Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/6b90b1f9-6b22-4e82-af32-2981da75246a.roa
File:                     6b90b1f9-6b22-4e82-af32-2981da75246a.roa (raw, json)
Hash identifier:          8OOJDmFDKLgzSSLK5NgMPRkm7GweYcgbmP4WZdC+K9o=
Subject key identifier:   AD:B4:91:C7:7E:9C:FC:C8:5D:14:3F:2F:36:C4:83:09:9B:0C:1B:52
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       698D404C4C5944C6DAF98DD1F3F48F94A8A716BF
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/6b90b1f9-6b22-4e82-af32-2981da75246a.roa
Signing time:             Fri 10 Oct 2025 17:04:52 +0000
ROA not before:           Fri 10 Oct 2025 17:04:52 +0000
ROA not after:            Fri 14 Nov 2025 23:59:59 +0000
asID:                     801
IP address blocks:        35.96.33.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:8d:40:4c:4c:59:44:c6:da:f9:8d:d1:f3:f4:8f:94:a8:a7:16:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Oct 10 17:04:52 2025 GMT
            Not After : Nov 14 23:59:59 2025 GMT
        Subject: serialNumber=3bdf01ebab3d61951ce742a1a7a69610165c605cd8b95b5f4b6eea09ed0e3059, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:9b:55:cd:a2:6f:68:f3:96:63:c0:97:6c:55:
                    e8:98:ac:fb:77:7d:cd:2c:19:a5:b6:80:74:f5:88:
                    ac:b5:7f:70:37:7c:fe:4a:9a:d3:e8:14:b5:9c:9f:
                    ee:36:64:29:ec:2c:e0:51:3e:33:c3:c3:8b:ac:6e:
                    7d:f6:3b:5c:f1:04:05:a1:01:24:91:dd:7f:1c:51:
                    7d:c3:a9:f0:cb:b8:b0:bd:7f:ab:09:5d:39:bf:f1:
                    e9:ea:f6:4f:32:ee:c0:79:31:bc:b2:aa:36:10:92:
                    fb:ee:42:7c:8f:f1:c5:e2:b8:fc:df:25:4f:62:2b:
                    f5:27:39:c3:41:d0:86:b3:7d:90:45:57:3b:dc:90:
                    14:73:4c:43:68:aa:29:88:17:ab:a6:2c:0c:18:da:
                    24:d2:18:68:73:4f:84:ec:0d:f6:d2:d9:0a:e7:65:
                    05:34:c5:df:28:d5:cb:f1:6e:1e:74:97:a1:c6:07:
                    a6:66:f5:c3:b8:95:c9:ac:eb:c3:18:d4:ec:4b:5a:
                    6b:50:77:ba:21:0f:01:de:4e:8a:a4:92:70:14:32:
                    b0:77:81:31:1a:5a:d9:50:58:e1:e3:e2:53:ef:fd:
                    20:0e:92:24:0d:7f:3e:f4:bc:e0:05:34:6e:88:11:
                    65:d5:20:23:b7:16:f4:87:60:04:b9:75:9d:a2:55:
                    45:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:B4:91:C7:7E:9C:FC:C8:5D:14:3F:2F:36:C4:83:09:9B:0C:1B:52
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/6b90b1f9-6b22-4e82-af32-2981da75246a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:6b:73:55:14:ec:30:f2:87:37:80:2f:e4:20:86:35:3d:25:
         ff:cf:e3:7a:4a:10:19:f3:73:72:dd:d0:a9:5c:96:59:b0:a7:
         57:cf:e0:69:d3:fa:01:cc:db:a1:6d:aa:eb:bf:d3:6a:dd:8a:
         d3:64:04:7a:36:a9:6b:95:4a:78:fe:7b:80:ff:20:65:60:4b:
         e5:60:5e:1d:c3:a9:c2:72:d8:7c:87:4b:56:89:e6:b4:79:33:
         9f:cc:e2:28:f2:3c:37:20:6b:dc:9e:74:b6:95:79:ea:ef:9c:
         30:ad:80:2e:cc:1f:c8:9b:8a:9a:d8:7a:5d:6d:fd:a5:66:5a:
         76:6d:65:63:b6:0d:a4:6b:d6:78:44:4e:c6:df:d4:75:6f:8a:
         71:35:fd:c2:b3:93:6b:a9:60:a8:7a:ef:c5:7f:38:51:f0:ec:
         b4:44:78:5f:54:f4:21:2b:80:69:b6:7d:35:d0:9c:2f:5d:e6:
         72:ab:74:d6:4c:8f:0b:44:98:bf:e2:84:82:44:67:aa:6e:55:
         96:1c:57:d5:5c:b8:f0:e5:40:1c:58:63:ac:f9:e3:a6:f0:9f:
         cb:d5:91:be:3a:46:28:f3:ed:e0:6a:35:2b:75:b8:e7:60:96:
         fe:76:11:82:f4:1f:c5:cb:27:be:63:9d:d0:a5:03:5e:b1:d6:
         fe:18:84:4a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUaY1ATExZRMba+Y3R8/SPlKinFr8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUxMDEwMTcwNDUyWhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AzYmRmMDFlYmFiM2Q2MTk1MWNlNzQyYTFhN2E2OTYxMDE2
NWM2MDVjZDhiOTViNWY0YjZlZWEwOWVkMGUzMDU5MS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDpm1XNom9o85ZjwJdsVeiYrPt3fc0sGaW2gHT1iKy1f3A3
fP5KmtPoFLWcn+42ZCnsLOBRPjPDw4usbn32O1zxBAWhASSR3X8cUX3DqfDLuLC9
f6sJXTm/8enq9k8y7sB5MbyyqjYQkvvuQnyP8cXiuPzfJU9iK/UnOcNB0IazfZBF
VzvckBRzTENoqimIF6umLAwY2iTSGGhzT4TsDfbS2QrnZQU0xd8o1cvxbh50l6HG
B6Zm9cO4lcms68MY1OxLWmtQd7ohDwHeToqkknAUMrB3gTEaWtlQWOHj4lPv/SAO
kiQNfz70vOAFNG6IEWXVICO3FvSHYAS5dZ2iVUXZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUrbSRx36c/MhdFD8vNsSDCZsMG1IwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyLzZiOTBiMWY5LTZiMjItNGU4Mi1hZjMyLTI5ODFkYTc1MjQ2YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAjYCEwDQYJKoZIhvcNAQELBQADggEBAFVrc1UU7DDyhzeAL+QghjU9Jf/P
43pKEBnzc3Ld0Klcllmwp1fP4GnT+gHM26Ftquu/02rditNkBHo2qWuVSnj+e4D/
IGVgS+VgXh3DqcJy2HyHS1aJ5rR5M5/M4ijyPDcga9yedLaVeervnDCtgC7MH8ib
iprYel1t/aVmWnZtZWO2DaRr1nhETsbf1HVvinE1/cKzk2upYKh678V/OFHw7LRE
eF9U9CErgGm2fTXQnC9d5nKrdNZMjwtEmL/ihIJEZ6puVZYcV9VcuPDlQBxYY6z5
46bwn8vVkb46Rijz7eBqNSt1uOdglv52EYL0H8XLJ75jndClA16x1v4YhEo=
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:47:50 2025 by rpki-client