Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/2b15c9d1-408d-403d-9973-829e5c92c101.roa
File:                     2b15c9d1-408d-403d-9973-829e5c92c101.roa (raw, json)
Hash identifier:          T2ZSL08Vn0Svh/Z+Cr7hzV086fUjA+Ng1QSIhFBEvAY=
Subject key identifier:   92:58:7A:B0:60:52:4A:D4:55:AC:52:45:D1:2D:18:CB:F0:69:0F:7B
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       182C798881252F6E8F15F64636941E52232C2C24
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/2b15c9d1-408d-403d-9973-829e5c92c101.roa
Signing time:             Mon 06 Oct 2025 17:37:49 +0000
ROA not before:           Mon 06 Oct 2025 17:37:49 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     801
IP address blocks:        35.96.26.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:2c:79:88:81:25:2f:6e:8f:15:f6:46:36:94:1e:52:23:2c:2c:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Oct  6 17:37:49 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=7dcc1a678fef674e8246d8223a3af1ef0b1371f3abc59749b6e0616f323d79f1, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:c5:53:f2:e0:ab:79:0f:bd:53:f6:03:e1:5c:
                    2d:0e:2e:98:35:ea:17:09:06:05:25:73:36:6c:4a:
                    c0:64:36:5d:98:c3:03:64:cb:ed:3e:d4:61:59:1c:
                    9c:43:42:3f:02:84:48:64:9b:0a:cd:16:47:7a:4a:
                    b0:72:79:14:f6:c0:a4:f1:42:0e:63:49:93:b9:0f:
                    3d:65:06:83:c6:f7:52:ed:7b:b8:9c:19:c3:dd:1c:
                    98:18:77:98:20:56:83:37:a5:af:3a:ec:59:0d:86:
                    4d:ed:80:a6:b5:22:83:37:d7:ea:00:76:4e:80:7c:
                    89:19:e4:e0:e9:a5:d7:d9:56:71:8c:d9:08:ea:8d:
                    ba:e3:dc:c8:75:9f:3b:65:7f:df:34:8f:8c:c3:01:
                    b6:85:6c:1f:02:60:ab:e4:48:b3:ca:bf:8c:1c:8a:
                    93:a7:13:78:5b:3d:30:da:78:87:b1:e0:05:f8:a1:
                    7e:3b:02:7b:9d:52:1b:03:1c:63:9c:05:43:0a:ff:
                    c2:f3:de:9b:47:b1:4b:ab:1a:56:dc:0c:8d:10:4e:
                    f7:86:81:48:ec:27:8f:dc:bc:2b:8d:62:db:ac:7e:
                    96:8b:97:21:9c:1e:3b:dc:26:69:04:f6:34:0d:1a:
                    84:c2:47:01:05:4e:00:8f:60:2e:ee:40:b5:68:93:
                    91:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:58:7A:B0:60:52:4A:D4:55:AC:52:45:D1:2D:18:CB:F0:69:0F:7B
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/2b15c9d1-408d-403d-9973-829e5c92c101.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.26.0/23

    Signature Algorithm: sha256WithRSAEncryption
         04:7c:68:f1:ce:f9:df:c8:56:b7:ff:ca:f7:3b:fb:43:ca:07:
         46:cc:18:45:19:9b:f4:d2:e0:30:0a:0e:f4:7f:2e:f1:08:46:
         17:d2:1e:94:51:a3:7d:cc:ae:cc:fb:ec:4e:93:05:15:3a:99:
         14:16:58:cb:52:38:d8:1b:e2:ec:29:33:80:f4:7d:70:1a:89:
         52:0e:c3:83:3e:3c:83:45:20:2f:d7:0a:41:31:e7:0b:01:ec:
         2b:14:78:fe:09:44:17:98:62:99:a4:c2:34:15:1a:3d:c0:c0:
         b5:e5:61:a7:1b:e5:95:ad:26:60:fe:66:5a:7c:fc:6e:e1:e6:
         60:d4:72:3d:3f:08:9a:a0:0b:f4:ed:9f:d4:55:5b:c9:f1:53:
         32:57:d7:8e:6c:72:fa:08:1f:ac:c0:a6:6f:24:63:d8:6e:ec:
         4e:c1:d8:4b:a5:d0:54:89:c4:87:79:e6:6f:a8:86:e5:24:cb:
         68:09:3c:18:06:18:6b:74:0e:67:e8:6c:13:5c:ae:eb:6c:c7:
         ab:8a:f3:91:c1:02:d7:c1:1c:66:cc:36:69:26:a9:93:c9:05:
         0e:f7:27:88:7e:e7:75:ec:8b:d3:eb:18:7d:3a:8d:52:49:c8:
         41:65:c7:11:d3:e7:b4:9f:a8:2b:9b:9a:06:39:db:0b:5a:e7:
         ae:db:80:0d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGCx5iIElL26PFfZGNpQeUiMsLCQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUxMDA2MTczNzQ5WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZGNjMWE2NzhmZWY2NzRlODI0NmQ4MjIzYTNhZjFlZjBi
MTM3MWYzYWJjNTk3NDliNmUwNjE2ZjMyM2Q3OWYxMS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1xVPy4Kt5D71T9gPhXC0OLpg16hcJBgUlczZsSsBkNl2Y
wwNky+0+1GFZHJxDQj8ChEhkmwrNFkd6SrByeRT2wKTxQg5jSZO5Dz1lBoPG91Lt
e7icGcPdHJgYd5ggVoM3pa867FkNhk3tgKa1IoM31+oAdk6AfIkZ5ODppdfZVnGM
2Qjqjbrj3Mh1nztlf980j4zDAbaFbB8CYKvkSLPKv4wcipOnE3hbPTDaeIex4AX4
oX47AnudUhsDHGOcBUMK/8Lz3ptHsUurGlbcDI0QTveGgUjsJ4/cvCuNYtusfpaL
lyGcHjvcJmkE9jQNGoTCRwEFTgCPYC7uQLVok5HnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUklh6sGBSStRVrFJF0S0Yy/BpD3swHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyLzJiMTVjOWQxLTQwOGQtNDAzZC05OTczLTgyOWU1YzkyYzEwMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEjYBowDQYJKoZIhvcNAQELBQADggEBAAR8aPHO+d/IVrf/yvc7+0PKB0bM
GEUZm/TS4DAKDvR/LvEIRhfSHpRRo33Mrsz77E6TBRU6mRQWWMtSONgb4uwpM4D0
fXAaiVIOw4M+PINFIC/XCkEx5wsB7CsUeP4JRBeYYpmkwjQVGj3AwLXlYacb5ZWt
JmD+Zlp8/G7h5mDUcj0/CJqgC/Ttn9RVW8nxUzJX145scvoIH6zApm8kY9hu7E7B
2Eul0FSJxId55m+ohuUky2gJPBgGGGt0DmfobBNcrutsx6uK85HBAtfBHGbMNmkm
qZPJBQ73J4h+53Xsi9PrGH06jVJJyEFlxxHT57SfqCubmgY52wta567bgA0=
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:18:10 2025 by rpki-client