Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/2f44b632-2720-4ef0-917c-4b1813ed903f.roa
File:                     2f44b632-2720-4ef0-917c-4b1813ed903f.roa (raw, json)
Hash identifier:          4dBjjU8xrpiHL86ldT5t7rd6qqneOv9TwydIQCqtidU=
Subject key identifier:   8E:E1:39:ED:B3:03:1D:85:AF:1C:5A:A0:FC:55:0B:01:3B:41:9C:45
Certificate issuer:       /CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
Certificate serial:       5142E4298B2E3A0F230F8F7972EB294C3A7ED7E7
Authority key identifier: 99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/2f44b632-2720-4ef0-917c-4b1813ed903f.roa
Signing time:             Fri 26 Sep 2025 00:50:04 +0000
ROA not before:           Fri 26 Sep 2025 00:50:04 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        96.127.64.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 23 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:42:e4:29:8b:2e:3a:0f:23:0f:8f:79:72:eb:29:4c:3a:7e:d7:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
        Validity
            Not Before: Sep 26 00:50:04 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=d14764c11a3c30ab6d15ed2985d1c65dbf98d40f42baf9a85e2778a2c3baa70d, CN=0099a7ea-794a-4a28-b164-49547626eb11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:a0:41:a8:2b:b2:60:89:d3:c1:5b:c0:52:00:
                    24:ab:e0:3c:62:1d:65:b5:64:50:8a:f1:04:cc:a7:
                    63:ce:3e:90:00:6c:2e:cf:62:20:47:bb:bd:3e:d0:
                    bb:cc:73:1c:70:7e:99:0c:a6:5d:fe:b4:5d:07:5c:
                    94:49:8c:8a:9e:32:f7:fc:4b:0b:0d:d6:4e:2e:dd:
                    6c:bb:5c:f4:05:00:6a:4e:d1:10:5c:73:fe:cc:8b:
                    f7:e3:6b:dc:35:4d:2d:2c:16:5b:2f:66:88:f6:8a:
                    91:1b:76:79:81:59:19:7f:b9:42:35:c1:88:df:d0:
                    bf:91:46:9a:9e:91:64:38:22:f5:54:94:f0:43:41:
                    96:86:70:eb:fa:1a:28:98:b1:84:e7:96:cd:a9:b5:
                    38:37:8c:02:86:d8:38:7b:e2:59:42:0c:d3:26:8f:
                    54:96:c5:7b:c0:45:28:77:e5:bf:9b:8e:40:20:8f:
                    d7:4a:15:f6:2b:72:8f:e9:57:e2:1d:cd:7a:f6:e7:
                    74:33:4f:49:aa:bc:13:01:a1:73:05:3a:eb:24:d7:
                    0e:4a:32:4c:09:00:bb:5a:cc:05:a8:51:15:ff:2f:
                    3a:2c:4a:9d:47:20:0f:e9:9e:ff:3b:32:e2:83:73:
                    b4:cf:d6:aa:f5:8a:09:b3:eb:6d:c6:6f:31:d7:c8:
                    8f:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:E1:39:ED:B3:03:1D:85:AF:1C:5A:A0:FC:55:0B:01:3B:41:9C:45
            X509v3 Authority Key Identifier:
                keyid:99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/2f44b632-2720-4ef0-917c-4b1813ed903f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  96.127.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         3a:00:d4:cb:3e:2c:df:7c:a8:08:33:06:fc:b2:20:93:4e:e7:
         0e:b2:29:bd:a1:9d:d9:d5:5d:e3:1a:e1:d5:b4:ed:a4:4c:6f:
         7a:5b:51:5f:ea:b1:fc:63:8d:30:38:9a:c2:ce:95:92:56:5c:
         fe:dc:7d:0c:40:3f:c9:b4:ec:c5:44:92:ea:a4:fb:fd:56:6b:
         37:f8:9a:47:6e:9a:b3:6f:1f:e4:5d:b0:a8:82:2f:4f:9a:f1:
         a5:37:76:87:75:ef:0a:38:75:ce:b8:c8:70:af:7e:2d:7d:91:
         64:fc:03:d2:d7:b7:aa:f8:3b:7a:7a:12:49:cb:3f:72:32:ae:
         d7:8e:d6:b6:b9:a7:76:82:f0:3d:b4:65:35:c4:d8:4f:0a:9b:
         36:0b:e6:30:ef:32:f4:c3:59:76:5b:07:6b:65:f4:dd:20:74:
         5a:bb:02:2d:e9:37:09:f8:51:ff:a6:76:cf:4a:65:65:36:21:
         f0:d1:4a:ce:37:88:5e:a2:b1:38:37:f0:cf:5a:9a:23:2f:26:
         47:85:c1:b2:6d:31:7e:65:14:e7:2c:91:cb:29:ad:23:24:a0:
         4f:5b:46:be:6a:11:7f:2e:d5:81:dd:e6:c8:94:91:a3:8c:1b:
         39:71:6f:cc:3b:51:49:77:a6:47:68:db:ad:65:c2:de:b2:02:
         9b:82:96:78
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUULkKYsuOg8jD495cuspTDp+1+cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzA1Njc2YzczM2ZkOGNjYWU1YmU2M2I5MmJkZGM5MGI3
YTViNzRlNjk0NDljMWViMDQwHhcNMjUwOTI2MDA1MDA0WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BkMTQ3NjRjMTFhM2MzMGFiNmQxNWVkMjk4NWQxYzY1ZGJm
OThkNDBmNDJiYWY5YTg1ZTI3NzhhMmMzYmFhNzBkMS0wKwYDVQQDEyQwMDk5YTdl
YS03OTRhLTRhMjgtYjE2NC00OTU0NzYyNmViMTEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsoEGoK7JgidPBW8BSACSr4DxiHWW1ZFCK8QTMp2POPpAA
bC7PYiBHu70+0LvMcxxwfpkMpl3+tF0HXJRJjIqeMvf8SwsN1k4u3Wy7XPQFAGpO
0RBcc/7Mi/fja9w1TS0sFlsvZoj2ipEbdnmBWRl/uUI1wYjf0L+RRpqekWQ4IvVU
lPBDQZaGcOv6GiiYsYTnls2ptTg3jAKG2Dh74llCDNMmj1SWxXvARSh35b+bjkAg
j9dKFfYrco/pV+IdzXr253QzT0mqvBMBoXMFOusk1w5KMkwJALtazAWoURX/Lzos
Sp1HIA/pnv87MuKDc7TP1qr1igmz623GbzHXyI9tAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUjuE57bMDHYWvHFqg/FULATtBnEUwHwYDVR0jBBgwFoAUmcNUTAjJlFS4
eZUe/6R6j2PIp3cwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi83N2I1NjQyOC05
YjUyLTQxNmYtYjI3OS1iYmFlMTQ0MjJkZTIvYzA1Njc2YzczM2ZkOGNjYWU1YmU2
M2I5MmJkZGM5MGI3YTViNzRlNjk0NDljMWViMDQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNDI1ODJjNjctZGQzZi00YmM1LWJhNjAtZTk3
ZTU1MmM2ZTM1LzJmNDRiNjMyLTI3MjAtNGVmMC05MTdjLTRiMTgxM2VkOTAzZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzQyNTgyYzY3LWRkM2YtNGJjNS1iYTYw
LWU5N2U1NTJjNmUzNS9fWXpLNWI1anVTdmR5UXQ2VzNUbWxFbkI2d1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZgf0AwDQYJKoZIhvcNAQELBQADggEBADoA1Ms+LN98qAgzBvyyIJNO5w6y
Kb2hndnVXeMa4dW07aRMb3pbUV/qsfxjjTA4msLOlZJWXP7cfQxAP8m07MVEkuqk
+/1Wazf4mkdumrNvH+RdsKiCL0+a8aU3dod17wo4dc64yHCvfi19kWT8A9LXt6r4
O3p6EknLP3IyrteO1ra5p3aC8D20ZTXE2E8KmzYL5jDvMvTDWXZbB2tl9N0gdFq7
Ai3pNwn4Uf+mds9KZWU2IfDRSs43iF6isTg38M9amiMvJkeFwbJtMX5lFOcskcsp
rSMkoE9bRr5qEX8u1YHd5siUkaOMGzlxb8w7UUl3pkdo261lwt6yApuClng=
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:06:41 2025 by rpki-client