Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/c221708b-2fb3-40d7-9d91-a273c57bb3c3.roa
File:                     c221708b-2fb3-40d7-9d91-a273c57bb3c3.roa (raw, json)
Hash identifier:          LknV/BCX6cg4OraaDV4RUUAOr4PqhK2zkvR/pMpdCv0=
Subject key identifier:   E7:46:F4:43:14:58:B9:C4:AA:50:67:98:D8:A3:0F:DD:37:1F:17:A8
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       38F8381BA8ADB6C77D97FB7C4EC5AA7C1660F411
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/c221708b-2fb3-40d7-9d91-a273c57bb3c3.roa
Signing time:             Sun 19 Oct 2025 04:00:22 +0000
ROA not before:           Sun 19 Oct 2025 04:00:22 +0000
ROA not after:            Sun 23 Nov 2025 23:59:59 +0000
asID:                     801
IP address blocks:        35.96.43.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:f8:38:1b:a8:ad:b6:c7:7d:97:fb:7c:4e:c5:aa:7c:16:60:f4:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Oct 19 04:00:22 2025 GMT
            Not After : Nov 23 23:59:59 2025 GMT
        Subject: serialNumber=80cc0c7c2d82273d4b15a12d1c8378c51f7d9cc1ec5854c9cd2834cc1ea0e1e0, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:26:df:48:ff:98:ee:93:68:2d:da:6b:02:69:
                    9f:47:05:5f:2e:99:ce:b3:15:6d:52:dd:1b:a1:52:
                    2c:a7:fe:29:b9:b3:82:f9:7a:b0:9b:2f:a0:b0:db:
                    84:3c:42:c0:06:d4:94:ff:3d:78:19:17:3f:84:5e:
                    6c:28:67:32:c4:52:ea:9d:1d:7b:0b:f4:00:c3:0b:
                    06:f0:ad:b5:75:71:6e:88:35:ae:14:af:00:31:db:
                    90:5f:a5:e7:ee:e8:8d:25:b0:d2:56:14:63:a5:8d:
                    06:50:95:6b:e8:07:98:85:d2:ec:ec:13:90:56:3c:
                    25:f1:31:c3:c4:ae:56:71:f3:ae:50:ae:4d:fd:56:
                    e6:61:09:d6:6a:bb:9e:8a:61:19:68:1e:b1:fb:45:
                    9f:34:ad:21:98:28:5b:93:20:b2:69:c2:36:c2:ae:
                    54:09:28:91:3f:66:3a:95:b4:dd:a4:6a:ce:38:7b:
                    4b:f7:79:a4:ce:c8:da:7c:d5:b4:27:bc:a4:a9:e1:
                    db:21:86:a6:66:4c:e7:b4:bd:63:a3:a5:89:0e:93:
                    a3:e8:7a:6d:ab:ba:6d:9a:e5:5c:d0:0a:7a:b0:52:
                    df:25:91:e7:cb:61:a7:30:0d:01:59:8f:67:08:77:
                    5f:4d:94:7e:a5:ba:f2:13:91:37:92:79:42:27:80:
                    a3:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:46:F4:43:14:58:B9:C4:AA:50:67:98:D8:A3:0F:DD:37:1F:17:A8
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/c221708b-2fb3-40d7-9d91-a273c57bb3c3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:8f:4f:6a:7f:61:af:cc:ee:9d:fd:73:68:97:da:1e:bd:36:
         d3:d9:e7:66:bc:d9:96:ba:ee:4d:69:13:09:78:00:7e:36:5b:
         83:01:e4:da:50:77:bc:c5:31:06:96:f6:36:f7:ba:13:22:b1:
         ed:ff:fc:82:66:3a:7c:e4:88:94:07:03:5c:da:f2:44:a6:24:
         ac:e7:13:c0:dd:76:eb:a9:56:e0:8e:4e:3a:ae:1e:05:23:3d:
         0c:67:f9:3e:33:93:b6:55:68:6e:3f:35:2f:4f:a9:fa:07:35:
         af:00:0e:fc:c8:06:53:07:c6:1f:a8:7f:88:f5:19:2a:66:95:
         6f:c1:68:7d:00:ce:d5:df:b1:3e:26:4d:94:a9:5f:eb:05:87:
         ce:79:61:69:70:3d:26:42:b1:1f:d2:73:78:01:59:12:31:a5:
         99:57:5f:df:d1:03:c0:30:ea:03:15:bf:67:ed:1a:8b:24:a5:
         82:23:7d:e6:af:43:e6:c0:76:53:ef:56:11:6f:d8:bb:83:b2:
         40:b9:0d:59:23:10:2e:04:c3:76:f6:a5:2f:74:8b:75:9d:84:
         bf:92:40:6d:05:c3:1c:09:c8:27:f5:de:ff:0e:f4:bd:ef:86:
         52:d0:cf:2e:0d:39:a1:76:56:9e:b3:ba:67:74:ba:78:5d:f5:
         2b:42:18:2f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOPg4G6ittsd9l/t8TsWqfBZg9BEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUxMDE5MDQwMDIyWhcNMjUxMTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A4MGNjMGM3YzJkODIyNzNkNGIxNWExMmQxYzgzNzhjNTFm
N2Q5Y2MxZWM1ODU0YzljZDI4MzRjYzFlYTBlMWUwMS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCiJt9I/5juk2gt2msCaZ9HBV8umc6zFW1S3RuhUiyn/im5
s4L5erCbL6Cw24Q8QsAG1JT/PXgZFz+EXmwoZzLEUuqdHXsL9ADDCwbwrbV1cW6I
Na4UrwAx25Bfpefu6I0lsNJWFGOljQZQlWvoB5iF0uzsE5BWPCXxMcPErlZx865Q
rk39VuZhCdZqu56KYRloHrH7RZ80rSGYKFuTILJpwjbCrlQJKJE/ZjqVtN2kas44
e0v3eaTOyNp81bQnvKSp4dshhqZmTOe0vWOjpYkOk6Poem2rum2a5VzQCnqwUt8l
kefLYacwDQFZj2cId19NlH6luvITkTeSeUIngKNJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU50b0QxRYucSqUGeY2KMP3TcfF6gwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyL2MyMjE3MDhiLTJmYjMtNDBkNy05ZDkxLWEyNzNjNTdiYjNjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAjYCswDQYJKoZIhvcNAQELBQADggEBAISPT2p/Ya/M7p39c2iX2h69NtPZ
52a82Za67k1pEwl4AH42W4MB5NpQd7zFMQaW9jb3uhMise3//IJmOnzkiJQHA1za
8kSmJKznE8DdduupVuCOTjquHgUjPQxn+T4zk7ZVaG4/NS9PqfoHNa8ADvzIBlMH
xh+of4j1GSpmlW/BaH0AztXfsT4mTZSpX+sFh855YWlwPSZCsR/Sc3gBWRIxpZlX
X9/RA8Aw6gMVv2ftGoskpYIjfeavQ+bAdlPvVhFv2LuDskC5DVkjEC4Ew3b2pS90
i3WdhL+SQG0FwxwJyCf13v8O9L3vhlLQzy4NOaF2Vp6zumd0unhd9StCGC8=
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:48:09 2025 by rpki-client