Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/44f47a87-fa5e-4db0-bb12-60c873b8710c.roa
File:                     44f47a87-fa5e-4db0-bb12-60c873b8710c.roa (raw, json)
Hash identifier:          J3bw0PpFHTMGKrf/98RMcfuOYMtqorY+uGCbBJRFXYQ=
Subject key identifier:   9E:95:26:04:5A:0A:54:6B:5D:A2:13:49:AA:B9:2F:54:3B:EF:48:25
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       16C96AAF85F216405F28E75324984F66C94D7067
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/44f47a87-fa5e-4db0-bb12-60c873b8710c.roa
Signing time:             Fri 10 Oct 2025 17:04:55 +0000
ROA not before:           Fri 10 Oct 2025 17:04:55 +0000
ROA not after:            Fri 14 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        35.96.32.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:c9:6a:af:85:f2:16:40:5f:28:e7:53:24:98:4f:66:c9:4d:70:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Oct 10 17:04:55 2025 GMT
            Not After : Nov 14 23:59:59 2025 GMT
        Subject: serialNumber=2da14ed5d7617072b23fee8dcd6ef30ef96398c4b2edc7718c7ee7a16ea50467, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:d0:e4:c8:bc:3f:35:83:cd:c0:15:d2:de:c6:
                    d8:e3:35:eb:6d:76:71:96:ff:52:17:60:c5:24:90:
                    fe:13:19:42:55:df:64:c5:de:b3:0d:e3:f4:69:f7:
                    48:5d:d7:39:1f:71:4d:84:d3:ce:48:40:ce:c5:da:
                    be:1e:f4:f9:87:cd:7b:f9:c7:55:c4:12:73:52:3e:
                    dc:40:08:98:51:11:b9:56:23:4b:06:f9:67:de:1b:
                    9f:cc:68:ff:b9:93:1c:24:1c:0a:5f:da:64:5d:38:
                    95:09:cc:8a:36:14:9b:66:ca:5f:ad:fb:43:13:f5:
                    ab:da:27:ff:f4:c8:72:af:6f:ad:f7:24:54:6b:ee:
                    de:fd:32:59:58:4a:8c:4d:ec:2e:91:ac:15:e5:81:
                    dd:09:06:86:c0:fc:f1:18:4d:5f:88:e9:65:7f:30:
                    bb:de:4d:8e:fb:ba:bb:48:9c:f9:38:4c:a9:45:ce:
                    c0:5e:a1:64:6a:bd:7d:81:00:76:22:1b:f9:1a:7b:
                    e0:0e:2b:93:1c:86:e0:ea:dc:e8:39:35:90:d5:6c:
                    5b:41:c9:cf:34:b7:68:fa:1f:bf:53:e7:db:cf:e9:
                    86:36:c8:31:ba:a8:20:77:91:08:f7:dc:f8:23:66:
                    72:6b:80:10:31:73:ba:44:d1:b0:29:c7:99:b8:dc:
                    8b:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:95:26:04:5A:0A:54:6B:5D:A2:13:49:AA:B9:2F:54:3B:EF:48:25
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/44f47a87-fa5e-4db0-bb12-60c873b8710c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.32.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:71:44:84:7c:0e:3a:64:03:e3:f9:14:89:99:b4:c7:0f:31:
         2c:ce:36:a8:6a:de:d1:38:0d:0e:8a:fe:98:01:b5:45:a2:3d:
         11:d8:f1:81:77:dd:b7:f4:0d:2d:af:b5:00:20:b0:e5:71:6d:
         f6:ae:55:47:07:bd:29:56:1c:fc:e5:08:e9:a6:ba:0f:0f:9b:
         9d:f9:8e:0f:9f:ec:f0:df:d3:1e:3c:b4:f7:95:74:b3:da:ea:
         fa:cf:1f:b0:78:48:4b:b9:55:86:60:7c:eb:eb:01:90:01:92:
         62:f3:16:a5:6c:09:fc:21:c2:32:fc:ed:85:e3:d4:09:96:9c:
         3c:10:7e:ba:a0:ef:b9:a6:30:f7:ea:66:f2:de:6f:ab:62:20:
         fd:b9:e6:2f:09:cb:b2:64:dc:f2:b9:7e:e9:dc:71:86:db:04:
         73:dc:c4:a2:e1:fc:ae:eb:5b:85:89:a7:23:8c:21:6c:cf:d6:
         fe:6d:7f:ad:e2:da:0f:fd:21:c9:d7:f9:87:01:bd:e0:1f:b5:
         af:52:be:62:32:65:38:fa:d6:2c:f0:19:c1:38:3d:f9:f1:12:
         16:bb:9d:78:3a:23:5c:a5:16:c7:38:e4:76:8e:d8:cd:05:62:
         b1:c7:ac:63:e4:92:bc:5a:dc:eb:3d:ed:81:6d:b6:9a:8a:23:
         5f:9a:08:23
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFslqr4XyFkBfKOdTJJhPZslNcGcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUxMDEwMTcwNDU1WhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AyZGExNGVkNWQ3NjE3MDcyYjIzZmVlOGRjZDZlZjMwZWY5
NjM5OGM0YjJlZGM3NzE4YzdlZTdhMTZlYTUwNDY3MS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDA0OTIvD81g83AFdLextjjNettdnGW/1IXYMUkkP4TGUJV
32TF3rMN4/Rp90hd1zkfcU2E085IQM7F2r4e9PmHzXv5x1XEEnNSPtxACJhREblW
I0sG+WfeG5/MaP+5kxwkHApf2mRdOJUJzIo2FJtmyl+t+0MT9avaJ//0yHKvb633
JFRr7t79MllYSoxN7C6RrBXlgd0JBobA/PEYTV+I6WV/MLveTY77urtInPk4TKlF
zsBeoWRqvX2BAHYiG/kae+AOK5MchuDq3Og5NZDVbFtByc80t2j6H79T59vP6YY2
yDG6qCB3kQj33PgjZnJrgBAxc7pE0bApx5m43IsNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUnpUmBFoKVGtdohNJqrkvVDvvSCUwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyLzQ0ZjQ3YTg3LWZhNWUtNGRiMC1iYjEyLTYwYzg3M2I4NzEwYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAjYCAwDQYJKoZIhvcNAQELBQADggEBAFNxRIR8DjpkA+P5FImZtMcPMSzO
Nqhq3tE4DQ6K/pgBtUWiPRHY8YF33bf0DS2vtQAgsOVxbfauVUcHvSlWHPzlCOmm
ug8Pm535jg+f7PDf0x48tPeVdLPa6vrPH7B4SEu5VYZgfOvrAZABkmLzFqVsCfwh
wjL87YXj1AmWnDwQfrqg77mmMPfqZvLeb6tiIP255i8Jy7Jk3PK5funccYbbBHPc
xKLh/K7rW4WJpyOMIWzP1v5tf63i2g/9IcnX+YcBveAfta9SvmIyZTj61izwGcE4
PfnxEha7nXg6I1ylFsc45HaO2M0FYrHHrGPkkrxa3Os97YFttpqKI1+aCCM=
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:18:00 2025 by rpki-client