Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/f3e78c9d-caff-4237-aaba-b40f901e3c8a.roa
File:                     f3e78c9d-caff-4237-aaba-b40f901e3c8a.roa (raw, json)
Hash identifier:          ap6QxaDQy/tk9z+Oobls/feyr1kRXlXAUM++GCP4/QU=
Subject key identifier:   9E:93:F8:D0:18:AD:31:53:C6:99:44:6E:9F:12:76:4E:5D:5B:E3:4E
Certificate issuer:       /CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
Certificate serial:       48229945A8AE4B31374057918761E7B73729A375
Authority key identifier: 99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/f3e78c9d-caff-4237-aaba-b40f901e3c8a.roa
Signing time:             Fri 26 Sep 2025 00:41:14 +0000
ROA not before:           Fri 26 Sep 2025 00:41:14 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        96.127.1.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 23 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:22:99:45:a8:ae:4b:31:37:40:57:91:87:61:e7:b7:37:29:a3:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
        Validity
            Not Before: Sep 26 00:41:14 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=ac8771a5af8554a2ee248efc42c5571f40980a3cda8f8dd924b7e93963910a1b, CN=0099a7ea-794a-4a28-b164-49547626eb11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:7a:6c:73:7f:d4:25:37:44:05:a9:28:b1:86:
                    b2:34:b3:a2:a5:e1:cc:a6:85:d3:3f:8a:d8:ca:7d:
                    1b:3f:6f:79:53:70:59:6b:86:5f:a2:4e:8f:03:d8:
                    32:44:43:02:fe:20:38:bc:85:8e:0f:52:df:0b:99:
                    b1:05:99:2d:00:13:04:ba:f8:bd:35:b0:c5:d4:19:
                    16:18:8d:37:f7:bf:c7:3a:81:15:d5:00:af:05:22:
                    8a:bf:c7:68:26:b0:3a:06:3f:1c:28:05:a2:3a:99:
                    4f:98:3b:f4:54:64:4c:f1:80:b8:a2:e2:71:14:44:
                    45:da:25:5f:29:94:4e:47:65:3f:76:13:63:25:93:
                    71:57:5b:92:1d:41:30:99:74:d6:12:0a:e1:f6:6e:
                    5a:5a:f2:1d:d0:09:6d:0f:b0:97:2e:6d:71:d5:c7:
                    0a:a2:d6:3f:9a:9d:42:0b:83:ba:3a:28:bc:9d:c2:
                    71:fa:52:80:47:a1:4c:41:eb:e5:68:5c:e6:bd:8a:
                    27:2c:12:29:56:35:e5:8b:ea:52:fa:7a:b6:7f:a2:
                    aa:ab:17:18:5d:a3:2e:a3:d8:46:fa:23:bb:69:c1:
                    4b:75:24:5d:11:e8:cc:dc:08:30:2c:4d:86:84:a2:
                    9b:ce:57:ef:48:f2:1b:c5:ae:e4:98:16:4d:a6:25:
                    45:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:93:F8:D0:18:AD:31:53:C6:99:44:6E:9F:12:76:4E:5D:5B:E3:4E
            X509v3 Authority Key Identifier:
                keyid:99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/f3e78c9d-caff-4237-aaba-b40f901e3c8a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  96.127.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:df:02:e7:79:bd:42:18:c0:12:e5:6c:83:63:8d:94:37:55:
         29:0c:15:cb:e9:0a:0a:ed:13:68:a3:61:65:47:6b:d5:5d:ad:
         84:0e:33:45:95:a6:3e:a3:8b:ab:75:13:fd:b0:4e:04:b9:4e:
         39:94:c8:54:cb:98:33:a6:84:83:0d:61:a4:f1:55:d0:46:45:
         5b:18:94:40:2e:35:55:97:0a:89:ab:48:8b:5f:96:74:a3:d2:
         c0:de:c8:3e:2a:b7:6f:9e:90:9e:ff:55:52:91:60:77:b2:d6:
         d6:df:58:3c:b1:1d:c0:22:65:79:65:7c:60:80:17:d5:da:02:
         48:85:1f:28:2c:8c:86:5a:f8:26:1b:80:74:c3:e8:8f:84:f6:
         41:90:0e:6e:61:da:3c:10:cc:84:fc:55:2a:80:cd:36:d6:e6:
         bc:99:48:90:69:87:12:a8:b3:d9:73:a5:1e:f8:d8:6b:55:d7:
         98:65:93:95:bf:41:90:f4:94:68:e3:73:45:84:8f:ed:17:d1:
         cd:d2:aa:75:38:c2:97:02:26:0b:a8:5e:47:a5:e9:1f:0b:3e:
         ee:97:c8:2a:d5:e4:fb:58:87:0c:fd:29:d9:d9:73:6e:8d:4e:
         45:57:9c:b6:0f:94:38:ed:0e:94:d9:a6:05:1e:3d:62:94:5f:
         c7:65:2c:8b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSCKZRaiuSzE3QFeRh2Hntzcpo3UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzA1Njc2YzczM2ZkOGNjYWU1YmU2M2I5MmJkZGM5MGI3
YTViNzRlNjk0NDljMWViMDQwHhcNMjUwOTI2MDA0MTE0WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BhYzg3NzFhNWFmODU1NGEyZWUyNDhlZmM0MmM1NTcxZjQw
OTgwYTNjZGE4ZjhkZDkyNGI3ZTkzOTYzOTEwYTFiMS0wKwYDVQQDEyQwMDk5YTdl
YS03OTRhLTRhMjgtYjE2NC00OTU0NzYyNmViMTEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCVemxzf9QlN0QFqSixhrI0s6Kl4cymhdM/itjKfRs/b3lT
cFlrhl+iTo8D2DJEQwL+IDi8hY4PUt8LmbEFmS0AEwS6+L01sMXUGRYYjTf3v8c6
gRXVAK8FIoq/x2gmsDoGPxwoBaI6mU+YO/RUZEzxgLii4nEUREXaJV8plE5HZT92
E2Mlk3FXW5IdQTCZdNYSCuH2blpa8h3QCW0PsJcubXHVxwqi1j+anUILg7o6KLyd
wnH6UoBHoUxB6+VoXOa9iicsEilWNeWL6lL6erZ/oqqrFxhdoy6j2Eb6I7tpwUt1
JF0R6MzcCDAsTYaEopvOV+9I8hvFruSYFk2mJUUPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUnpP40BitMVPGmURunxJ2Tl1b404wHwYDVR0jBBgwFoAUmcNUTAjJlFS4
eZUe/6R6j2PIp3cwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi83N2I1NjQyOC05
YjUyLTQxNmYtYjI3OS1iYmFlMTQ0MjJkZTIvYzA1Njc2YzczM2ZkOGNjYWU1YmU2
M2I5MmJkZGM5MGI3YTViNzRlNjk0NDljMWViMDQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNDI1ODJjNjctZGQzZi00YmM1LWJhNjAtZTk3
ZTU1MmM2ZTM1L2YzZTc4YzlkLWNhZmYtNDIzNy1hYWJhLWI0MGY5MDFlM2M4YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzQyNTgyYzY3LWRkM2YtNGJjNS1iYTYw
LWU5N2U1NTJjNmUzNS9fWXpLNWI1anVTdmR5UXQ2VzNUbWxFbkI2d1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABgfwEwDQYJKoZIhvcNAQELBQADggEBAAHfAud5vUIYwBLlbINjjZQ3VSkM
FcvpCgrtE2ijYWVHa9VdrYQOM0WVpj6ji6t1E/2wTgS5TjmUyFTLmDOmhIMNYaTx
VdBGRVsYlEAuNVWXComrSItflnSj0sDeyD4qt2+ekJ7/VVKRYHey1tbfWDyxHcAi
ZXllfGCAF9XaAkiFHygsjIZa+CYbgHTD6I+E9kGQDm5h2jwQzIT8VSqAzTbW5ryZ
SJBphxKos9lzpR742GtV15hlk5W/QZD0lGjjc0WEj+0X0c3SqnU4wpcCJguoXkel
6R8LPu6XyCrV5PtYhwz9KdnZc26NTkVXnLYPlDjtDpTZpgUePWKUX8dlLIs=
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:40:26 2025 by rpki-client