Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/8ded9a1a-a724-4f04-af2d-845ce1bd9da0.roa
File:                     8ded9a1a-a724-4f04-af2d-845ce1bd9da0.roa (raw, json)
Hash identifier:          g7YrLgnVx5dqPlczHnLKuwqA9TDmRNA3mElcIhFt2Hs=
Subject key identifier:   15:DE:FE:2C:40:43:C1:B2:89:EA:DA:D1:D6:3B:1A:F9:F3:40:90:6E
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       606A875F22EDEF32F8DA52610AB31CD35B2985EE
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/8ded9a1a-a724-4f04-af2d-845ce1bd9da0.roa
Signing time:             Fri 08 Aug 2025 00:31:07 +0000
ROA not before:           Fri 08 Aug 2025 00:31:07 +0000
ROA not after:            Fri 12 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        35.96.18.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:6a:87:5f:22:ed:ef:32:f8:da:52:61:0a:b3:1c:d3:5b:29:85:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Aug  8 00:31:07 2025 GMT
            Not After : Sep 12 23:59:59 2025 GMT
        Subject: serialNumber=e87ec2219f61db2043eeeb031ddae30732e604c5b778ba2b804451a8936824e0, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:8d:49:3a:13:97:0e:3e:88:25:f8:ff:e9:a1:
                    67:95:a1:61:81:af:d0:18:d4:7e:1c:3c:3e:f4:e7:
                    14:dc:51:a0:f8:07:29:51:7d:08:3b:be:a6:ba:b4:
                    1a:fa:24:2d:72:da:23:af:fa:2e:2f:f1:2a:09:a2:
                    68:38:bb:1e:58:5c:49:85:34:21:ca:6f:93:c9:a6:
                    29:2d:ce:1c:63:69:8c:24:5b:9e:bd:d9:e9:b4:fb:
                    27:6a:c6:79:7b:0e:c2:b0:7e:6f:68:4b:99:a7:72:
                    96:4c:f9:52:ff:21:72:05:c8:3d:b4:50:33:42:b9:
                    7e:b9:a4:50:75:72:a7:8a:ae:46:37:1d:79:f8:0b:
                    ef:c8:95:3f:5d:a1:fe:8f:00:d0:e4:d5:16:d3:82:
                    30:cc:d8:a6:dd:47:d4:cb:9c:93:7c:db:70:bb:bb:
                    65:85:be:d9:1f:c8:14:08:68:87:64:fa:8e:5e:37:
                    4a:51:fe:c9:c7:9e:f5:06:3e:6e:63:f7:f9:48:f5:
                    f0:32:d3:15:24:45:54:6f:d0:8b:5c:b4:7f:e8:bd:
                    21:b1:d7:e7:bd:55:5b:9e:26:8d:63:ce:e0:2a:8e:
                    4a:58:67:a0:20:c0:97:12:db:d2:d6:c3:bd:cb:88:
                    7f:46:22:9a:78:6d:85:64:98:1b:2c:d8:22:5a:2a:
                    1a:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:DE:FE:2C:40:43:C1:B2:89:EA:DA:D1:D6:3B:1A:F9:F3:40:90:6E
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/8ded9a1a-a724-4f04-af2d-845ce1bd9da0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.18.0/23

    Signature Algorithm: sha256WithRSAEncryption
         62:b3:93:80:00:73:90:10:75:61:79:64:73:61:ec:3f:9c:34:
         31:31:96:3f:e1:0a:a1:48:75:e2:4b:ad:0a:70:5f:13:b2:6d:
         b5:54:a2:11:54:42:05:b9:d1:63:5e:4c:b3:f7:6b:58:29:a3:
         3f:56:8b:76:69:28:a7:a1:2b:e6:9f:5b:e9:8e:e5:7c:1e:36:
         54:d9:6e:5e:d5:1c:bb:6a:7c:dd:08:69:59:b2:1f:a3:91:b8:
         b7:57:91:62:6a:ab:2d:de:d6:65:ed:d8:45:36:b1:7e:70:77:
         b6:51:5e:f0:4a:d2:84:bd:8e:a8:c8:1f:e3:97:2c:27:7e:8d:
         cf:cf:a4:c9:1f:a1:d2:73:ae:2f:dd:0c:20:a5:a3:40:de:b8:
         6e:78:5d:ff:f0:4b:88:4d:bf:a2:fc:90:3a:a9:c5:85:14:43:
         57:7e:39:46:c8:fb:b9:0e:d7:31:10:72:14:d0:c8:fd:2f:f0:
         88:e9:f5:ff:82:0e:df:20:f6:f9:ec:73:f9:9d:a3:47:07:38:
         a2:e4:e1:ac:29:bd:e0:11:62:a0:d3:fd:bc:e9:c8:eb:47:4e:
         35:da:46:46:30:31:2e:df:5f:a5:ad:25:91:9a:81:3d:0d:50:
         4a:ce:ee:d8:ef:66:0c:8b:ba:b1:bc:ab:b3:2f:13:f8:0d:ed:
         98:c2:48:12
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYGqHXyLt7zL42lJhCrMc01sphe4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwODA4MDAzMTA3WhcNMjUwOTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BlODdlYzIyMTlmNjFkYjIwNDNlZWViMDMxZGRhZTMwNzMy
ZTYwNGM1Yjc3OGJhMmI4MDQ0NTFhODkzNjgyNGUwMS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDyjUk6E5cOPogl+P/poWeVoWGBr9AY1H4cPD705xTcUaD4
BylRfQg7vqa6tBr6JC1y2iOv+i4v8SoJomg4ux5YXEmFNCHKb5PJpiktzhxjaYwk
W5692em0+ydqxnl7DsKwfm9oS5mncpZM+VL/IXIFyD20UDNCuX65pFB1cqeKrkY3
HXn4C+/IlT9dof6PANDk1RbTgjDM2KbdR9TLnJN823C7u2WFvtkfyBQIaIdk+o5e
N0pR/snHnvUGPm5j9/lI9fAy0xUkRVRv0ItctH/ovSGx1+e9VVueJo1jzuAqjkpY
Z6AgwJcS29LWw73LiH9GIpp4bYVkmBss2CJaKhoDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUFd7+LEBDwbKJ6trR1jsa+fNAkG4wHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyLzhkZWQ5YTFhLWE3MjQtNGYwNC1hZjJkLTg0NWNlMWJkOWRhMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEjYBIwDQYJKoZIhvcNAQELBQADggEBAGKzk4AAc5AQdWF5ZHNh7D+cNDEx
lj/hCqFIdeJLrQpwXxOybbVUohFUQgW50WNeTLP3a1gpoz9Wi3ZpKKehK+afW+mO
5XweNlTZbl7VHLtqfN0IaVmyH6ORuLdXkWJqqy3e1mXt2EU2sX5wd7ZRXvBK0oS9
jqjIH+OXLCd+jc/PpMkfodJzri/dDCClo0DeuG54Xf/wS4hNv6L8kDqpxYUUQ1d+
OUbI+7kO1zEQchTQyP0v8Ijp9f+CDt8g9vnsc/mdo0cHOKLk4awpveARYqDT/bzp
yOtHTjXaRkYwMS7fX6WtJZGagT0NUErO7tjvZgyLurG8q7MvE/gN7ZjCSBI=
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:15:49 2025 by rpki-client