Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/ec0e3b70-66be-4cb5-bc14-953f4d2f5fc5.roa
File:                     ec0e3b70-66be-4cb5-bc14-953f4d2f5fc5.roa (raw, json)
Hash identifier:          AkLHM47Mo5VjrPjLEysvg/R4L6wqKLZjQiAH0hY9jqg=
Subject key identifier:   D8:84:E6:58:28:4B:64:56:71:84:11:AB:28:9A:1E:8F:75:35:DC:88
Certificate issuer:       /CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
Certificate serial:       2AFBDBFDDD8A148DDCC600CFD8BB9A35E3811819
Authority key identifier: 99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/ec0e3b70-66be-4cb5-bc14-953f4d2f5fc5.roa
Signing time:             Fri 25 Apr 2025 15:10:11 +0000
ROA not before:           Fri 25 Apr 2025 15:10:11 +0000
ROA not after:            Fri 30 May 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        96.127.0.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 08 May 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:fb:db:fd:dd:8a:14:8d:dc:c6:00:cf:d8:bb:9a:35:e3:81:18:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
        Validity
            Not Before: Apr 25 15:10:11 2025 GMT
            Not After : May 30 23:59:59 2025 GMT
        Subject: serialNumber=f913df515168f5e0a68c4267464ead2b6d11ac57fb1a2eaf0ba08c2461d934a8, CN=0099a7ea-794a-4a28-b164-49547626eb11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:4e:61:5b:9d:a1:38:d6:a6:a0:3c:28:f8:51:
                    3d:cf:7e:87:f1:3d:b1:dd:f9:5d:85:ba:e5:d3:1e:
                    36:1c:ec:95:6d:d4:3b:31:f6:a6:75:ee:c4:f1:8a:
                    60:4a:b6:e7:7d:e4:ef:c9:f7:c1:4d:50:28:af:12:
                    d9:e5:c1:8a:7e:d9:fa:a9:37:d3:79:39:65:26:d1:
                    81:0a:bf:c8:51:a9:8d:b2:5f:7a:78:8e:43:0e:7f:
                    85:49:27:98:8e:a8:9d:ff:33:43:fc:ab:60:db:55:
                    f2:21:92:53:c2:af:1a:c2:ed:5d:ee:f9:9e:d5:fc:
                    d3:ee:2b:83:45:32:cd:d5:75:86:21:3d:39:19:64:
                    81:49:a5:09:e8:4a:61:01:f9:fc:88:ba:fb:ed:7a:
                    48:12:1f:f8:87:11:d3:94:18:ab:ea:ba:97:87:0d:
                    0f:86:c3:86:42:78:93:13:34:85:50:10:7e:fa:8a:
                    e1:5c:12:e7:15:ce:b0:a6:8a:61:09:ef:08:0a:e9:
                    96:92:59:e0:27:ce:d1:9c:51:fa:cb:12:f6:c5:1b:
                    f5:98:f2:76:7b:e7:ac:d7:3b:87:5e:a0:19:72:7a:
                    5c:0c:c7:76:ee:d0:f1:7c:df:b8:94:8b:fc:91:fe:
                    d9:34:bc:d9:3f:65:f2:60:71:f9:70:10:87:6f:e4:
                    9a:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:84:E6:58:28:4B:64:56:71:84:11:AB:28:9A:1E:8F:75:35:DC:88
            X509v3 Authority Key Identifier:
                keyid:99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/ec0e3b70-66be-4cb5-bc14-953f4d2f5fc5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  96.127.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:b4:81:6d:26:2e:dd:be:dd:16:d6:5b:0d:a6:c3:68:c0:2a:
         7c:c8:c5:b3:a3:a8:fc:da:3c:c6:c2:11:71:f6:35:8a:b9:02:
         d1:b0:07:61:d6:4f:bc:af:6c:f2:8f:9e:60:3e:69:81:57:75:
         f7:6a:62:4d:68:db:39:6e:a7:ea:84:ea:bd:fe:2e:59:63:47:
         fb:a1:1c:b2:cc:ce:ec:db:b4:d0:24:d3:a9:9b:87:fd:8f:b6:
         3c:74:04:c5:eb:9a:59:8b:de:ee:e0:c8:eb:62:66:e3:c3:a6:
         6f:fa:e2:a5:54:a0:b1:49:d3:b2:3e:ed:b8:2c:5f:3b:51:f5:
         5e:1b:01:ff:19:02:55:da:2c:47:b8:e5:31:27:5e:9a:33:93:
         1f:92:21:6e:59:6f:30:5d:3d:72:74:08:be:f6:05:9f:e7:e8:
         e3:90:66:5c:09:56:ef:2a:7a:cb:b5:78:e4:c1:47:34:3f:e7:
         7a:ba:c0:22:98:0c:1f:40:b9:db:62:a6:5d:39:56:ae:48:25:
         fb:26:1f:4d:41:f6:17:fd:30:0e:88:f0:b1:51:e1:fa:33:60:
         d9:20:62:10:aa:c2:c3:01:3b:9a:e8:8e:52:4c:6a:a8:db:52:
         3e:d5:0c:f3:86:59:0b:25:a0:f8:c9:46:ec:5d:3d:0c:3f:1f:
         47:60:ce:3e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKvvb/d2KFI3cxgDP2LuaNeOBGBkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzA1Njc2YzczM2ZkOGNjYWU1YmU2M2I5MmJkZGM5MGI3
YTViNzRlNjk0NDljMWViMDQwHhcNMjUwNDI1MTUxMDExWhcNMjUwNTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BmOTEzZGY1MTUxNjhmNWUwYTY4YzQyNjc0NjRlYWQyYjZk
MTFhYzU3ZmIxYTJlYWYwYmEwOGMyNDYxZDkzNGE4MS0wKwYDVQQDEyQwMDk5YTdl
YS03OTRhLTRhMjgtYjE2NC00OTU0NzYyNmViMTEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtTmFbnaE41qagPCj4UT3PfofxPbHd+V2FuuXTHjYc7JVt
1Dsx9qZ17sTximBKtud95O/J98FNUCivEtnlwYp+2fqpN9N5OWUm0YEKv8hRqY2y
X3p4jkMOf4VJJ5iOqJ3/M0P8q2DbVfIhklPCrxrC7V3u+Z7V/NPuK4NFMs3VdYYh
PTkZZIFJpQnoSmEB+fyIuvvtekgSH/iHEdOUGKvqupeHDQ+Gw4ZCeJMTNIVQEH76
iuFcEucVzrCmimEJ7wgK6ZaSWeAnztGcUfrLEvbFG/WY8nZ756zXO4deoBlyelwM
x3bu0PF837iUi/yR/tk0vNk/ZfJgcflwEIdv5JrVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU2ITmWChLZFZxhBGrKJoej3U13IgwHwYDVR0jBBgwFoAUmcNUTAjJlFS4
eZUe/6R6j2PIp3cwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi83N2I1NjQyOC05
YjUyLTQxNmYtYjI3OS1iYmFlMTQ0MjJkZTIvYzA1Njc2YzczM2ZkOGNjYWU1YmU2
M2I5MmJkZGM5MGI3YTViNzRlNjk0NDljMWViMDQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNDI1ODJjNjctZGQzZi00YmM1LWJhNjAtZTk3
ZTU1MmM2ZTM1L2VjMGUzYjcwLTY2YmUtNGNiNS1iYzE0LTk1M2Y0ZDJmNWZjNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzQyNTgyYzY3LWRkM2YtNGJjNS1iYTYw
LWU5N2U1NTJjNmUzNS9fWXpLNWI1anVTdmR5UXQ2VzNUbWxFbkI2d1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABgfwAwDQYJKoZIhvcNAQELBQADggEBAEW0gW0mLt2+3RbWWw2mw2jAKnzI
xbOjqPzaPMbCEXH2NYq5AtGwB2HWT7yvbPKPnmA+aYFXdfdqYk1o2zlup+qE6r3+
LlljR/uhHLLMzuzbtNAk06mbh/2Ptjx0BMXrmlmL3u7gyOtiZuPDpm/64qVUoLFJ
07I+7bgsXztR9V4bAf8ZAlXaLEe45TEnXpozkx+SIW5ZbzBdPXJ0CL72BZ/n6OOQ
ZlwJVu8qesu1eOTBRzQ/53q6wCKYDB9Audtipl05Vq5IJfsmH01B9hf9MA6I8LFR
4fozYNkgYhCqwsMBO5rojlJMaqjbUj7VDPOGWQsloPjJRuxdPQw/H0dgzj4=
-----END CERTIFICATE-----
Generated at Mon May 5 20:04:17 2025 by rpki-client