Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/7081834a-8e47-41c4-b648-ecb8acc8ea5d.roa
File:                     7081834a-8e47-41c4-b648-ecb8acc8ea5d.roa (raw, json)
Hash identifier:          blS5pofe/bCL8OSJY4CDX9mc/bWei5d/2vPwr60YFeI=
Subject key identifier:   52:2C:9B:44:16:35:C2:18:72:15:55:12:DE:C3:3B:49:98:25:A3:2A
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       5333C43075638AB3334B79BF9D290303A496B504
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/7081834a-8e47-41c4-b648-ecb8acc8ea5d.roa
Signing time:             Fri 10 Oct 2025 17:05:36 +0000
ROA not before:           Fri 10 Oct 2025 17:05:36 +0000
ROA not after:            Fri 14 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        35.96.64.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:33:c4:30:75:63:8a:b3:33:4b:79:bf:9d:29:03:03:a4:96:b5:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Oct 10 17:05:36 2025 GMT
            Not After : Nov 14 23:59:59 2025 GMT
        Subject: serialNumber=c6783fd340e2f7f51f99291c8c3a4a0781450836808243124c3e7433fccd8798, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:5d:58:4e:81:05:d3:e7:c7:ed:c4:f3:24:f4:
                    d9:0b:e2:6e:b8:25:cf:59:50:19:8c:e8:69:c3:f8:
                    f7:79:00:86:31:bd:9a:96:76:16:bc:81:7d:82:27:
                    fe:4e:28:13:00:a3:22:ce:ce:dc:6f:f8:e4:9f:a7:
                    95:b4:8a:21:6d:34:6c:4b:07:ce:dc:e2:9a:15:25:
                    7a:4b:6d:f3:6c:14:fe:31:33:7c:4a:c2:33:59:71:
                    c5:23:9e:df:fd:47:aa:5f:72:56:20:13:11:4b:95:
                    27:28:80:b1:d6:d8:06:f6:91:fd:8c:13:b7:0c:27:
                    d3:f7:d9:2f:0d:70:2f:e2:7c:88:7a:a6:ea:d2:42:
                    67:6a:a0:59:45:8e:04:8a:30:f6:1a:ee:43:e4:53:
                    47:58:52:77:59:67:1b:cc:7c:d9:91:a7:23:ba:ba:
                    fb:57:de:61:24:e9:45:99:ef:63:9a:28:32:28:b0:
                    ad:85:ba:34:c6:3d:8a:4c:0f:4f:71:8c:77:b9:4d:
                    94:c8:93:a9:f6:e5:e2:20:d2:9c:57:98:25:9b:68:
                    2b:5c:3d:2a:63:f1:ba:90:4b:f2:f7:f7:1a:82:61:
                    38:44:64:c7:f3:66:a2:9a:26:5f:d2:6a:e2:cf:93:
                    36:35:f1:3b:e9:32:54:f6:99:d4:64:9c:32:cf:94:
                    3e:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:2C:9B:44:16:35:C2:18:72:15:55:12:DE:C3:3B:49:98:25:A3:2A
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/7081834a-8e47-41c4-b648-ecb8acc8ea5d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         22:1c:39:92:35:14:6c:54:a4:5b:54:4b:f6:f4:0d:d0:36:81:
         c2:33:77:5e:cf:d1:1d:a9:e5:b6:41:7a:6e:20:1d:88:d3:33:
         1e:48:68:e1:fe:93:48:97:e3:f4:10:35:73:c1:be:59:76:0b:
         10:d5:05:21:25:5d:c6:41:6a:f6:e5:ea:7e:5d:16:f9:d6:85:
         76:be:c8:f6:1e:ed:54:9b:ba:aa:14:14:3b:79:88:4e:fe:7c:
         83:65:4f:96:40:c0:84:b6:4b:ab:f2:ed:2c:43:04:75:6e:8f:
         0b:ba:16:e9:f4:e3:54:5e:aa:98:2e:fc:f6:dd:d4:98:f5:4f:
         73:c7:eb:6f:30:57:3d:b1:d6:ff:5c:31:6e:fb:b7:b2:83:19:
         21:64:4d:d8:bd:00:35:ad:ec:0a:a6:8f:f5:3e:43:33:26:80:
         a1:a7:dc:4e:01:76:e7:a8:3d:7d:69:bc:1e:a0:9b:60:2b:20:
         1b:15:64:8a:fb:43:3e:e1:ef:3b:64:18:33:08:10:18:d8:97:
         e4:55:2f:2e:44:f3:fc:ed:44:dd:ff:3e:da:88:77:84:52:85:
         04:a1:52:df:8f:20:2f:7f:f3:42:5f:ab:61:48:8a:76:2d:cc:
         5f:86:92:6f:74:30:e4:1f:0e:7b:48:d5:2f:b3:6e:0f:e2:18:
         4b:e0:de:08
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUzPEMHVjirMzS3m/nSkDA6SWtQQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUxMDEwMTcwNTM2WhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BjNjc4M2ZkMzQwZTJmN2Y1MWY5OTI5MWM4YzNhNGEwNzgx
NDUwODM2ODA4MjQzMTI0YzNlNzQzM2ZjY2Q4Nzk4MS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1XVhOgQXT58ftxPMk9NkL4m64Jc9ZUBmM6GnD+Pd5AIYx
vZqWdha8gX2CJ/5OKBMAoyLOztxv+OSfp5W0iiFtNGxLB87c4poVJXpLbfNsFP4x
M3xKwjNZccUjnt/9R6pfclYgExFLlScogLHW2Ab2kf2ME7cMJ9P32S8NcC/ifIh6
purSQmdqoFlFjgSKMPYa7kPkU0dYUndZZxvMfNmRpyO6uvtX3mEk6UWZ72OaKDIo
sK2FujTGPYpMD09xjHe5TZTIk6n25eIg0pxXmCWbaCtcPSpj8bqQS/L39xqCYThE
ZMfzZqKaJl/SauLPkzY18TvpMlT2mdRknDLPlD4JAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUUiybRBY1whhyFVUS3sM7SZgloyowHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyLzcwODE4MzRhLThlNDctNDFjNC1iNjQ4LWVjYjhhY2M4ZWE1ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIjYEAwDQYJKoZIhvcNAQELBQADggEBACIcOZI1FGxUpFtUS/b0DdA2gcIz
d17P0R2p5bZBem4gHYjTMx5IaOH+k0iX4/QQNXPBvll2CxDVBSElXcZBavbl6n5d
FvnWhXa+yPYe7VSbuqoUFDt5iE7+fINlT5ZAwIS2S6vy7SxDBHVujwu6Fun041Re
qpgu/Pbd1Jj1T3PH628wVz2x1v9cMW77t7KDGSFkTdi9ADWt7Aqmj/U+QzMmgKGn
3E4BdueoPX1pvB6gm2ArIBsVZIr7Qz7h7ztkGDMIEBjYl+RVLy5E8/ztRN3/PtqI
d4RShQShUt+PIC9/80Jfq2FIinYtzF+Gkm90MOQfDntI1S+zbg/iGEvg3gg=
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:18:07 2025 by rpki-client