Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/e0073d5a-9507-4588-b834-e01ed691ccb6.roa
File:                     e0073d5a-9507-4588-b834-e01ed691ccb6.roa (raw, json)
Hash identifier:          OzxpJXzDvuhBGzJLwQ7xDJzS93aA5yTPbv0zqhSzuhA=
Subject key identifier:   9B:75:8A:58:87:85:8F:16:DC:6E:DE:58:63:86:06:BF:C8:0B:6A:6E
Certificate issuer:       /CN=c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173
Certificate serial:       7ADC87C4A813E4EF187FB5792451F05E6D89CD5D
Authority key identifier: CC:10:61:27:3F:FF:76:3F:76:D2:DE:E2:85:83:E8:BA:3B:05:C4:30
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/e0073d5a-9507-4588-b834-e01ed691ccb6.roa
Signing time:             Sat 18 Oct 2025 00:10:07 +0000
ROA not before:           Sat 18 Oct 2025 00:10:07 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        198.41.102.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:dc:87:c4:a8:13:e4:ef:18:7f:b5:79:24:51:f0:5e:6d:89:cd:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173
        Validity
            Not Before: Oct 18 00:10:07 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=404b96addd000de0638904db33266866e358634ab70b8ae1a1edc390b65d316d, CN=88af7b95-2ef7-49fc-a37d-1b8f0547180d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:24:6f:4d:29:12:50:51:4a:10:34:1d:0f:01:
                    91:dd:a1:9a:63:8c:9b:3b:b5:96:0e:40:0f:30:28:
                    85:c8:cd:5e:11:83:49:b2:4c:6c:58:f7:33:50:7d:
                    c2:10:b9:d3:62:46:15:85:21:ed:f9:5d:bb:8a:df:
                    a5:56:90:4e:39:68:5a:c8:ce:67:ad:6b:f9:0a:03:
                    b6:4d:59:e0:bd:04:d0:96:50:e5:35:5e:ad:52:ce:
                    b0:24:a5:f4:f2:ea:dd:48:b5:90:ba:0c:81:77:8d:
                    9d:23:86:2b:bc:d3:35:ca:47:53:3a:3c:df:3f:19:
                    cd:df:b6:3e:43:a6:7d:ab:ed:b2:61:a5:70:3b:f7:
                    7e:38:87:13:fe:32:49:02:4d:81:54:1a:22:58:26:
                    68:b9:b0:34:0e:83:16:8e:0a:28:7b:2e:88:c4:e8:
                    eb:60:3b:0f:05:8a:18:35:1b:d5:8f:16:cb:d7:66:
                    32:70:53:8e:eb:da:cd:2f:73:97:20:07:81:11:b6:
                    f2:72:9f:ff:86:b9:0e:63:f7:ae:1c:76:a6:eb:db:
                    b7:24:8e:55:05:1c:b9:26:53:d5:fc:38:bb:4c:76:
                    07:29:28:cd:81:e4:ed:92:ec:f3:7a:8d:7b:6f:01:
                    98:b4:8d:37:18:b5:37:20:2e:0b:27:9a:9a:34:a4:
                    37:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:75:8A:58:87:85:8F:16:DC:6E:DE:58:63:86:06:BF:C8:0B:6A:6E
            X509v3 Authority Key Identifier:
                keyid:CC:10:61:27:3F:FF:76:3F:76:D2:DE:E2:85:83:E8:BA:3B:05:C4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/e0073d5a-9507-4588-b834-e01ed691ccb6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  198.41.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:09:af:8a:73:f2:c1:f2:2a:43:ae:43:f6:15:20:1b:7b:bc:
         5d:2c:15:4e:fd:95:65:58:f4:db:f2:b0:26:1f:8c:e1:73:13:
         13:9a:da:dd:62:f5:62:fa:6a:94:94:14:12:41:79:01:da:d0:
         53:11:58:d0:6c:1b:8f:e8:3e:5e:f5:46:e0:50:aa:d8:11:87:
         09:82:8d:59:dc:a1:6a:c5:70:d0:1e:08:f3:08:ce:f3:26:11:
         ec:ea:e7:6c:5c:30:95:b4:d0:37:c6:99:36:ca:11:7e:56:0a:
         1d:4b:3a:1a:be:89:0d:14:9d:ff:f0:e1:bf:b9:f2:47:b2:1c:
         b8:e8:c1:9d:25:ed:4c:77:bc:46:61:77:3d:ee:43:08:f1:2d:
         53:2d:03:79:66:63:3a:52:3d:b7:0f:93:44:e5:7d:78:04:aa:
         6f:71:c4:9c:39:02:e1:4d:63:d9:7b:f8:7d:b8:74:47:5e:97:
         50:07:00:b0:d9:6c:17:b6:21:ce:d0:49:d2:4e:13:32:2d:8e:
         99:05:dd:8f:c9:ec:95:41:58:09:ea:e2:4e:b2:47:00:52:76:
         7d:bb:c3:5f:53:c1:fb:73:ea:ce:6c:f9:50:33:74:b0:e6:cc:
         ce:08:94:a9:64:d7:f4:1e:99:4b:4e:8e:90:1d:e9:e7:a0:87:
         64:bc:f4:fc
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUetyHxKgT5O8Yf7V5JFHwXm2JzV0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzMxOTQyNGUwMzlmODZkNmFkOWZjNGU3MjIzZGY4NDFk
MjBhZTZkMGZmMTI0MjgxNzMwHhcNMjUxMDE4MDAxMDA3WhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A0MDRiOTZhZGRkMDAwZGUwNjM4OTA0ZGIzMzI2Njg2NmUz
NTg2MzRhYjcwYjhhZTFhMWVkYzM5MGI2NWQzMTZkMS0wKwYDVQQDEyQ4OGFmN2I5
NS0yZWY3LTQ5ZmMtYTM3ZC0xYjhmMDU0NzE4MGQwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2JG9NKRJQUUoQNB0PAZHdoZpjjJs7tZYOQA8wKIXIzV4R
g0myTGxY9zNQfcIQudNiRhWFIe35XbuK36VWkE45aFrIzmeta/kKA7ZNWeC9BNCW
UOU1Xq1SzrAkpfTy6t1ItZC6DIF3jZ0jhiu80zXKR1M6PN8/Gc3ftj5Dpn2r7bJh
pXA79344hxP+MkkCTYFUGiJYJmi5sDQOgxaOCih7LojE6OtgOw8Fihg1G9WPFsvX
ZjJwU47r2s0vc5cgB4ERtvJyn/+GuQ5j964cdqbr27ckjlUFHLkmU9X8OLtMdgcp
KM2B5O2S7PN6jXtvAZi0jTcYtTcgLgsnmpo0pDc3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUm3WKWIeFjxbcbt5YY4YGv8gLam4wHwYDVR0jBBgwFoAUzBBhJz//dj92
0t7ihYPoujsFxDAwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Q2YjVhZDI4LTFjYmMtNDdhYi05MDRlLTQ1MzYxYTU0ODdjMy9lNWRlYTY2MC1i
ZjU5LTRiNGMtYjlhZC00YTY3ODdlMDNmY2UvYzMxOTQyNGUwMzlmODZkNmFkOWZj
NGU3MjIzZGY4NDFkMjBhZTZkMGZmMTI0MjgxNzMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmRmNTFjZDItZTZhZi00OTNhLWE4OGEtMzIy
MWQwMWY3ZDkwL2UwMDczZDVhLTk1MDctNDU4OC1iODM0LWUwMWVkNjkxY2NiNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJkZjUxY2QyLWU2YWYtNDkzYS1hODhh
LTMyMjFkMDFmN2Q5MC9uNGJXclpfRTV5STktRUhTQ3ViUV94SkNnWE0uY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADGKWYwDQYJKoZIhvcNAQELBQADggEBAEgJr4pz8sHyKkOuQ/YVIBt7vF0s
FU79lWVY9NvysCYfjOFzExOa2t1i9WL6apSUFBJBeQHa0FMRWNBsG4/oPl71RuBQ
qtgRhwmCjVncoWrFcNAeCPMIzvMmEezq52xcMJW00DfGmTbKEX5WCh1LOhq+iQ0U
nf/w4b+58keyHLjowZ0l7Ux3vEZhdz3uQwjxLVMtA3lmYzpSPbcPk0TlfXgEqm9x
xJw5AuFNY9l7+H24dEdel1AHALDZbBe2Ic7QSdJOEzItjpkF3Y/J7JVBWAnq4k6y
RwBSdn27w19Twftz6s5s+VAzdLDmzM4IlKlk1/QemUtOjpAd6eegh2S89Pw=
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:31:43 2025 by rpki-client