Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/e4d62aec-ee54-47ea-ac30-2c49dfa9eb6f.roa
File:                     e4d62aec-ee54-47ea-ac30-2c49dfa9eb6f.roa (raw, json)
Hash identifier:          8aYGGb5QrZtXmIQfh+OG9v8E/RVG4xOa29Cz4V8vWD8=
Subject key identifier:   84:39:AB:CB:63:2E:49:EA:AE:21:17:63:0C:F1:19:41:75:7A:40:13
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       0A1D3D58A6194DE3C5F5AF3FC69821D46F600480
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/e4d62aec-ee54-47ea-ac30-2c49dfa9eb6f.roa
Signing time:             Fri 25 Jul 2025 16:40:17 +0000
ROA not before:           Fri 25 Jul 2025 16:40:17 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     801
IP address blocks:        35.96.12.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 12 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:1d:3d:58:a6:19:4d:e3:c5:f5:af:3f:c6:98:21:d4:6f:60:04:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Jul 25 16:40:17 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=98ed370386984fc0d8405940c74bdc0f02d90e2c3b694e44c54d3b6ed559a268, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:1b:27:ff:d5:43:16:b1:06:06:43:96:73:3c:
                    ec:4d:80:20:b4:62:a7:14:62:74:df:ce:49:95:86:
                    a9:06:84:27:a2:0f:21:36:a0:ea:26:bf:3f:79:dd:
                    3c:e1:75:0e:a9:c2:72:89:24:3e:41:0a:95:9c:c6:
                    ae:c0:f8:80:ca:a6:19:ea:56:12:71:9e:f4:7c:6b:
                    0c:f1:c1:c7:e6:c1:e6:dc:ae:64:3b:9d:e9:6f:5e:
                    d1:79:73:05:80:85:4a:03:6f:f1:1b:c8:14:df:ee:
                    fa:75:1d:ea:b1:52:01:60:c5:21:80:bc:c3:04:a6:
                    0e:86:3f:7b:10:c8:52:ac:23:c6:a3:a2:71:ac:78:
                    93:5c:d3:8b:dd:84:ca:55:2d:4a:a0:47:41:2b:21:
                    87:e6:c9:3d:02:fc:db:35:6f:d5:2b:3b:ce:c9:1c:
                    36:6b:17:1c:72:ab:bb:e5:68:4f:78:db:2f:cb:26:
                    4c:53:58:e2:70:bb:7a:04:0d:ea:64:3e:65:3c:66:
                    ea:ca:f7:be:9c:d0:0c:df:e9:06:8e:cf:84:94:50:
                    59:74:f6:d2:3b:92:32:a9:8a:1a:5b:16:c5:7e:2a:
                    e3:fc:b3:02:75:a8:74:8b:f5:e5:76:64:ec:75:ff:
                    cd:0b:89:e7:f8:8b:ee:b5:de:06:28:f5:59:25:5c:
                    eb:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:39:AB:CB:63:2E:49:EA:AE:21:17:63:0C:F1:19:41:75:7A:40:13
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/e4d62aec-ee54-47ea-ac30-2c49dfa9eb6f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:01:2a:d4:b7:e9:34:1a:31:ff:49:6a:a9:f3:ca:2b:dc:7d:
         8f:e1:74:4b:d8:92:eb:10:8a:a6:e2:f7:9d:08:32:74:52:14:
         78:1c:e4:16:61:be:f1:78:0f:d0:fa:b7:00:54:90:ad:4e:c7:
         b5:b1:72:55:04:32:9a:c9:b0:85:fa:2f:f9:7e:da:18:98:d4:
         cb:b0:cb:88:9c:0d:62:cc:76:4d:89:12:3c:4e:40:f1:a0:ad:
         f4:63:b4:eb:b3:c7:76:ad:1e:67:6c:2e:c5:57:d2:be:f5:b7:
         8e:66:40:0a:b4:d2:6b:47:b8:fe:1b:e8:3f:47:3d:84:ff:6e:
         e7:b9:e1:a7:bc:04:06:da:40:ea:21:a7:e1:c5:3a:7a:e2:b3:
         76:a4:f4:d8:af:0c:22:aa:ed:f4:31:b3:23:6f:04:60:7c:d2:
         17:2e:83:f1:f5:4d:75:98:a6:43:9e:d6:db:08:71:dc:d6:fa:
         4f:04:cc:52:1a:86:47:e7:2d:7f:99:f9:45:e1:e5:95:fc:88:
         e4:0b:b9:39:9b:d3:04:91:d5:01:68:fd:f4:08:20:a9:e8:d4:
         54:52:6e:df:b0:0d:00:5c:6e:ca:c7:ce:10:89:be:34:3a:9e:
         02:45:be:07:a2:0e:e6:d4:a7:7d:7b:36:05:13:82:72:4e:78:
         e6:23:a8:a5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCh09WKYZTePF9a8/xpgh1G9gBIAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwNzI1MTY0MDE3WhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A5OGVkMzcwMzg2OTg0ZmMwZDg0MDU5NDBjNzRiZGMwZjAy
ZDkwZTJjM2I2OTRlNDRjNTRkM2I2ZWQ1NTlhMjY4MS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5Gyf/1UMWsQYGQ5ZzPOxNgCC0YqcUYnTfzkmVhqkGhCei
DyE2oOomvz953TzhdQ6pwnKJJD5BCpWcxq7A+IDKphnqVhJxnvR8awzxwcfmwebc
rmQ7nelvXtF5cwWAhUoDb/EbyBTf7vp1HeqxUgFgxSGAvMMEpg6GP3sQyFKsI8aj
onGseJNc04vdhMpVLUqgR0ErIYfmyT0C/Ns1b9UrO87JHDZrFxxyq7vlaE942y/L
JkxTWOJwu3oEDepkPmU8ZurK976c0Azf6QaOz4SUUFl09tI7kjKpihpbFsV+KuP8
swJ1qHSL9eV2ZOx1/80Lief4i+613gYo9VklXOt5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUhDmry2MuSequIRdjDPEZQXV6QBMwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyL2U0ZDYyYWVjLWVlNTQtNDdlYS1hYzMwLTJjNDlkZmE5ZWI2Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAjYAwwDQYJKoZIhvcNAQELBQADggEBAH8BKtS36TQaMf9JaqnzyivcfY/h
dEvYkusQiqbi950IMnRSFHgc5BZhvvF4D9D6twBUkK1Ox7WxclUEMprJsIX6L/l+
2hiY1Muwy4icDWLMdk2JEjxOQPGgrfRjtOuzx3atHmdsLsVX0r71t45mQAq00mtH
uP4b6D9HPYT/bue54ae8BAbaQOohp+HFOnris3ak9NivDCKq7fQxsyNvBGB80hcu
g/H1TXWYpkOe1tsIcdzW+k8EzFIahkfnLX+Z+UXh5ZX8iOQLuTmb0wSR1QFo/fQI
IKno1FRSbt+wDQBcbsrHzhCJvjQ6ngJFvgeiDubUp317NgUTgnJOeOYjqKU=
-----END CERTIFICATE-----
Generated at Mon Aug 11 04:08:05 2025 by rpki-client