Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/18cdfa47-85de-4602-bfd8-f6afe891d51b.roa
File:                     18cdfa47-85de-4602-bfd8-f6afe891d51b.roa (raw, json)
Hash identifier:          l3MMEz1Iq6pvGFPNGClo6t66IUeWFG6perflcBCH4uU=
Subject key identifier:   CA:CA:70:D4:57:5B:6F:77:93:EC:60:FB:E3:EE:D9:E5:58:31:2B:CE
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       5AFAB379BB68B9EB63F494247A35A91C0ED592C6
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/18cdfa47-85de-4602-bfd8-f6afe891d51b.roa
Signing time:             Sun 19 Oct 2025 05:00:15 +0000
ROA not before:           Sun 19 Oct 2025 05:00:15 +0000
ROA not after:            Sun 23 Nov 2025 23:59:59 +0000
asID:                     801
IP address blocks:        2631::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:fa:b3:79:bb:68:b9:eb:63:f4:94:24:7a:35:a9:1c:0e:d5:92:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Oct 19 05:00:15 2025 GMT
            Not After : Nov 23 23:59:59 2025 GMT
        Subject: serialNumber=92773fa3f0f7a846b51d0b3ef87e7878a870bf268548847d92475ecbdb3cfd59, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:90:ed:e5:8a:02:c5:8b:43:1a:b2:91:4c:3e:
                    a1:f4:a0:68:aa:06:88:5f:45:a5:9e:5a:0b:6c:e3:
                    27:5c:ad:31:3d:e4:52:2f:6a:8f:7f:05:61:91:38:
                    9c:4a:a5:e8:b6:f7:f7:c2:5e:a0:09:d8:ab:4c:eb:
                    64:50:3e:a2:24:77:3a:d3:87:60:24:ad:87:77:e9:
                    62:45:28:ae:38:d1:bc:49:d5:7a:54:5e:c1:ae:bf:
                    66:0f:1a:1d:ac:d8:70:89:b3:ea:00:2f:0a:fe:6c:
                    e5:88:78:1b:e2:b0:5f:43:7f:0e:d7:b7:d1:dc:42:
                    66:51:94:a3:03:2a:a1:78:e6:8f:0f:31:e5:19:38:
                    a1:d4:1b:32:f3:34:02:ca:1d:81:7d:26:0e:3d:cd:
                    cb:3d:8e:4e:cf:82:21:5f:f5:66:54:03:b5:07:27:
                    08:eb:18:e8:c6:8f:36:a7:b9:66:7e:9d:e2:8a:14:
                    d8:ad:08:a5:94:7c:19:33:3d:ed:aa:fa:66:16:84:
                    b3:f5:0c:36:8f:8c:ad:3b:ca:bc:c1:3a:fb:ce:f6:
                    72:21:1b:bc:4e:d8:f3:9a:79:8d:c1:85:23:fb:65:
                    3c:e3:47:59:e7:58:d3:91:64:0b:45:ac:bf:75:3e:
                    d8:15:20:0c:01:cc:67:7c:9b:fb:c9:49:d1:23:97:
                    88:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:CA:70:D4:57:5B:6F:77:93:EC:60:FB:E3:EE:D9:E5:58:31:2B:CE
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/18cdfa47-85de-4602-bfd8-f6afe891d51b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2631::/48

    Signature Algorithm: sha256WithRSAEncryption
         41:e2:16:9e:ab:ab:4c:21:b3:81:11:6a:e6:ac:02:22:ae:67:
         56:79:c7:61:28:ca:75:c2:2f:71:4b:ef:19:b7:f9:15:d1:73:
         62:39:42:99:17:ca:07:d7:33:0f:f1:4d:b0:cb:53:8e:33:25:
         08:09:1a:6a:ce:71:2c:df:ef:17:0a:28:a3:10:49:5d:58:6d:
         81:f5:26:1a:f8:d0:bd:4f:b4:ad:a9:b0:bb:d2:f8:e4:32:e6:
         e6:89:36:46:0f:4d:c5:95:09:cf:a0:00:f4:ec:44:f4:58:12:
         ab:53:c6:d7:b8:b6:94:c6:0b:85:fd:8b:05:f0:d2:d9:94:b5:
         0a:38:59:d8:31:35:0d:a8:4a:c4:d6:7e:06:a6:95:1b:0c:33:
         ab:e5:d0:71:17:7d:6f:0c:d0:28:84:24:80:26:79:af:df:5d:
         f0:0b:4d:05:9f:1c:56:74:a1:1a:ae:8a:13:81:10:b8:d3:79:
         43:f7:f0:59:29:a3:e3:30:2a:f1:93:d8:bf:8d:dd:1e:37:65:
         91:f6:ee:56:f5:a6:08:02:81:2b:ea:87:0a:a2:db:85:c5:60:
         a3:da:af:08:49:46:8c:4d:a0:74:77:43:3a:19:ea:4f:a9:84:
         13:1d:29:b0:82:40:f5:2c:b3:44:5e:bc:9f:ff:ed:a3:c4:f7:
         81:65:74:e0
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUWvqzebtouetj9JQkejWpHA7VksYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUxMDE5MDUwMDE1WhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A5Mjc3M2ZhM2YwZjdhODQ2YjUxZDBiM2VmODdlNzg3OGE4
NzBiZjI2ODU0ODg0N2Q5MjQ3NWVjYmRiM2NmZDU5MS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKkO3ligLFi0MaspFMPqH0oGiqBohfRaWeWgts4ydcrTE9
5FIvao9/BWGROJxKpei29/fCXqAJ2KtM62RQPqIkdzrTh2AkrYd36WJFKK440bxJ
1XpUXsGuv2YPGh2s2HCJs+oALwr+bOWIeBvisF9Dfw7Xt9HcQmZRlKMDKqF45o8P
MeUZOKHUGzLzNALKHYF9Jg49zcs9jk7PgiFf9WZUA7UHJwjrGOjGjzanuWZ+neKK
FNitCKWUfBkzPe2q+mYWhLP1DDaPjK07yrzBOvvO9nIhG7xO2POaeY3BhSP7ZTzj
R1nnWNORZAtFrL91PtgVIAwBzGd8m/vJSdEjl4idAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUyspw1Fdbb3eT7GD74+7Z5VgxK84wHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyLzE4Y2RmYTQ3LTg1ZGUtNDYwMi1iZmQ4LWY2YWZlODkxZDUxYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmMQAAAAAwDQYJKoZIhvcNAQELBQADggEBAEHiFp6rq0whs4ERauasAiKu
Z1Z5x2EoynXCL3FL7xm3+RXRc2I5QpkXygfXMw/xTbDLU44zJQgJGmrOcSzf7xcK
KKMQSV1YbYH1Jhr40L1PtK2psLvS+OQy5uaJNkYPTcWVCc+gAPTsRPRYEqtTxte4
tpTGC4X9iwXw0tmUtQo4WdgxNQ2oSsTWfgamlRsMM6vl0HEXfW8M0CiEJIAmea/f
XfALTQWfHFZ0oRquihOBELjTeUP38Fkpo+MwKvGT2L+N3R43ZZH27lb1pggCgSvq
hwqi24XFYKParwhJRoxNoHR3QzoZ6k+phBMdKbCCQPUss0RevJ//7aPE94FldOA=
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:17:21 2025 by rpki-client