Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/1bbf117d-2531-42a6-b595-4c38287c1d36.roa
File:                     1bbf117d-2531-42a6-b595-4c38287c1d36.roa (raw, json)
Hash identifier:          205SFDAMWNjPzjRaoY8ilcg9PehC+kfCpufW0u0T7Qk=
Subject key identifier:   0A:7C:BE:CE:C6:25:9D:B7:CE:47:54:41:3E:BF:DA:EA:45:88:8B:42
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       30AABFB8D2BFB0EE9F4F459623EA258F8048808A
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/1bbf117d-2531-42a6-b595-4c38287c1d36.roa
Signing time:             Mon 06 Oct 2025 17:20:08 +0000
ROA not before:           Mon 06 Oct 2025 17:20:08 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     801
IP address blocks:        35.96.5.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:aa:bf:b8:d2:bf:b0:ee:9f:4f:45:96:23:ea:25:8f:80:48:80:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Oct  6 17:20:08 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=0b4579b05f09f7ffad177f32882ee5c00ce28b0a08a74ca9f365a451b95f0e71, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:4b:c1:73:6e:f5:3c:84:a2:c2:a3:31:66:fe:
                    ea:96:fd:57:be:6a:1d:5f:a2:29:d6:d0:56:5d:74:
                    cc:d1:36:0b:1c:89:3e:ec:65:c9:b1:ed:3e:e9:08:
                    16:7b:53:73:6d:84:a1:cf:40:9e:8e:b8:d9:17:71:
                    e9:ca:72:bc:88:e9:48:4d:cf:6a:5c:26:94:87:6f:
                    0d:6c:0b:24:3e:cf:39:63:b8:3a:fb:e1:52:60:d3:
                    a7:97:23:d8:2a:3d:27:b8:d9:fd:d3:4e:67:ee:9d:
                    58:cd:fe:39:f2:5a:29:6e:5b:d6:1c:3e:fc:6d:f8:
                    f3:4a:ee:dd:1a:0b:b3:f6:99:f5:09:be:b2:f4:c6:
                    cc:27:9d:46:65:21:6f:93:75:cf:d9:da:f3:1f:07:
                    3b:7d:f7:45:6a:f6:79:b3:4f:b3:01:92:61:9f:2a:
                    e1:6a:51:be:69:ae:78:6f:3f:f9:47:e4:65:9d:97:
                    c9:4c:d6:1f:52:b7:58:c2:6f:48:51:26:06:de:81:
                    a7:3d:9c:f9:64:10:3d:10:75:75:8c:35:fb:66:9f:
                    22:66:88:f2:92:1c:b6:58:dc:43:0d:a3:4f:66:03:
                    7f:16:a8:4c:79:81:f1:53:61:0e:62:1e:c1:f9:b3:
                    50:0f:c2:f2:6c:a5:3a:be:88:3c:95:d1:07:bc:a3:
                    87:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:7C:BE:CE:C6:25:9D:B7:CE:47:54:41:3E:BF:DA:EA:45:88:8B:42
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/1bbf117d-2531-42a6-b595-4c38287c1d36.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:e2:8f:68:c5:b4:75:f6:75:cb:79:d1:15:29:97:ad:58:6a:
         21:b3:00:ef:b5:89:40:64:bf:ce:c6:a2:c5:1d:ee:57:8e:52:
         df:ec:87:e6:58:d8:1d:9d:73:9c:2d:8b:d5:05:f2:a0:db:24:
         d3:a4:3d:ce:e9:7a:72:cc:4c:92:f9:68:41:1d:d7:f8:d0:a3:
         77:ff:2c:24:fa:f0:66:37:73:e1:f4:e2:3b:88:99:25:12:49:
         3a:a2:7a:1b:20:f5:d7:37:18:f1:e6:5f:5d:d7:7f:1f:9e:4c:
         d5:af:e1:d1:e0:d5:60:50:4f:3e:8b:87:bf:a1:9e:f8:92:d0:
         36:6e:8c:77:bc:4d:30:9e:55:cb:5c:c8:ce:ad:8a:da:30:0d:
         b0:86:a5:db:30:1b:3e:87:20:08:c9:3f:b1:bc:3f:4f:c8:1b:
         01:42:01:c2:74:5d:55:38:14:8d:11:a5:57:8b:08:39:84:21:
         33:08:95:5a:af:35:9e:2f:df:26:ec:54:58:a1:7c:6f:c9:ca:
         b2:10:8a:d2:38:be:01:1a:da:84:14:f7:20:d6:d6:27:b4:18:
         41:6a:77:cf:43:dd:de:17:7d:0b:04:c9:f9:66:bc:0a:62:b6:
         d3:5c:60:46:33:18:3b:b5:06:28:84:52:2a:af:9b:d9:26:73:
         19:0f:93:65
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMKq/uNK/sO6fT0WWI+olj4BIgIowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUxMDA2MTcyMDA4WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AwYjQ1NzliMDVmMDlmN2ZmYWQxNzdmMzI4ODJlZTVjMDBj
ZTI4YjBhMDhhNzRjYTlmMzY1YTQ1MWI5NWYwZTcxMS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKS8FzbvU8hKLCozFm/uqW/Ve+ah1foinW0FZddMzRNgsc
iT7sZcmx7T7pCBZ7U3NthKHPQJ6OuNkXcenKcryI6UhNz2pcJpSHbw1sCyQ+zzlj
uDr74VJg06eXI9gqPSe42f3TTmfunVjN/jnyWiluW9YcPvxt+PNK7t0aC7P2mfUJ
vrL0xswnnUZlIW+Tdc/Z2vMfBzt990Vq9nmzT7MBkmGfKuFqUb5prnhvP/lH5GWd
l8lM1h9St1jCb0hRJgbegac9nPlkED0QdXWMNftmnyJmiPKSHLZY3EMNo09mA38W
qEx5gfFTYQ5iHsH5s1APwvJspTq+iDyV0Qe8o4d/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUCny+zsYlnbfOR1RBPr/a6kWIi0IwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyLzFiYmYxMTdkLTI1MzEtNDJhNi1iNTk1LTRjMzgyODdjMWQzNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAjYAUwDQYJKoZIhvcNAQELBQADggEBAE/ij2jFtHX2dct50RUpl61YaiGz
AO+1iUBkv87GosUd7leOUt/sh+ZY2B2dc5wti9UF8qDbJNOkPc7penLMTJL5aEEd
1/jQo3f/LCT68GY3c+H04juImSUSSTqiehsg9dc3GPHmX13Xfx+eTNWv4dHg1WBQ
Tz6Lh7+hnviS0DZujHe8TTCeVctcyM6titowDbCGpdswGz6HIAjJP7G8P0/IGwFC
AcJ0XVU4FI0RpVeLCDmEITMIlVqvNZ4v3ybsVFihfG/JyrIQitI4vgEa2oQU9yDW
1ie0GEFqd89D3d4XfQsEyflmvApittNcYEYzGDu1BiiEUiqvm9kmcxkPk2U=
-----END CERTIFICATE-----