Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/2b15c9d1-408d-403d-9973-829e5c92c101.roa
File:                     2b15c9d1-408d-403d-9973-829e5c92c101.roa (raw, json)
Hash identifier:          39zj1MMKyvtHFww6DyuLeErXJuuEklV0qAJQSqXrYTI=
Subject key identifier:   C4:14:4B:DC:67:E0:B5:4B:D7:59:C9:94:77:13:88:11:68:BC:BF:F4
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       4124C16D96409CE213004D0767F6F94925E91354
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/2b15c9d1-408d-403d-9973-829e5c92c101.roa
Signing time:             Fri 15 Aug 2025 15:30:56 +0000
ROA not before:           Fri 15 Aug 2025 15:30:56 +0000
ROA not after:            Fri 19 Sep 2025 23:59:59 +0000
asID:                     801
IP address blocks:        35.96.26.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:24:c1:6d:96:40:9c:e2:13:00:4d:07:67:f6:f9:49:25:e9:13:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Aug 15 15:30:56 2025 GMT
            Not After : Sep 19 23:59:59 2025 GMT
        Subject: serialNumber=727e297a50ee24278fd801ea8b363434805f004eab428bd8d603c737fae786e0, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:3c:29:0a:b4:77:e2:d5:2b:cc:61:15:ac:dd:
                    02:ad:55:c4:54:3a:36:99:ee:bb:b1:30:d9:6b:de:
                    fb:11:33:e8:7f:b7:72:ed:76:2f:f6:cd:0c:7d:9b:
                    84:28:36:fe:92:99:8c:a4:ac:18:18:79:96:ee:cd:
                    ff:69:27:e9:91:c9:c5:4e:f3:33:b1:b0:17:a0:e9:
                    fa:44:4a:3f:99:a0:dc:c7:a8:a1:da:c9:2f:65:3b:
                    bf:6d:db:d8:5b:b3:42:22:36:30:2e:28:03:8c:a9:
                    3c:5f:7f:7d:36:6d:3e:ce:3e:e6:20:13:28:ca:e8:
                    62:97:5b:c3:df:39:22:de:31:1d:f6:77:51:dc:08:
                    21:66:3e:e7:3d:4e:d6:c3:13:d6:21:b8:a7:66:6e:
                    80:96:77:3c:cf:f2:de:23:a4:ef:51:98:b8:1e:1e:
                    e3:a3:c9:8b:00:ff:06:1f:f9:19:cc:e4:ca:10:5e:
                    82:a2:07:34:52:64:c0:73:f2:e0:97:62:84:85:8c:
                    96:3f:a1:7a:e3:8b:09:8a:3e:95:5b:b4:93:f7:d6:
                    da:0d:60:93:7a:76:c5:00:73:c8:d0:5f:68:b8:2b:
                    7d:f4:7e:5d:2b:5e:ca:aa:82:08:11:e5:a5:34:14:
                    28:d4:c0:d2:63:df:8f:a2:21:43:1c:2a:63:a5:99:
                    b0:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:14:4B:DC:67:E0:B5:4B:D7:59:C9:94:77:13:88:11:68:BC:BF:F4
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/2b15c9d1-408d-403d-9973-829e5c92c101.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.26.0/23

    Signature Algorithm: sha256WithRSAEncryption
         39:98:78:3f:9c:90:9e:6d:5b:9f:b6:5e:a3:77:2e:86:f4:83:
         ae:7a:ab:33:0e:06:66:fe:40:36:25:c6:d9:ef:a7:75:53:55:
         f6:fb:df:61:ee:03:6e:c4:34:f8:65:fb:9b:ee:16:09:79:ff:
         bf:3e:c2:6e:2a:5b:02:4b:a6:66:3b:4a:06:a3:fb:9b:52:80:
         c5:5c:41:63:91:37:8e:39:75:b4:06:10:ba:a4:3f:69:20:28:
         c1:7a:f3:4f:24:fc:b0:ee:1b:d9:40:68:99:f2:ca:a3:e9:34:
         e6:47:07:9a:89:26:9d:ba:fe:65:81:3a:68:62:68:04:9f:19:
         1f:d0:fb:3a:a3:fc:dc:24:ec:45:00:37:fa:77:91:1d:62:ea:
         22:f0:a5:39:7d:d4:f6:0b:41:a6:79:c0:e0:22:69:70:d0:f4:
         fe:d1:13:7b:44:7f:6d:b9:dc:f9:e3:ad:c4:f4:73:19:4c:e9:
         42:ff:ea:97:97:04:05:c3:e1:45:60:3d:ae:5c:1c:22:51:ac:
         25:c5:eb:11:1d:f5:74:ae:75:e1:3a:01:55:8f:78:ac:c0:4b:
         ea:48:10:d7:97:e2:e1:c5:1e:ea:d7:46:ff:66:1a:a1:1f:2b:
         b2:71:3f:54:ff:7b:5a:f8:ec:57:c8:ed:40:cc:05:b3:8d:8d:
         ea:aa:db:8a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQSTBbZZAnOITAE0HZ/b5SSXpE1QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwODE1MTUzMDU2WhcNMjUwOTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MjdlMjk3YTUwZWUyNDI3OGZkODAxZWE4YjM2MzQzNDgw
NWYwMDRlYWI0MjhiZDhkNjAzYzczN2ZhZTc4NmUwMS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDfPCkKtHfi1SvMYRWs3QKtVcRUOjaZ7ruxMNlr3vsRM+h/
t3Ltdi/2zQx9m4QoNv6SmYykrBgYeZbuzf9pJ+mRycVO8zOxsBeg6fpESj+ZoNzH
qKHayS9lO79t29hbs0IiNjAuKAOMqTxff302bT7OPuYgEyjK6GKXW8PfOSLeMR32
d1HcCCFmPuc9TtbDE9YhuKdmboCWdzzP8t4jpO9RmLgeHuOjyYsA/wYf+RnM5MoQ
XoKiBzRSZMBz8uCXYoSFjJY/oXrjiwmKPpVbtJP31toNYJN6dsUAc8jQX2i4K330
fl0rXsqqgggR5aU0FCjUwNJj34+iIUMcKmOlmbAFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUxBRL3GfgtUvXWcmUdxOIEWi8v/QwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyLzJiMTVjOWQxLTQwOGQtNDAzZC05OTczLTgyOWU1YzkyYzEwMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEjYBowDQYJKoZIhvcNAQELBQADggEBADmYeD+ckJ5tW5+2XqN3Lob0g656
qzMOBmb+QDYlxtnvp3VTVfb732HuA27ENPhl+5vuFgl5/78+wm4qWwJLpmY7Sgaj
+5tSgMVcQWORN445dbQGELqkP2kgKMF6808k/LDuG9lAaJnyyqPpNOZHB5qJJp26
/mWBOmhiaASfGR/Q+zqj/Nwk7EUAN/p3kR1i6iLwpTl91PYLQaZ5wOAiaXDQ9P7R
E3tEf2253PnjrcT0cxlM6UL/6peXBAXD4UVgPa5cHCJRrCXF6xEd9XSudeE6AVWP
eKzAS+pIENeX4uHFHurXRv9mGqEfK7JxP1T/e1r47FfI7UDMBbONjeqq24o=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:57:19 2025 by rpki-client