Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/1abc2a38-5fb6-406f-aa0c-a0c43202bad5.roa
File:                     1abc2a38-5fb6-406f-aa0c-a0c43202bad5.roa (raw, json)
Hash identifier:          185MMul+YrpvM3LsLaE3i6Sq5ScxjN+RYDyN3Ql4ZTM=
Subject key identifier:   8C:94:79:36:36:25:4D:FE:9B:2A:16:73:76:B7:59:A1:E8:C1:36:45
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       706B9D857618BC016787F93F7C510788594A544C
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/1abc2a38-5fb6-406f-aa0c-a0c43202bad5.roa
Signing time:             Mon 06 Oct 2025 17:37:47 +0000
ROA not before:           Mon 06 Oct 2025 17:37:47 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        35.96.30.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 22 Oct 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:6b:9d:85:76:18:bc:01:67:87:f9:3f:7c:51:07:88:59:4a:54:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Oct  6 17:37:47 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=b5eab933c537f1dd9ec71122238c2e0bfd500348dff32cdd6a541b861e8a2832, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:8b:a9:11:00:22:d4:0c:15:dc:8e:0c:d4:82:
                    05:c7:82:1a:52:cf:b2:c3:73:82:f3:81:54:f5:ec:
                    30:2c:d4:ac:71:fb:12:c8:ec:50:b8:39:59:70:4d:
                    49:27:d3:6d:15:ec:3c:fb:b9:de:ab:22:4e:84:88:
                    ae:c2:cc:8f:06:62:7c:1d:2a:6d:e1:e1:2a:03:d0:
                    01:0d:65:2f:b2:c3:d7:1a:bf:18:7b:c1:48:67:fe:
                    10:af:da:70:e7:37:d3:cf:2f:94:52:c2:f3:9c:07:
                    dc:23:1a:f4:93:de:90:db:fa:ac:4e:74:94:36:77:
                    37:e5:1f:3f:2a:8b:f3:52:c0:97:99:5b:c4:68:e0:
                    45:41:1b:9b:dd:13:84:64:b0:f6:4a:ba:e9:db:03:
                    36:a7:1a:9d:78:f3:a2:d9:db:c9:e4:6c:9e:0d:1b:
                    26:97:94:63:15:78:50:f6:0f:20:30:1e:f9:b4:e8:
                    c7:ed:d7:e9:d0:05:f0:13:42:32:0c:69:66:dc:03:
                    ba:df:ee:aa:14:50:52:4b:ec:ca:02:ae:f3:99:c3:
                    14:71:9e:2c:d7:11:91:f9:21:b5:91:49:7b:58:ff:
                    ae:09:2f:40:e4:a6:98:7a:ac:f2:6e:44:d8:d4:fa:
                    8d:7e:b5:3c:f6:d5:ff:6b:6d:bf:f4:4b:11:7c:e6:
                    3e:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:94:79:36:36:25:4D:FE:9B:2A:16:73:76:B7:59:A1:E8:C1:36:45
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/1abc2a38-5fb6-406f-aa0c-a0c43202bad5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.30.0/23

    Signature Algorithm: sha256WithRSAEncryption
         62:15:63:85:a4:b8:e6:35:e0:44:60:ec:91:9d:35:b3:f0:43:
         7f:08:64:71:55:c5:b5:19:c0:b5:20:72:14:01:08:ea:55:e4:
         d3:0d:ad:12:d3:e3:4a:ea:0a:c7:c0:d3:f4:14:7c:92:c6:61:
         aa:6c:e4:1c:5d:5d:42:91:6b:a2:70:47:24:0b:c2:b8:de:c2:
         d5:31:84:6b:4d:bc:39:3f:3f:90:70:6b:d8:4a:61:90:22:91:
         51:31:1e:2b:31:06:df:c8:5d:de:d9:df:01:32:aa:f0:38:04:
         7d:25:7a:05:7f:b6:b8:68:22:37:28:ca:76:2d:82:a1:38:1e:
         fa:9c:e3:9a:a5:ad:c5:f5:3f:13:cd:d7:18:eb:8e:96:74:12:
         ff:00:a5:38:64:67:b8:6f:6a:6b:a5:bf:94:09:6c:65:e8:32:
         ba:44:9b:a5:0b:a5:97:86:44:fa:27:dd:9c:9a:37:3c:14:9d:
         81:9a:9c:60:04:5b:ca:c1:97:d7:72:47:f0:39:97:c6:4d:61:
         fd:ae:76:c6:71:50:89:12:ed:d6:c3:d5:0e:1a:d6:c4:d7:f7:
         88:20:82:29:74:24:60:cb:47:7a:6e:49:20:fc:ae:ac:19:30:
         81:ea:10:10:f6:56:78:ff:b1:81:de:9b:4c:7d:d5:76:db:4b:
         6e:48:00:65
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcGudhXYYvAFnh/k/fFEHiFlKVEwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUxMDA2MTczNzQ3WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNWVhYjkzM2M1MzdmMWRkOWVjNzExMjIyMzhjMmUwYmZk
NTAwMzQ4ZGZmMzJjZGQ2YTU0MWI4NjFlOGEyODMyMS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDIi6kRACLUDBXcjgzUggXHghpSz7LDc4LzgVT17DAs1Kxx
+xLI7FC4OVlwTUkn020V7Dz7ud6rIk6EiK7CzI8GYnwdKm3h4SoD0AENZS+yw9ca
vxh7wUhn/hCv2nDnN9PPL5RSwvOcB9wjGvST3pDb+qxOdJQ2dzflHz8qi/NSwJeZ
W8Ro4EVBG5vdE4RksPZKuunbAzanGp1486LZ28nkbJ4NGyaXlGMVeFD2DyAwHvm0
6Mft1+nQBfATQjIMaWbcA7rf7qoUUFJL7MoCrvOZwxRxnizXEZH5IbWRSXtY/64J
L0Dkpph6rPJuRNjU+o1+tTz21f9rbb/0SxF85j5NAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUjJR5NjYlTf6bKhZzdrdZoejBNkUwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyLzFhYmMyYTM4LTVmYjYtNDA2Zi1hYTBjLWEwYzQzMjAyYmFkNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEjYB4wDQYJKoZIhvcNAQELBQADggEBAGIVY4WkuOY14ERg7JGdNbPwQ38I
ZHFVxbUZwLUgchQBCOpV5NMNrRLT40rqCsfA0/QUfJLGYaps5BxdXUKRa6JwRyQL
wrjewtUxhGtNvDk/P5Bwa9hKYZAikVExHisxBt/IXd7Z3wEyqvA4BH0legV/trho
IjcoynYtgqE4Hvqc45qlrcX1PxPN1xjrjpZ0Ev8ApThkZ7hvamulv5QJbGXoMrpE
m6ULpZeGRPon3ZyaNzwUnYGanGAEW8rBl9dyR/A5l8ZNYf2udsZxUIkS7dbD1Q4a
1sTX94gggil0JGDLR3puSSD8rqwZMIHqEBD2Vnj/sYHem0x91XbbS25IAGU=
-----END CERTIFICATE-----
Generated at Mon Oct 20 17:44:25 2025 by rpki-client