Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/032f5679-c24a-4076-8fcb-bd755c81bb16.roa
File:                     032f5679-c24a-4076-8fcb-bd755c81bb16.roa (raw, json)
Hash identifier:          wUKRXxUq/ugaj8I7m9vAfNstUVkNz+V5s9WDz2ovKrs=
Subject key identifier:   10:73:F1:5B:3E:6D:6E:F6:89:7F:37:03:F2:DC:57:2C:A8:22:6D:68
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       6FEE6A1AE7971832771430760723EA0AE00A069B
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/032f5679-c24a-4076-8fcb-bd755c81bb16.roa
Signing time:             Fri 26 Sep 2025 18:00:17 +0000
ROA not before:           Fri 26 Sep 2025 18:00:17 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     801
IP address blocks:        35.96.6.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:ee:6a:1a:e7:97:18:32:77:14:30:76:07:23:ea:0a:e0:0a:06:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Sep 26 18:00:17 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=e84ca22e9954fc169d5d16b8be27efd1549c9ad6fa2fdf9e677fb04514cacb09, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:c3:7a:b1:18:db:ba:d1:de:04:b1:a8:c5:4c:
                    d0:38:f3:71:24:df:7b:ac:e1:f6:85:2a:82:de:39:
                    fa:c7:cd:d0:12:c7:c7:55:36:9f:50:6e:16:d9:e0:
                    64:c7:c6:18:d7:74:f0:44:e2:76:69:b7:cc:22:ed:
                    86:18:4b:98:54:12:9a:6c:41:e6:97:5e:75:d2:ba:
                    50:aa:f3:66:9e:9b:97:fc:d1:6c:fb:0f:dd:24:0e:
                    16:30:e2:83:bd:2d:82:63:83:43:0a:5e:da:da:a9:
                    d1:c5:8c:4d:83:f5:54:a3:3c:56:c2:a6:6f:8a:1d:
                    43:ab:87:26:93:ce:13:1a:65:23:6d:4f:03:21:81:
                    b9:59:3d:06:12:8f:38:33:2e:ac:d1:6f:29:19:68:
                    a9:69:6e:17:9a:c2:3f:15:83:38:f8:0a:b3:26:8b:
                    1a:cb:aa:03:a5:7a:35:89:eb:d4:64:80:18:bd:bf:
                    0c:b6:fb:f3:5d:0a:63:02:26:3e:f0:31:43:1e:5a:
                    6e:63:3a:96:d2:6c:76:aa:6a:fa:04:ad:8c:4d:45:
                    b0:a8:43:38:1b:6d:27:e3:61:a8:1f:4e:b1:1d:51:
                    ad:c9:e8:a5:6f:66:4d:ad:3a:cd:4c:e5:49:78:5b:
                    a3:33:24:68:2c:70:1d:14:95:a5:3b:d8:f8:52:05:
                    1b:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:73:F1:5B:3E:6D:6E:F6:89:7F:37:03:F2:DC:57:2C:A8:22:6D:68
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/032f5679-c24a-4076-8fcb-bd755c81bb16.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:2d:a5:74:bf:07:7a:18:bf:3d:e7:53:6b:a9:e6:0e:17:0f:
         28:e4:9e:b8:5e:1d:d6:9f:82:dc:69:8f:30:e6:ac:e8:18:e6:
         cf:0a:58:7e:94:2d:2d:8e:33:7e:f9:ce:d1:50:fd:62:68:ba:
         c0:b2:bf:12:91:25:84:43:6c:10:2a:39:bd:e6:2d:15:04:f6:
         2c:fa:a7:fb:30:ee:df:72:1b:ed:62:4e:d3:e3:bf:12:99:eb:
         b3:9f:21:41:81:9d:15:b3:16:2c:d4:de:e9:e7:c2:49:c7:cf:
         33:dd:c5:4f:80:9d:ea:27:5c:0a:8b:15:41:50:b6:d0:1c:83:
         a0:2a:21:c1:f1:c1:18:e4:88:e5:13:ff:40:fa:99:20:db:12:
         c2:19:38:a0:50:a4:90:0f:61:80:a2:a0:d9:e0:c9:d6:3a:29:
         db:6e:68:70:dd:6b:59:e3:46:78:64:5a:33:dd:a3:35:89:6e:
         9d:5a:21:60:39:cd:4d:a7:dc:54:cb:4d:9a:c0:43:86:c0:62:
         30:8e:0f:d2:a1:52:57:e6:a6:f5:d6:a4:db:33:d8:21:c1:55:
         58:04:cd:7a:2d:04:89:c7:36:e5:56:c4:bc:f2:7b:40:c5:10:
         49:1e:b3:93:de:9e:82:0e:98:44:3c:b0:d9:6b:e9:1f:96:22:
         c2:b1:d9:a0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUb+5qGueXGDJ3FDB2ByPqCuAKBpswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwOTI2MTgwMDE3WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BlODRjYTIyZTk5NTRmYzE2OWQ1ZDE2YjhiZTI3ZWZkMTU0
OWM5YWQ2ZmEyZmRmOWU2NzdmYjA0NTE0Y2FjYjA5MS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfw3qxGNu60d4EsajFTNA483Ek33us4faFKoLeOfrHzdAS
x8dVNp9QbhbZ4GTHxhjXdPBE4nZpt8wi7YYYS5hUEppsQeaXXnXSulCq82aem5f8
0Wz7D90kDhYw4oO9LYJjg0MKXtraqdHFjE2D9VSjPFbCpm+KHUOrhyaTzhMaZSNt
TwMhgblZPQYSjzgzLqzRbykZaKlpbheawj8Vgzj4CrMmixrLqgOlejWJ69RkgBi9
vwy2+/NdCmMCJj7wMUMeWm5jOpbSbHaqavoErYxNRbCoQzgbbSfjYagfTrEdUa3J
6KVvZk2tOs1M5Ul4W6MzJGgscB0UlaU72PhSBRt7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUEHPxWz5tbvaJfzcD8txXLKgibWgwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyLzAzMmY1Njc5LWMyNGEtNDA3Ni04ZmNiLWJkNzU1YzgxYmIxNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAjYAYwDQYJKoZIhvcNAQELBQADggEBAFotpXS/B3oYvz3nU2up5g4XDyjk
nrheHdafgtxpjzDmrOgY5s8KWH6ULS2OM375ztFQ/WJousCyvxKRJYRDbBAqOb3m
LRUE9iz6p/sw7t9yG+1iTtPjvxKZ67OfIUGBnRWzFizU3unnwknHzzPdxU+Aneon
XAqLFUFQttAcg6AqIcHxwRjkiOUT/0D6mSDbEsIZOKBQpJAPYYCioNngydY6Kdtu
aHDda1njRnhkWjPdozWJbp1aIWA5zU2n3FTLTZrAQ4bAYjCOD9KhUlfmpvXWpNsz
2CHBVVgEzXotBInHNuVWxLzye0DFEEkes5PenoIOmEQ8sNlr6R+WIsKx2aA=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:57:54 2025 by rpki-client