Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/2800c70c-6ec1-4d86-a916-4850deb2dfaa.roa
File:                     2800c70c-6ec1-4d86-a916-4850deb2dfaa.roa (raw, json)
Hash identifier:          zSHUd2fICvTqxU+MA1cm12cNjV6RpVRSb9L7I4qSzec=
Subject key identifier:   3E:F5:76:AC:02:BD:1B:18:06:6B:70:6E:88:81:9C:4A:5B:09:0B:7E
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       0C4E7C5C582017B700162552CDFFD33A96E22512
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/2800c70c-6ec1-4d86-a916-4850deb2dfaa.roa
Signing time:             Fri 10 Oct 2025 17:05:12 +0000
ROA not before:           Fri 10 Oct 2025 17:05:12 +0000
ROA not after:            Fri 14 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        35.96.8.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:4e:7c:5c:58:20:17:b7:00:16:25:52:cd:ff:d3:3a:96:e2:25:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Oct 10 17:05:12 2025 GMT
            Not After : Nov 14 23:59:59 2025 GMT
        Subject: serialNumber=648539c9c510675e92eef1dee9529365ef62c4d3f6ae59db33974f053eb889e5, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:e0:dc:72:f3:40:d8:91:0f:57:23:0c:5b:4a:
                    f4:bf:20:b0:48:7a:4c:71:db:8a:3f:fa:69:3d:f0:
                    dd:52:ed:9e:8d:49:47:8f:13:4b:7b:81:39:b1:f3:
                    96:cf:53:8e:b3:ec:7c:a9:09:98:6b:66:52:fb:49:
                    5f:bc:7d:f9:e7:f4:0f:f9:83:69:30:8a:84:12:a1:
                    dc:6e:e9:87:db:ef:9a:d2:fd:60:61:0e:49:62:e4:
                    ce:d3:e2:92:97:92:1b:eb:b0:02:43:f1:5d:70:d6:
                    c4:67:8b:8e:40:a5:7e:d0:e9:98:33:6f:55:bf:f8:
                    c1:5d:12:75:ba:b7:02:b0:cf:18:1b:f4:f1:4b:19:
                    97:c7:9d:f9:36:8f:89:36:46:20:77:eb:bf:c0:87:
                    75:14:3b:ea:c2:ff:5d:e8:e8:86:b0:4d:08:9b:aa:
                    bc:68:66:b5:f6:d2:6f:48:31:6d:ae:34:ed:9f:13:
                    4b:87:1e:8f:85:8c:12:8d:d1:4e:96:b1:b1:b0:29:
                    12:ba:69:db:6c:89:b1:37:20:02:34:7a:a7:81:ba:
                    ad:29:3e:04:8b:24:3c:b5:c1:c3:c4:67:db:a6:54:
                    a2:a6:99:26:1f:f7:d0:32:65:71:d2:76:2a:33:5e:
                    76:bb:18:af:d5:7a:2e:4f:e0:0f:87:6b:42:9b:33:
                    f0:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:F5:76:AC:02:BD:1B:18:06:6B:70:6E:88:81:9C:4A:5B:09:0B:7E
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/2800c70c-6ec1-4d86-a916-4850deb2dfaa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:3b:b3:9e:69:21:72:e8:22:21:fc:0b:29:d8:d2:ea:17:a3:
         b6:c0:da:bb:80:61:a1:72:3c:c2:15:6f:74:13:25:57:e4:6d:
         46:37:25:31:42:72:a7:1b:d3:0e:0b:d4:2f:3f:7c:ee:1c:6f:
         9f:f7:b3:30:d7:fe:01:06:af:3d:54:25:70:66:88:1d:49:35:
         c5:e3:ae:40:c4:0c:de:3a:ba:06:5b:63:e1:86:70:46:f3:68:
         8e:dc:42:c3:65:51:f2:a4:c6:bb:e3:2e:a5:7e:ea:88:8c:97:
         93:e7:fb:39:2f:bd:c8:7d:b2:39:1f:dc:0a:b8:9a:15:16:08:
         c1:90:b4:49:76:56:e0:19:51:ee:fe:04:62:d1:9c:07:ac:2f:
         3d:43:51:f6:e5:f1:ac:15:7d:3e:96:b1:dd:4d:bb:bd:67:f6:
         7a:7a:93:8f:a3:45:43:da:0d:d8:11:57:b1:c9:4f:19:3e:c6:
         b6:b3:cf:d9:9b:03:61:c4:ba:fd:70:c5:f2:f8:6a:b8:9a:90:
         c9:0b:30:ec:36:84:7e:44:8d:a3:36:59:75:e8:ca:cc:5c:08:
         56:39:c2:58:11:2b:cc:d1:63:f4:7a:28:61:a5:19:71:e3:a9:
         e0:76:9e:48:7c:93:34:01:0b:39:3a:84:d2:cc:d2:97:81:76:
         10:ab:54:ce
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDE58XFggF7cAFiVSzf/TOpbiJRIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUxMDEwMTcwNTEyWhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A2NDg1MzljOWM1MTA2NzVlOTJlZWYxZGVlOTUyOTM2NWVm
NjJjNGQzZjZhZTU5ZGIzMzk3NGYwNTNlYjg4OWU1MS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCt4Nxy80DYkQ9XIwxbSvS/ILBIekxx24o/+mk98N1S7Z6N
SUePE0t7gTmx85bPU46z7HypCZhrZlL7SV+8ffnn9A/5g2kwioQSodxu6Yfb75rS
/WBhDkli5M7T4pKXkhvrsAJD8V1w1sRni45ApX7Q6Zgzb1W/+MFdEnW6twKwzxgb
9PFLGZfHnfk2j4k2RiB367/Ah3UUO+rC/13o6IawTQibqrxoZrX20m9IMW2uNO2f
E0uHHo+FjBKN0U6WsbGwKRK6adtsibE3IAI0eqeBuq0pPgSLJDy1wcPEZ9umVKKm
mSYf99AyZXHSdiozXna7GK/Vei5P4A+Ha0KbM/AZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUPvV2rAK9GxgGa3BuiIGcSlsJC34wHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyLzI4MDBjNzBjLTZlYzEtNGQ4Ni1hOTE2LTQ4NTBkZWIyZGZhYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAjYAgwDQYJKoZIhvcNAQELBQADggEBAIQ7s55pIXLoIiH8CynY0uoXo7bA
2ruAYaFyPMIVb3QTJVfkbUY3JTFCcqcb0w4L1C8/fO4cb5/3szDX/gEGrz1UJXBm
iB1JNcXjrkDEDN46ugZbY+GGcEbzaI7cQsNlUfKkxrvjLqV+6oiMl5Pn+zkvvch9
sjkf3Aq4mhUWCMGQtEl2VuAZUe7+BGLRnAesLz1DUfbl8awVfT6Wsd1Nu71n9np6
k4+jRUPaDdgRV7HJTxk+xrazz9mbA2HEuv1wxfL4ariakMkLMOw2hH5EjaM2WXXo
ysxcCFY5wlgRK8zRY/R6KGGlGXHjqeB2nkh8kzQBCzk6hNLM0peBdhCrVM4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:02:07 2025 by rpki-client