Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/0e814f2c-6100-4037-9dcc-cdaf3e20d853.roa
File:                     0e814f2c-6100-4037-9dcc-cdaf3e20d853.roa (raw, json)
Hash identifier:          0dWuEhErnFMv1WxLUlDrKTrNoXCvKynkFsCsGtR86SY=
Subject key identifier:   86:15:8D:36:4F:B9:8F:E9:72:E6:9D:A0:2C:FB:03:9D:EB:13:B1:90
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       25EECE77695FA783DB590FB19C774AA29293F908
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/0e814f2c-6100-4037-9dcc-cdaf3e20d853.roa
Signing time:             Fri 26 Sep 2025 18:00:19 +0000
ROA not before:           Fri 26 Sep 2025 18:00:19 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     801
IP address blocks:        35.96.2.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:ee:ce:77:69:5f:a7:83:db:59:0f:b1:9c:77:4a:a2:92:93:f9:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Sep 26 18:00:19 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=4e18d79ccb1d9308b91d423b202bdfa28ab6bdb6eb708f83ab3e098b57abf0ea, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:c1:00:f9:d3:ff:46:2d:61:c5:e3:9a:3e:a4:
                    26:9e:d7:03:0f:33:d6:5a:38:aa:8c:de:cf:8f:cf:
                    69:15:42:23:b6:ae:be:d7:41:85:3e:83:22:2a:d4:
                    a8:3c:9e:b4:42:56:27:4c:1c:6e:90:ab:ba:cf:cc:
                    d6:59:f9:fe:1f:a7:78:56:ef:a3:8e:f1:eb:d4:16:
                    ed:45:36:69:83:1f:40:ac:39:7b:48:bf:cf:a5:05:
                    d8:d8:8a:06:a1:f7:fb:4f:5e:01:65:fa:57:37:7d:
                    b5:f7:92:42:fe:98:71:29:f8:58:ec:00:51:f7:be:
                    1e:c2:54:74:4e:02:c4:04:28:5f:54:1b:2d:53:9f:
                    10:c9:01:e4:9b:41:6b:a1:8c:5d:2a:c0:f8:34:74:
                    93:21:e7:42:48:8e:de:d1:53:e6:1f:d3:05:8d:e7:
                    54:46:2c:e0:15:f1:16:ec:e3:39:ee:06:6d:ff:56:
                    b0:a5:05:23:8a:58:c4:67:92:5d:3f:34:90:0d:44:
                    47:10:fe:68:2a:54:93:40:3b:0c:c6:31:cc:02:1c:
                    2c:02:71:51:bb:51:00:ae:b7:7c:21:70:b1:b2:0b:
                    61:79:92:45:2b:44:03:f8:25:18:3f:9a:80:80:03:
                    e7:bd:e6:96:df:43:51:51:22:66:03:7a:73:6d:3d:
                    3f:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:15:8D:36:4F:B9:8F:E9:72:E6:9D:A0:2C:FB:03:9D:EB:13:B1:90
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/0e814f2c-6100-4037-9dcc-cdaf3e20d853.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:bc:d0:8b:85:23:dc:28:e4:f2:fc:5b:7a:52:b8:72:43:99:
         a8:cd:3d:58:56:8c:be:53:f7:80:da:ad:72:cf:98:fe:fe:16:
         37:1b:64:ac:f3:c0:b8:50:c9:de:f8:6c:42:99:63:ad:f9:be:
         e3:82:c1:74:3f:c8:5b:7f:05:21:42:ad:3f:6a:6a:b8:74:3e:
         b8:f5:b4:3e:27:51:63:e8:22:d4:39:74:f8:16:29:77:68:76:
         c9:b0:6a:72:26:92:e3:75:0b:0b:5d:fd:66:c3:c9:38:a0:e8:
         62:b4:77:27:27:33:48:49:a0:5c:ab:74:5d:32:d1:9d:58:78:
         bb:a6:1e:f0:92:0d:a2:b9:26:e5:9b:8a:da:27:74:d0:1f:a7:
         de:97:21:6f:e1:1a:2a:06:74:67:76:46:21:29:cc:ad:48:02:
         d4:6c:55:58:bc:f3:ce:e3:2b:bc:cb:b5:01:8f:d3:17:a9:0b:
         ec:2c:9c:08:93:82:92:e4:f6:dc:8f:2d:dd:df:db:cf:fa:aa:
         b4:4c:1c:3e:95:24:12:17:77:af:a9:68:4c:f7:48:92:27:76:
         1f:9f:b6:c6:7a:6c:47:36:93:3d:43:e8:e3:6b:5c:b9:f6:44:
         10:f4:a3:24:b0:d5:f5:7f:0c:a4:d0:d7:38:61:2e:87:2d:40:
         df:5a:30:2d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJe7Od2lfp4PbWQ+xnHdKopKT+QgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwOTI2MTgwMDE5WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZTE4ZDc5Y2NiMWQ5MzA4YjkxZDQyM2IyMDJiZGZhMjhh
YjZiZGI2ZWI3MDhmODNhYjNlMDk4YjU3YWJmMGVhMS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7wQD50/9GLWHF45o+pCae1wMPM9ZaOKqM3s+Pz2kVQiO2
rr7XQYU+gyIq1Kg8nrRCVidMHG6Qq7rPzNZZ+f4fp3hW76OO8evUFu1FNmmDH0Cs
OXtIv8+lBdjYigah9/tPXgFl+lc3fbX3kkL+mHEp+FjsAFH3vh7CVHROAsQEKF9U
Gy1TnxDJAeSbQWuhjF0qwPg0dJMh50JIjt7RU+Yf0wWN51RGLOAV8Rbs4znuBm3/
VrClBSOKWMRnkl0/NJANREcQ/mgqVJNAOwzGMcwCHCwCcVG7UQCut3whcLGyC2F5
kkUrRAP4JRg/moCAA+e95pbfQ1FRImYDenNtPT9hAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUhhWNNk+5j+ly5p2gLPsDnesTsZAwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyLzBlODE0ZjJjLTYxMDAtNDAzNy05ZGNjLWNkYWYzZTIwZDg1My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAjYAIwDQYJKoZIhvcNAQELBQADggEBAF280IuFI9wo5PL8W3pSuHJDmajN
PVhWjL5T94DarXLPmP7+FjcbZKzzwLhQyd74bEKZY635vuOCwXQ/yFt/BSFCrT9q
arh0Prj1tD4nUWPoItQ5dPgWKXdodsmwanImkuN1Cwtd/WbDyTig6GK0dycnM0hJ
oFyrdF0y0Z1YeLumHvCSDaK5JuWbitondNAfp96XIW/hGioGdGd2RiEpzK1IAtRs
VVi8887jK7zLtQGP0xepC+wsnAiTgpLk9tyPLd3f28/6qrRMHD6VJBIXd6+paEz3
SJIndh+ftsZ6bEc2kz1D6ONrXLn2RBD0oySw1fV/DKTQ1zhhLoctQN9aMC0=
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:17:37 2025 by rpki-client