c1:
         6c:b8:10:78:ee:6c:2b:b4:a9:8c:e9:ca:7e:e6:b3:f9:f1:86:
         e4:bb:a4:c8:00:a1:84:e7:ec:1c:11:ae:05:34:fa:05:d5:91:
         2e:f2:b0:c2:0e:41:9e:02:9e:62:95:7f:e1:f3:5f:18:db:cd:
         3a:7f:ba:84:c6:2b:70:2f:8c:7c:3a:7a:27:92:81:0a:5f:28:
         f4:5b:12:3f:92:bc:01:af:44:4a:66:a6:5a:9b:39:55:d4:00:
         bc:fb:88:f1:ea:bf:11:e8:16:38:aa:93:72:4a:ea:a9:1f:c6:
         25:6d:48:e3:33:4f:9b:ac:90:16:b3:df:72:19:00:f2:6e:a3:
         c6:ae:03:d9:24:f6:54:c3:04:f7:a2:3e:86:d6:23:a7:b5:8c:
         cd:e4:1c:2c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMFmHuL65Qljluugfd/09R0FWmzgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwNzI5MTgyMDIzWhcNMjUwOTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BkNTk0NmQ3MjJmODA5ZTI4MjBlMzE5ZjlmMGE3MWY4NDZh
Mjk3OTFjMDAxN2M4MDRhNTA1NDEzYzAxYzczMGZlMS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+IPk+iTBEulyvdVmvaHMzphqGUl5H+TQ3hoqeaJzwkBI6
ENCIG3TfPwLXRob1k1W3W3BrjX3vEfIkfVVPBgghlwbMXSpyCfmNtP9NQR44c2ea
xpy2Kll4w/VtUshgQ8elWDPC35Vxtn2KPCCytmrpi/JO0WV/jfEmZwZYCteVCFL9
7oX95QK0aGZmBh6kQVkM8kq46xOroa7LBPV4FOB7Dmo3JIOrXXk0kzmpvKQZF68l
qkATW2JtLiqKHrACLdPtyb/07Ly15liadyB7ppN9jKFle+SR9nB6n7KexYn+1et2
8xC9B0TqAZmgovUgnCtPjQ9nlckpRmUTo51vCrIzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU78MHL7/34sJzTXaZgjPbHNW2XmAwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyL2Q0NWM3NTRiLTU1ZmEtNDU5Yi05ZDVlLTkxMDc2MTg1ODBhZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAjYCkwDQYJKoZIhvcNAQELBQADggEBAIe4uRhsIsQBY+pGuZpci9U1xmYh
n1K3gPpKGFeS/XGinSfGmDqB9wcGovmMIxQJNQrWIwpCwq3xK8+y/4CzamnYiHWD
KhepVT6cAqshGe2jJwz8sBa3ElpHsXrl9LJeaYu/bDr1sdgV9LmfwWy4EHjubCu0
qYzpyn7ms/nxhuS7pMgAoYTn7BwRrgU0+gXVkS7ysMIOQZ4CnmKVf+HzXxjbzTp/
uoTGK3AvjHw6eieSgQpfKPRbEj+SvAGvREpmplqbOVXUALz7iPHqvxHoFjiqk3JK
6qkfxiVtSOMzT5uskBaz33IZAPJuo8auA9kk9lTDBPeiPobWI6e1jM3kHCw=
-----END CERTIFICATE-----
Generated at Mon Aug 11 09:49:52 2025 by rpki-client