Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/82100f84-33b5-43a7-a078-7090448b8504.roa
File:                     82100f84-33b5-43a7-a078-7090448b8504.roa (raw, json)
Hash identifier:          y/QH5BQ5TP6dQgZZigiolieZoHguppvZjnuMcYe6t/I=
Subject key identifier:   4C:EA:F8:E0:88:0B:A3:AD:A2:49:6F:ED:7F:73:11:78:0B:98:55:6E
Certificate issuer:       /CN=c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173
Certificate serial:       57155FE033D50D310A5BB7C3B9E25DAE2119F3AD
Authority key identifier: CC:10:61:27:3F:FF:76:3F:76:D2:DE:E2:85:83:E8:BA:3B:05:C4:30
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/82100f84-33b5-43a7-a078-7090448b8504.roa
Signing time:             Sat 18 Oct 2025 00:10:10 +0000
ROA not before:           Sat 18 Oct 2025 00:10:10 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        198.41.96.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 22 Oct 2025 19:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:15:5f:e0:33:d5:0d:31:0a:5b:b7:c3:b9:e2:5d:ae:21:19:f3:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173
        Validity
            Not Before: Oct 18 00:10:10 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=2376213a4d6deab9ba8e00c6a85e701374dc6e1e1e2a07cde4a92dc91b1d70b4, CN=88af7b95-2ef7-49fc-a37d-1b8f0547180d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:eb:13:ee:f9:bd:85:f0:dd:05:39:56:92:a1:
                    19:21:82:e0:4f:f8:01:16:3a:d7:f3:47:bf:f4:a8:
                    11:ed:90:6f:6e:9b:5e:30:67:2a:f2:75:91:04:40:
                    6b:1e:67:a0:41:a3:12:40:fd:d9:33:01:96:df:ec:
                    39:be:68:cf:c8:b0:a0:75:c4:72:5d:c3:70:40:77:
                    c2:53:2a:08:7e:75:fd:7e:45:40:11:73:0c:3d:13:
                    a2:bf:1c:d2:40:54:9d:7f:49:55:87:4d:44:fa:e4:
                    0c:f6:f2:7a:f0:95:6f:71:07:46:c7:6f:bf:0f:ed:
                    24:87:95:25:f7:e5:c0:7e:e4:e3:11:e6:ba:30:f0:
                    a9:75:84:29:15:cd:64:d0:b7:b2:02:71:b7:a0:cf:
                    d1:28:8d:a1:22:58:5a:27:ee:d3:be:c0:f2:85:bb:
                    3a:75:9d:65:06:d6:6e:e0:1d:fa:c9:ce:4d:48:01:
                    b6:2e:98:c2:0f:7b:9f:03:69:47:10:e8:e6:1c:bc:
                    86:c0:8d:48:c2:73:ee:b5:f9:4d:2f:58:a4:bc:e6:
                    5c:dc:36:6b:4b:54:33:eb:96:a2:de:87:5d:93:20:
                    6a:bc:e1:54:e4:d1:e4:dd:3d:b3:bc:43:fc:76:11:
                    d1:ad:c0:08:92:26:c1:0e:ce:3e:9c:08:40:c2:4d:
                    42:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:EA:F8:E0:88:0B:A3:AD:A2:49:6F:ED:7F:73:11:78:0B:98:55:6E
            X509v3 Authority Key Identifier:
                keyid:CC:10:61:27:3F:FF:76:3F:76:D2:DE:E2:85:83:E8:BA:3B:05:C4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/82100f84-33b5-43a7-a078-7090448b8504.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  198.41.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a4:ff:99:fb:02:af:c0:17:4a:9f:13:6c:e8:28:47:1b:8b:f7:
         f2:a4:b3:4b:0f:e0:59:e2:60:4e:18:cc:f7:e2:d0:de:80:54:
         ef:ce:5e:e7:52:6a:6e:a8:14:39:48:4c:d9:e1:6c:b4:d1:a0:
         43:0f:db:25:9d:94:8d:13:c5:04:53:e7:03:a2:17:ec:af:1b:
         ea:d6:db:92:37:e4:97:a2:ae:ff:46:7c:c4:20:82:21:1e:8e:
         d0:d3:6e:4f:db:2d:23:8e:93:5a:4a:06:ff:91:3a:8a:01:f3:
         3b:db:86:cf:fc:f8:d1:a5:62:45:b4:03:42:01:da:3a:b2:f2:
         a6:3d:d2:d3:49:d2:8f:16:1d:19:d8:a7:c3:48:21:ef:d5:68:
         d3:76:37:4a:54:5a:fb:78:c2:ac:a7:9e:3b:7f:a1:34:53:a3:
         e8:6d:37:e5:e9:39:29:3e:4e:f6:a7:68:3e:57:da:2a:00:96:
         83:b3:d2:1c:a6:6c:f0:73:0d:74:77:d8:e9:7f:ea:b1:66:ce:
         40:28:03:df:26:21:56:34:e9:e5:a7:79:f5:70:8c:ff:27:8e:
         79:3a:1f:65:1a:70:da:11:61:af:66:80:38:f4:86:ac:dd:f5:
         f6:c0:3b:d1:f9:dc:06:29:cc:49:22:0d:05:76:97:60:c1:05:
         d7:0b:45:a7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVxVf4DPVDTEKW7fDueJdriEZ860wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzMxOTQyNGUwMzlmODZkNmFkOWZjNGU3MjIzZGY4NDFk
MjBhZTZkMGZmMTI0MjgxNzMwHhcNMjUxMDE4MDAxMDEwWhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMzc2MjEzYTRkNmRlYWI5YmE4ZTAwYzZhODVlNzAxMzc0
ZGM2ZTFlMWUyYTA3Y2RlNGE5MmRjOTFiMWQ3MGI0MS0wKwYDVQQDEyQ4OGFmN2I5
NS0yZWY3LTQ5ZmMtYTM3ZC0xYjhmMDU0NzE4MGQwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDI6xPu+b2F8N0FOVaSoRkhguBP+AEWOtfzR7/0qBHtkG9u
m14wZyrydZEEQGseZ6BBoxJA/dkzAZbf7Dm+aM/IsKB1xHJdw3BAd8JTKgh+df1+
RUARcww9E6K/HNJAVJ1/SVWHTUT65Az28nrwlW9xB0bHb78P7SSHlSX35cB+5OMR
5row8Kl1hCkVzWTQt7ICcbegz9EojaEiWFon7tO+wPKFuzp1nWUG1m7gHfrJzk1I
AbYumMIPe58DaUcQ6OYcvIbAjUjCc+61+U0vWKS85lzcNmtLVDPrlqLeh12TIGq8
4VTk0eTdPbO8Q/x2EdGtwAiSJsEOzj6cCEDCTUIDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTOr44IgLo62iSW/tf3MReAuYVW4wHwYDVR0jBBgwFoAUzBBhJz//dj92
0t7ihYPoujsFxDAwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Q2YjVhZDI4LTFjYmMtNDdhYi05MDRlLTQ1MzYxYTU0ODdjMy9lNWRlYTY2MC1i
ZjU5LTRiNGMtYjlhZC00YTY3ODdlMDNmY2UvYzMxOTQyNGUwMzlmODZkNmFkOWZj
NGU3MjIzZGY4NDFkMjBhZTZkMGZmMTI0MjgxNzMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmRmNTFjZDItZTZhZi00OTNhLWE4OGEtMzIy
MWQwMWY3ZDkwLzgyMTAwZjg0LTMzYjUtNDNhNy1hMDc4LTcwOTA0NDhiODUwNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJkZjUxY2QyLWU2YWYtNDkzYS1hODhh
LTMyMjFkMDFmN2Q5MC9uNGJXclpfRTV5STktRUhTQ3ViUV94SkNnWE0uY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADGKWAwDQYJKoZIhvcNAQELBQADggEBAKT/mfsCr8AXSp8TbOgoRxuL9/Kk
s0sP4FniYE4YzPfi0N6AVO/OXudSam6oFDlITNnhbLTRoEMP2yWdlI0TxQRT5wOi
F+yvG+rW25I35Jeirv9GfMQggiEejtDTbk/bLSOOk1pKBv+ROooB8zvbhs/8+NGl
YkW0A0IB2jqy8qY90tNJ0o8WHRnYp8NIIe/VaNN2N0pUWvt4wqynnjt/oTRTo+ht
N+XpOSk+TvanaD5X2ioAloOz0hymbPBzDXR32Ol/6rFmzkAoA98mIVY06eWnefVw
jP8njnk6H2UacNoRYa9mgDj0hqzd9fbAO9H53AYpzEkiDQV2l2DBBdcLRac=
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:19:14 2025 by rpki-client