Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/24dfe680-d3e6-4d3d-8f28-ce2f99e02db6.roa
File:                     24dfe680-d3e6-4d3d-8f28-ce2f99e02db6.roa (raw, json)
Hash identifier:          vOiSRlbnVIvS7/dU0zfrfxpGlNXPFWCQ7kdmyJ1yoeU=
Subject key identifier:   26:8C:34:A4:C2:CC:C4:A9:6C:63:FF:39:C7:77:6A:14:E6:AC:7D:FF
Certificate issuer:       /CN=a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3
Certificate serial:       2FAD42FDEEFCBFADBC21E4BD3517E1CAE231989C
Authority key identifier: 91:2D:C6:0D:D7:64:29:82:BC:AE:7F:81:FE:3C:4C:12:72:80:22:1F
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/7188ac24-09cc-4f20-9dbd-cd9005d2797e/a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/24dfe680-d3e6-4d3d-8f28-ce2f99e02db6.roa
Signing time:             Fri 26 Sep 2025 00:50:32 +0000
ROA not before:           Fri 26 Sep 2025 00:50:32 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        50.112.32.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/YtvdNIMmh2ulZ1PLmbRkzEVTJLM.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/YtvdNIMmh2ulZ1PLmbRkzEVTJLM.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/7188ac24-09cc-4f20-9dbd-cd9005d2797e/a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/7188ac24-09cc-4f20-9dbd-cd9005d2797e/7188ac24-09cc-4f20-9dbd-cd9005d2797e.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/7188ac24-09cc-4f20-9dbd-cd9005d2797e/7188ac24-09cc-4f20-9dbd-cd9005d2797e.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/7188ac24-09cc-4f20-9dbd-cd9005d2797e.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 22 Oct 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:ad:42:fd:ee:fc:bf:ad:bc:21:e4:bd:35:17:e1:ca:e2:31:98:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3
        Validity
            Not Before: Sep 26 00:50:32 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=2262f4d717337a5b194ce1914abe43d47c7b5183b3d381f2935e9fa7762c7543, CN=ddfbc97c-7bed-40df-95ca-e664b29d7b27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:5b:f1:22:0d:c6:2d:64:17:25:42:2a:77:5c:
                    c9:12:0f:62:2a:43:d9:b9:c1:e7:49:88:ff:7b:52:
                    a7:7f:31:6b:84:6d:81:c4:c4:37:e4:07:f8:0f:40:
                    00:6c:97:19:81:58:a2:95:0d:41:99:8b:dd:4f:14:
                    58:f8:c3:37:a4:c5:c4:77:8a:fb:3a:5e:c5:cf:8c:
                    5c:30:9c:83:e8:0a:34:a8:41:35:02:4d:bb:2c:f4:
                    07:1c:5d:35:12:cb:bc:eb:d6:2a:89:78:05:ad:49:
                    29:30:17:a6:b8:5a:38:af:6c:a9:82:0d:8d:1c:30:
                    82:34:03:66:b0:fb:b7:2b:05:ea:15:e2:8c:4e:f5:
                    74:36:10:2a:be:b0:d1:76:2d:29:c9:17:17:87:c6:
                    bb:e9:0a:dc:29:71:e6:7d:b3:12:49:e9:86:b2:a3:
                    3f:23:8a:9d:6f:25:b4:bd:bd:0c:06:9f:5e:87:d2:
                    10:7b:3e:d9:96:21:e1:58:65:64:fb:8c:d8:e8:60:
                    79:67:9e:58:1f:96:af:3f:9d:64:c5:f8:b7:03:19:
                    20:4a:1b:2a:68:12:d1:8f:b3:e7:f7:f6:2d:00:a0:
                    a0:97:ba:00:50:4b:e2:2f:3a:56:81:06:d6:b5:38:
                    50:ed:95:65:27:f6:d7:a0:ca:2a:5e:e3:e9:fc:e3:
                    ab:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:8C:34:A4:C2:CC:C4:A9:6C:63:FF:39:C7:77:6A:14:E6:AC:7D:FF
            X509v3 Authority Key Identifier:
                keyid:91:2D:C6:0D:D7:64:29:82:BC:AE:7F:81:FE:3C:4C:12:72:80:22:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/7188ac24-09cc-4f20-9dbd-cd9005d2797e/a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/24dfe680-d3e6-4d3d-8f28-ce2f99e02db6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/YtvdNIMmh2ulZ1PLmbRkzEVTJLM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.112.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         39:0f:1b:20:27:57:a2:f2:a0:1e:d3:55:ce:2b:97:fd:6c:a2:
         ab:8e:a8:59:e9:3c:fe:d1:39:91:c2:21:1d:5f:6d:18:2a:95:
         e0:43:19:d8:e3:08:0c:3c:15:f5:8f:61:85:d2:2d:bc:d1:ac:
         96:18:75:8e:24:f3:f7:a9:a0:da:7c:82:b6:90:67:cc:d0:17:
         bb:8a:28:3d:37:8e:e9:be:6f:60:b8:37:08:80:57:f3:68:bb:
         04:1e:cb:15:42:5d:39:08:f7:38:3c:fa:98:4c:3c:05:b3:fc:
         f4:34:54:8f:0a:f4:6b:9b:13:dd:06:87:dd:a1:36:56:f2:72:
         44:78:3e:d8:d2:8d:40:c3:4a:8d:0f:62:f7:8e:1f:ab:72:4a:
         d1:fa:7d:71:38:45:8b:ba:bd:d7:8b:a5:4e:cd:52:f8:33:ec:
         a0:22:d9:77:b5:40:a0:54:ba:c8:3b:ef:d7:8f:3d:84:df:f7:
         53:c5:f5:80:6f:ce:ef:f5:4f:be:58:4c:57:ed:41:c9:5d:e2:
         88:e2:03:f7:99:d6:04:96:d4:a7:8e:89:2f:9a:5d:ec:ed:19:
         64:24:8a:05:68:f8:4b:fe:75:f0:f2:7b:af:ca:12:74:d8:55:
         85:f5:67:e3:2e:f7:e8:d9:f6:b7:c6:31:c7:05:a0:39:23:ed:
         79:45:cf:4e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUL61C/e78v628IeS9NRfhyuIxmJwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYTE1ZDhhYTEwZDYyZGJkZDM0ODMyNjg3NmJhNTY3NTNj
Yjk5YjQ2NGNjNDU1MzI0YjMwHhcNMjUwOTI2MDA1MDMyWhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMjYyZjRkNzE3MzM3YTViMTk0Y2UxOTE0YWJlNDNkNDdj
N2I1MTgzYjNkMzgxZjI5MzVlOWZhNzc2MmM3NTQzMS0wKwYDVQQDEyRkZGZiYzk3
Yy03YmVkLTQwZGYtOTVjYS1lNjY0YjI5ZDdiMjcwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCKW/EiDcYtZBclQip3XMkSD2IqQ9m5wedJiP97Uqd/MWuE
bYHExDfkB/gPQABslxmBWKKVDUGZi91PFFj4wzekxcR3ivs6XsXPjFwwnIPoCjSo
QTUCTbss9AccXTUSy7zr1iqJeAWtSSkwF6a4WjivbKmCDY0cMII0A2aw+7crBeoV
4oxO9XQ2ECq+sNF2LSnJFxeHxrvpCtwpceZ9sxJJ6Yayoz8jip1vJbS9vQwGn16H
0hB7PtmWIeFYZWT7jNjoYHlnnlgflq8/nWTF+LcDGSBKGypoEtGPs+f39i0AoKCX
ugBQS+IvOlaBBta1OFDtlWUn9tegyipe4+n846u/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUJow0pMLMxKlsY/85x3dqFOasff8wHwYDVR0jBBgwFoAUkS3GDddkKYK8
rn+B/jxMEnKAIh8wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi83MTg4YWMyNC0w
OWNjLTRmMjAtOWRiZC1jZDkwMDVkMjc5N2UvYTE1ZDhhYTEwZDYyZGJkZDM0ODMy
Njg3NmJhNTY3NTNjYjk5YjQ2NGNjNDU1MzI0YjMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNjAyYTI2ZTUtNGE5ZS00ZTVlLTg5ZjAtZWY4
OTE0OTBkOWM5LzI0ZGZlNjgwLWQzZTYtNGQzZC04ZjI4LWNlMmY5OWUwMmRiNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzYwMmEyNmU1LTRhOWUtNGU1ZS04OWYw
LWVmODkxNDkwZDljOS9ZdHZkTklNbWgydWxaMVBMbWJSa3pFVlRKTE0uY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAUycCAwDQYJKoZIhvcNAQELBQADggEBADkPGyAnV6LyoB7TVc4rl/1soquO
qFnpPP7ROZHCIR1fbRgqleBDGdjjCAw8FfWPYYXSLbzRrJYYdY4k8/epoNp8graQ
Z8zQF7uKKD03jum+b2C4NwiAV/NouwQeyxVCXTkI9zg8+phMPAWz/PQ0VI8K9Gub
E90Gh92hNlbyckR4PtjSjUDDSo0PYveOH6tyStH6fXE4RYu6vdeLpU7NUvgz7KAi
2Xe1QKBUusg779ePPYTf91PF9YBvzu/1T75YTFftQcld4ojiA/eZ1gSW1KeOiS+a
XeztGWQkigVo+Ev+dfDye6/KEnTYVYX1Z+Mu9+jZ9rfGMccFoDkj7XlFz04=
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:41:18 2025 by rpki-client