Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/84fa2360-b9c6-47bd-85dc-be37cf5205c9.roa
File:                     84fa2360-b9c6-47bd-85dc-be37cf5205c9.roa (raw, json)
Hash identifier:          dOtclQZJO3q1euXcFEfm+wyredqxLCAZgMt9j8i7Q/g=
Subject key identifier:   E3:36:1A:1F:A3:18:A8:88:F7:92:27:7D:F3:2A:B0:59:43:FE:B7:73
Certificate issuer:       /CN=c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173
Certificate serial:       3BDE500D7583214BC9003D0E96611DDFF0CBF940
Authority key identifier: CC:10:61:27:3F:FF:76:3F:76:D2:DE:E2:85:83:E8:BA:3B:05:C4:30
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/84fa2360-b9c6-47bd-85dc-be37cf5205c9.roa
Signing time:             Sat 18 Oct 2025 00:10:07 +0000
ROA not before:           Sat 18 Oct 2025 00:10:07 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        198.41.102.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:de:50:0d:75:83:21:4b:c9:00:3d:0e:96:61:1d:df:f0:cb:f9:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173
        Validity
            Not Before: Oct 18 00:10:07 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=a08f146548630fc2d27689e8d33626788c98ee9d85e6a37d02b6714b89ebc18d, CN=88af7b95-2ef7-49fc-a37d-1b8f0547180d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:79:57:78:21:e9:23:35:3d:45:a5:8c:36:4a:
                    f3:63:cf:dd:3c:f7:16:7e:f2:4f:c7:94:20:f2:e7:
                    fe:87:65:a8:c5:5a:d7:7a:38:b1:a5:d8:98:23:3f:
                    de:1e:28:0d:63:f9:20:9f:43:2f:79:fa:23:94:01:
                    00:e9:7b:54:a5:10:72:d8:0d:89:e1:26:b1:65:0e:
                    60:7c:73:c7:92:d7:49:df:8d:20:27:73:7f:7b:32:
                    4e:4e:31:3e:cc:9f:49:fc:44:5a:48:24:43:f6:34:
                    23:db:cd:6e:d8:06:e3:d4:66:ff:c2:91:e2:ec:b4:
                    7e:ed:c2:a2:04:c1:fd:ec:6b:25:5b:36:ca:0c:24:
                    52:f3:e0:41:6b:74:95:91:c6:b5:a9:5e:aa:99:a5:
                    73:09:7b:e6:a9:47:3c:13:d4:b3:38:b9:68:7c:1f:
                    09:61:c1:2a:4f:a3:2b:14:d6:3c:fc:bd:85:fd:7a:
                    89:e0:2b:9b:64:98:ab:33:91:36:16:19:ad:c6:0b:
                    dc:f5:05:28:9d:5c:d3:6a:36:25:63:e0:3c:49:23:
                    5f:a1:a7:97:bd:41:8d:77:e5:37:fe:9f:d2:39:e9:
                    a0:45:8a:45:ef:03:aa:62:6a:36:0e:e0:8a:c9:78:
                    53:37:17:ba:3a:7b:30:8e:3c:4f:93:be:b8:81:85:
                    7b:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:36:1A:1F:A3:18:A8:88:F7:92:27:7D:F3:2A:B0:59:43:FE:B7:73
            X509v3 Authority Key Identifier:
                keyid:CC:10:61:27:3F:FF:76:3F:76:D2:DE:E2:85:83:E8:BA:3B:05:C4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/84fa2360-b9c6-47bd-85dc-be37cf5205c9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  198.41.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:06:20:18:1a:89:53:87:a5:fd:f8:8f:12:3c:e6:1b:b7:f2:
         44:dd:89:42:9f:29:0c:a7:2a:66:5f:f7:f6:b2:b9:73:30:bf:
         37:5d:e0:6c:11:02:81:e5:d0:7c:25:80:f1:7b:51:92:60:32:
         aa:d6:e5:9c:82:c3:8e:f7:1a:e0:81:1e:ba:c7:a6:04:87:92:
         7a:ee:b6:10:09:dc:a9:17:f9:da:d3:54:af:9f:ef:df:c5:03:
         8f:0b:eb:59:d5:4a:9d:00:e7:de:85:49:38:a8:4b:b1:92:ba:
         46:6b:c8:60:38:aa:40:d9:c5:32:8a:2f:5b:a1:8c:a9:b3:4f:
         e3:c3:9f:58:54:dd:01:39:ad:51:9a:9e:89:af:01:a0:3d:bb:
         60:be:7e:6f:07:7b:0e:44:86:11:e4:af:d4:09:3c:23:18:b1:
         61:d6:70:34:38:e2:33:bd:7a:e9:f7:18:5d:7d:2b:2f:4f:b4:
         99:09:3e:0f:ab:9c:6b:ea:3b:4e:d7:8e:ed:ec:53:e3:4f:e8:
         82:c7:12:57:dc:20:01:a5:30:d9:a9:db:ca:1a:5d:ac:8c:38:
         80:20:1c:38:35:b9:28:48:73:05:6a:22:ba:05:47:85:55:ec:
         c8:c4:a8:a6:8f:4d:c4:40:e3:91:f8:a4:3d:64:4e:d0:9a:b1:
         82:56:b6:e9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUO95QDXWDIUvJAD0OlmEd3/DL+UAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzMxOTQyNGUwMzlmODZkNmFkOWZjNGU3MjIzZGY4NDFk
MjBhZTZkMGZmMTI0MjgxNzMwHhcNMjUxMDE4MDAxMDA3WhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhMDhmMTQ2NTQ4NjMwZmMyZDI3Njg5ZThkMzM2MjY3ODhj
OThlZTlkODVlNmEzN2QwMmI2NzE0Yjg5ZWJjMThkMS0wKwYDVQQDEyQ4OGFmN2I5
NS0yZWY3LTQ5ZmMtYTM3ZC0xYjhmMDU0NzE4MGQwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDSeVd4IekjNT1FpYw2SvNjz9089xZ+8k/HlCDy5/6HZajF
Wtd6OLGl2JgjP94eKA1j+SCfQy95+iOUAQDpe1SlEHLYDYnhJrFlDmB8c8eS10nf
jSAnc397Mk5OMT7Mn0n8RFpIJEP2NCPbzW7YBuPUZv/CkeLstH7twqIEwf3sayVb
NsoMJFLz4EFrdJWRxrWpXqqZpXMJe+apRzwT1LM4uWh8HwlhwSpPoysU1jz8vYX9
eongK5tkmKszkTYWGa3GC9z1BSidXNNqNiVj4DxJI1+hp5e9QY135Tf+n9I56aBF
ikXvA6piajYO4IrJeFM3F7o6ezCOPE+TvriBhXvtAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4zYaH6MYqIj3kid98yqwWUP+t3MwHwYDVR0jBBgwFoAUzBBhJz//dj92
0t7ihYPoujsFxDAwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Q2YjVhZDI4LTFjYmMtNDdhYi05MDRlLTQ1MzYxYTU0ODdjMy9lNWRlYTY2MC1i
ZjU5LTRiNGMtYjlhZC00YTY3ODdlMDNmY2UvYzMxOTQyNGUwMzlmODZkNmFkOWZj
NGU3MjIzZGY4NDFkMjBhZTZkMGZmMTI0MjgxNzMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmRmNTFjZDItZTZhZi00OTNhLWE4OGEtMzIy
MWQwMWY3ZDkwLzg0ZmEyMzYwLWI5YzYtNDdiZC04NWRjLWJlMzdjZjUyMDVjOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJkZjUxY2QyLWU2YWYtNDkzYS1hODhh
LTMyMjFkMDFmN2Q5MC9uNGJXclpfRTV5STktRUhTQ3ViUV94SkNnWE0uY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADGKWYwDQYJKoZIhvcNAQELBQADggEBAJUGIBgaiVOHpf34jxI85hu38kTd
iUKfKQynKmZf9/ayuXMwvzdd4GwRAoHl0HwlgPF7UZJgMqrW5ZyCw473GuCBHrrH
pgSHknruthAJ3KkX+drTVK+f79/FA48L61nVSp0A596FSTioS7GSukZryGA4qkDZ
xTKKL1uhjKmzT+PDn1hU3QE5rVGanomvAaA9u2C+fm8Hew5EhhHkr9QJPCMYsWHW
cDQ44jO9eun3GF19Ky9PtJkJPg+rnGvqO07Xju3sU+NP6ILHElfcIAGlMNmp28oa
XayMOIAgHDg1uShIcwVqIroFR4VV7MjEqKaPTcRA45H4pD1kTtCasYJWtuk=
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:24:28 2025 by rpki-client