Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/e4d62aec-ee54-47ea-ac30-2c49dfa9eb6f.roa
File:                     e4d62aec-ee54-47ea-ac30-2c49dfa9eb6f.roa (raw, json)
Hash identifier:          J1VCqv6xIaRYaIjRUT3EC3W+KuA01l0RSgOF0hux4GA=
Subject key identifier:   51:D8:59:A8:BC:A5:3E:C7:80:87:3E:D2:AA:A1:98:D5:5F:46:33:C3
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       0C774C74F8869AD820FFB6FCDA3CCB641AF735EE
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/e4d62aec-ee54-47ea-ac30-2c49dfa9eb6f.roa
Signing time:             Mon 14 Apr 2025 17:20:08 +0000
ROA not before:           Mon 14 Apr 2025 17:20:08 +0000
ROA not after:            Mon 19 May 2025 23:59:59 +0000
asID:                     801
IP address blocks:        35.96.12.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:77:4c:74:f8:86:9a:d8:20:ff:b6:fc:da:3c:cb:64:1a:f7:35:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Apr 14 17:20:08 2025 GMT
            Not After : May 19 23:59:59 2025 GMT
        Subject: serialNumber=95d9a7eed5706befd279556344380af54b1676a2703c98a968214f2556e7991d, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:59:ed:bb:56:90:03:e8:60:20:df:85:e8:26:
                    18:a6:09:a2:1f:2a:ed:f8:8f:bd:b8:fc:14:aa:ce:
                    c9:91:e0:6c:b3:7e:e1:d6:86:00:95:d7:07:0e:8d:
                    0e:f2:8d:53:0d:5a:ef:e1:e4:ef:f6:d8:73:75:22:
                    89:5a:53:4d:2c:24:34:02:58:e3:47:1e:55:44:ec:
                    06:12:cc:01:dd:d6:dc:5d:81:10:1c:ac:fc:31:a0:
                    99:16:70:ae:8c:34:ee:6d:bd:82:90:ff:15:ac:63:
                    f2:67:5c:79:fb:d6:bc:ea:ce:c0:6a:e9:17:d6:4c:
                    14:f2:94:eb:73:93:c6:fd:46:9d:84:64:f5:51:44:
                    18:a6:4e:e8:73:f3:56:b2:6b:9b:55:ce:0c:c7:a0:
                    6d:6a:16:35:dd:62:22:9e:13:4a:a6:10:46:d0:77:
                    91:96:2b:a1:8e:9f:9b:02:1b:61:59:52:a5:c2:c6:
                    0c:35:ca:26:1d:8f:67:42:3f:bf:84:f0:df:0e:8a:
                    5e:c7:99:85:58:11:18:3b:70:f1:8d:91:88:85:eb:
                    89:af:15:23:09:ac:25:a8:e2:88:bf:77:78:f8:4c:
                    68:8e:ac:e8:2e:ed:5b:01:0d:72:3d:b2:a9:37:87:
                    6a:91:4f:3f:11:16:66:5f:ea:b6:c7:09:1e:6c:8b:
                    5e:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:D8:59:A8:BC:A5:3E:C7:80:87:3E:D2:AA:A1:98:D5:5F:46:33:C3
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/e4d62aec-ee54-47ea-ac30-2c49dfa9eb6f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:ab:74:1e:80:82:5b:1f:e9:eb:e0:47:c6:f5:ca:25:c6:4e:
         37:44:75:7c:4c:04:2c:32:f8:e5:fe:ac:fe:7d:4e:1c:54:09:
         48:ac:8b:e1:85:36:34:5b:49:27:ae:45:e2:c7:cb:ef:ca:48:
         0d:cb:02:97:f7:60:80:93:24:41:78:ba:a8:30:b0:a5:e4:b0:
         fd:e1:d3:f6:de:31:10:e3:21:8f:74:d6:7c:5d:45:68:08:c1:
         3c:e4:b8:c9:7e:3c:43:ea:7e:ce:d8:a4:85:b9:53:58:34:e6:
         04:31:82:c7:37:93:45:f1:95:0a:5b:a8:57:42:f1:4c:92:66:
         50:c5:07:b6:89:6e:bc:fe:3a:6c:dd:49:1a:f5:d7:ab:8c:3b:
         d4:27:8e:66:cd:70:4c:4e:98:90:7e:5d:26:cd:67:cd:77:64:
         08:78:58:86:c1:38:f7:f7:03:24:d0:86:54:06:5f:92:62:97:
         c6:6d:01:8d:38:42:5b:4b:e6:ad:2d:5c:47:22:ee:49:0a:a4:
         e1:96:45:dd:78:db:20:7d:d6:f4:99:12:95:3a:c2:24:e4:28:
         ff:cf:30:61:b9:d7:57:66:61:38:53:0e:26:3c:42:69:b6:42:
         d1:73:2d:0d:32:a4:39:07:57:90:b9:d2:98:6c:cc:1d:1d:7f:
         f8:1b:7d:0b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDHdMdPiGmtgg/7b82jzLZBr3Ne4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwNDE0MTcyMDA4WhcNMjUwNTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0A5NWQ5YTdlZWQ1NzA2YmVmZDI3OTU1NjM0NDM4MGFmNTRi
MTY3NmEyNzAzYzk4YTk2ODIxNGYyNTU2ZTc5OTFkMS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCoWe27VpAD6GAg34XoJhimCaIfKu34j724/BSqzsmR4Gyz
fuHWhgCV1wcOjQ7yjVMNWu/h5O/22HN1IolaU00sJDQCWONHHlVE7AYSzAHd1txd
gRAcrPwxoJkWcK6MNO5tvYKQ/xWsY/JnXHn71rzqzsBq6RfWTBTylOtzk8b9Rp2E
ZPVRRBimTuhz81aya5tVzgzHoG1qFjXdYiKeE0qmEEbQd5GWK6GOn5sCG2FZUqXC
xgw1yiYdj2dCP7+E8N8Oil7HmYVYERg7cPGNkYiF64mvFSMJrCWo4oi/d3j4TGiO
rOgu7VsBDXI9sqk3h2qRTz8RFmZf6rbHCR5si17XAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUUdhZqLylPseAhz7SqqGY1V9GM8MwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyL2U0ZDYyYWVjLWVlNTQtNDdlYS1hYzMwLTJjNDlkZmE5ZWI2Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAjYAwwDQYJKoZIhvcNAQELBQADggEBAGGrdB6Aglsf6evgR8b1yiXGTjdE
dXxMBCwy+OX+rP59ThxUCUisi+GFNjRbSSeuReLHy+/KSA3LApf3YICTJEF4uqgw
sKXksP3h0/beMRDjIY901nxdRWgIwTzkuMl+PEPqfs7YpIW5U1g05gQxgsc3k0Xx
lQpbqFdC8UySZlDFB7aJbrz+OmzdSRr116uMO9QnjmbNcExOmJB+XSbNZ813ZAh4
WIbBOPf3AyTQhlQGX5Jil8ZtAY04QltL5q0tXEci7kkKpOGWRd142yB91vSZEpU6
wiTkKP/PMGG511dmYThTDiY8Qmm2QtFzLQ0ypDkHV5C50phszB0df/gbfQs=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:32:42 2025 by rpki-client