Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/decfa8a2-ad50-432e-96a7-cba83d9032f9.roa
File:                     decfa8a2-ad50-432e-96a7-cba83d9032f9.roa (raw, json)
Hash identifier:          WhfOpvyGfsJtfyFdZ4xE8YF4L40yHYRFtaMkNdBHYFQ=
Subject key identifier:   E6:A8:EF:1D:11:94:2B:80:4D:41:AF:82:05:F3:C4:AE:E7:29:07:2A
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       493DADB0843F0747031B579CBE8DE0BCEE07EE69
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/decfa8a2-ad50-432e-96a7-cba83d9032f9.roa
Signing time:             Tue 05 Aug 2025 18:20:04 +0000
ROA not before:           Tue 05 Aug 2025 18:20:04 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        35.96.9.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:3d:ad:b0:84:3f:07:47:03:1b:57:9c:be:8d:e0:bc:ee:07:ee:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Aug  5 18:20:04 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=b0d0623e62f11551b0cb58dd0f50455de73a3df831d480272e4908f0241120d4, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:d9:18:4e:5d:36:0a:1b:4e:22:63:a6:ad:00:
                    d2:8d:9a:8a:61:c8:46:d0:45:64:c2:df:76:f1:6d:
                    91:39:b8:bb:dc:65:e0:fa:4e:ff:cc:61:52:b3:7b:
                    45:47:dd:d6:3c:7f:66:6e:27:01:01:14:db:5f:12:
                    03:5a:95:7a:80:29:aa:d6:d5:3d:6a:3f:d2:1d:86:
                    8d:92:4c:f2:38:06:cc:61:c9:24:61:1d:ea:0e:21:
                    56:0a:26:34:fa:d4:25:91:d3:62:96:ca:d0:0b:70:
                    9e:b1:0b:e4:eb:c8:2f:3e:bf:8a:85:c3:de:2c:de:
                    8d:db:c8:5d:f2:97:1c:24:b8:8f:64:25:b9:cf:09:
                    3a:a5:e2:00:12:5b:97:40:67:86:9c:99:c4:73:a7:
                    6c:83:a4:23:b6:21:c9:03:97:b7:1d:9a:79:91:37:
                    10:8d:bc:37:60:98:6d:59:9b:e7:83:e8:fe:3e:24:
                    e4:ca:a6:dc:f7:3e:1b:3a:ea:b5:60:8c:6d:dc:89:
                    b4:d5:10:67:25:cf:cd:af:bc:df:18:86:f5:3c:05:
                    7b:0c:76:5f:16:e9:5e:e7:fe:18:d2:8e:f4:7a:87:
                    3f:47:59:87:c8:04:ac:df:65:20:e4:10:58:19:c5:
                    56:26:5c:d7:d1:53:8f:38:56:16:b1:a7:99:4c:d0:
                    fa:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:A8:EF:1D:11:94:2B:80:4D:41:AF:82:05:F3:C4:AE:E7:29:07:2A
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/decfa8a2-ad50-432e-96a7-cba83d9032f9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:8b:a7:c1:00:f6:de:7a:45:b9:12:59:ba:eb:37:48:7a:0f:
         bc:a8:17:64:e6:db:9c:61:e6:10:3e:a6:2c:ab:d7:e7:35:fe:
         46:bc:6c:5c:27:3d:c9:32:55:27:12:6d:ae:3a:bd:79:55:00:
         9e:21:e6:a6:05:07:dd:96:28:c8:6f:7f:c1:ad:c2:a2:32:09:
         6d:00:4a:f5:62:8f:d3:73:46:aa:c4:3b:a4:d6:5f:97:a7:17:
         e5:23:5f:7f:04:03:a2:16:0a:a4:f6:24:4d:2f:bf:21:43:6a:
         91:12:43:89:45:60:3b:7d:cd:8c:9e:be:15:e2:83:57:2e:ab:
         9a:01:6d:13:71:82:58:e7:83:a0:a8:dd:fb:af:56:85:7e:43:
         7f:1c:9d:22:f6:d4:ba:e4:34:68:7e:be:0c:58:40:36:84:51:
         60:65:46:12:f7:a0:32:64:c6:40:9d:44:0d:71:89:67:e8:6f:
         e0:cc:e8:dc:5d:ee:37:f4:fd:e7:a2:6c:84:34:d0:88:9a:8d:
         fc:d4:b6:06:17:d2:c1:b3:59:0a:a3:05:72:7a:98:20:33:14:
         77:e2:03:be:e4:34:18:75:5b:24:e3:c5:be:2b:22:84:47:2f:
         aa:ea:32:61:ae:23:fd:23:0c:ca:68:1c:62:c5:1c:0b:d3:fe:
         87:4b:42:33
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUST2tsIQ/B0cDG1ecvo3gvO4H7mkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwODA1MTgyMDA0WhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BiMGQwNjIzZTYyZjExNTUxYjBjYjU4ZGQwZjUwNDU1ZGU3
M2EzZGY4MzFkNDgwMjcyZTQ5MDhmMDI0MTEyMGQ0MS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC92RhOXTYKG04iY6atANKNmophyEbQRWTC33bxbZE5uLvc
ZeD6Tv/MYVKze0VH3dY8f2ZuJwEBFNtfEgNalXqAKarW1T1qP9Idho2STPI4Bsxh
ySRhHeoOIVYKJjT61CWR02KWytALcJ6xC+TryC8+v4qFw94s3o3byF3ylxwkuI9k
JbnPCTql4gASW5dAZ4acmcRzp2yDpCO2IckDl7cdmnmRNxCNvDdgmG1Zm+eD6P4+
JOTKptz3Phs66rVgjG3cibTVEGclz82vvN8YhvU8BXsMdl8W6V7n/hjSjvR6hz9H
WYfIBKzfZSDkEFgZxVYmXNfRU484Vhaxp5lM0PqpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5qjvHRGUK4BNQa+CBfPErucpByowHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyL2RlY2ZhOGEyLWFkNTAtNDMyZS05NmE3LWNiYTgzZDkwMzJmOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAjYAkwDQYJKoZIhvcNAQELBQADggEBABWLp8EA9t56RbkSWbrrN0h6D7yo
F2Tm25xh5hA+piyr1+c1/ka8bFwnPckyVScSba46vXlVAJ4h5qYFB92WKMhvf8Gt
wqIyCW0ASvVij9NzRqrEO6TWX5enF+UjX38EA6IWCqT2JE0vvyFDapESQ4lFYDt9
zYyevhXig1cuq5oBbRNxgljng6Co3fuvVoV+Q38cnSL21LrkNGh+vgxYQDaEUWBl
RhL3oDJkxkCdRA1xiWfob+DM6Nxd7jf0/eeibIQ00IiajfzUtgYX0sGzWQqjBXJ6
mCAzFHfiA77kNBh1WyTjxb4rIoRHL6rqMmGuI/0jDMpoHGLFHAvT/odLQjM=
-----END CERTIFICATE-----
Generated at Wed Aug 6 10:15:32 2025 by rpki-client