Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/cf7c8f4a-0827-444b-b6e4-9a45ca69f600.roa
File:                     cf7c8f4a-0827-444b-b6e4-9a45ca69f600.roa (raw, json)
Hash identifier:          FFLW6KLx1/H4EdPzfe1TKFXKDqjPrdwn1tdfYLpyFCY=
Subject key identifier:   07:64:99:76:62:5F:85:00:BC:50:3B:2C:D0:C2:5B:84:09:6D:6B:BA
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       6D871DDDCAB6871E1C85AED61B21A539770EBC63
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/cf7c8f4a-0827-444b-b6e4-9a45ca69f600.roa
Signing time:             Fri 26 Sep 2025 18:00:01 +0000
ROA not before:           Fri 26 Sep 2025 18:00:01 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     801
IP address blocks:        35.96.9.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:87:1d:dd:ca:b6:87:1e:1c:85:ae:d6:1b:21:a5:39:77:0e:bc:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Sep 26 18:00:01 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=1cc80235716849424356769be6a6fee9a70d02d45253ae8ccd33f24077fa19d6, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:7e:64:13:cb:61:60:74:5e:a6:27:4a:d8:6c:
                    58:c1:2f:de:1a:12:0f:b0:67:da:8c:a9:86:91:ae:
                    bf:ce:8e:5f:b5:8f:31:fd:eb:dd:cc:ca:3a:ab:6f:
                    2b:c3:a6:bc:9a:7f:f6:de:61:b0:61:9e:73:a0:a2:
                    6d:3a:1e:25:2f:fa:d3:97:95:7d:7e:27:52:73:04:
                    89:ab:bf:23:5c:81:aa:27:5b:3c:8b:c4:17:e6:59:
                    26:4c:a7:48:fa:b9:38:de:23:a2:14:ac:b9:98:27:
                    c9:12:35:37:f3:5c:06:ae:e2:6c:22:bb:ae:25:0b:
                    d9:9f:13:a6:95:62:59:2e:e6:c7:f2:11:76:36:7a:
                    7c:84:9c:c1:0f:a6:86:7d:28:e1:e3:a3:46:a9:07:
                    dc:ce:9f:3c:8c:56:2c:3c:e2:a9:40:26:45:a4:6b:
                    88:3c:f3:60:ce:15:a8:15:44:4d:87:60:3b:a3:3a:
                    7b:3e:1b:d8:85:79:2e:ff:f3:9d:9a:92:21:b4:16:
                    03:27:50:6e:cd:48:e6:94:b1:5b:24:b7:05:5d:75:
                    02:5f:8c:c5:19:8c:5b:77:29:4c:4a:44:6b:a2:84:
                    9b:28:ff:a5:f3:a7:da:bd:c2:2a:c4:72:2a:ab:81:
                    ab:21:52:77:f8:a6:d3:6e:7b:c1:0d:92:f4:54:9d:
                    5a:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:64:99:76:62:5F:85:00:BC:50:3B:2C:D0:C2:5B:84:09:6D:6B:BA
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/cf7c8f4a-0827-444b-b6e4-9a45ca69f600.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:4e:91:d4:41:0e:af:8e:e7:04:84:01:18:64:fa:98:b3:11:
         fd:89:7e:20:6c:2b:04:94:48:c4:da:1d:a2:0d:a3:b8:f2:43:
         56:4e:b0:c3:a0:28:78:94:7e:7e:87:54:db:54:96:98:c3:d1:
         9a:ef:5b:6d:9e:34:f1:c3:65:17:d6:9a:32:da:bc:88:c4:9b:
         68:51:69:15:17:69:b3:db:dd:7f:8c:43:0c:b5:52:de:11:46:
         dc:09:5d:5b:e4:5a:4c:37:7a:e6:88:4b:a0:13:b0:07:3a:70:
         ce:75:9b:cc:d6:81:16:df:18:6c:7d:09:9f:3a:5a:48:3e:ca:
         9e:89:fe:5e:11:62:c9:08:c7:49:c7:45:5c:40:d8:f7:10:cc:
         24:7e:8c:43:7f:e5:56:37:76:d5:c7:7e:16:44:ff:bc:97:57:
         38:b7:7c:6e:fe:b5:39:18:ef:a5:3b:59:e6:79:07:60:04:39:
         75:3f:1f:98:a9:02:10:d9:ff:57:35:71:1b:1d:35:18:13:5e:
         9a:ed:c5:db:63:19:c2:49:fa:52:b2:33:8b:89:1d:92:66:94:
         f7:f5:c8:58:30:e5:03:cb:ee:62:65:c8:04:f8:79:d2:9b:5c:
         0d:ca:26:cc:ce:6c:3a:7f:3f:2a:33:5e:b1:bb:0f:63:33:44:
         ce:42:79:ce
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbYcd3cq2hx4cha7WGyGlOXcOvGMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwOTI2MTgwMDAxWhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AxY2M4MDIzNTcxNjg0OTQyNDM1Njc2OWJlNmE2ZmVlOWE3
MGQwMmQ0NTI1M2FlOGNjZDMzZjI0MDc3ZmExOWQ2MS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJfmQTy2FgdF6mJ0rYbFjBL94aEg+wZ9qMqYaRrr/Ojl+1
jzH9693MyjqrbyvDpryaf/beYbBhnnOgom06HiUv+tOXlX1+J1JzBImrvyNcgaon
WzyLxBfmWSZMp0j6uTjeI6IUrLmYJ8kSNTfzXAau4mwiu64lC9mfE6aVYlku5sfy
EXY2enyEnMEPpoZ9KOHjo0apB9zOnzyMViw84qlAJkWka4g882DOFagVRE2HYDuj
Ons+G9iFeS7/852akiG0FgMnUG7NSOaUsVsktwVddQJfjMUZjFt3KUxKRGuihJso
/6Xzp9q9wirEciqrgashUnf4ptNue8ENkvRUnVoTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUB2SZdmJfhQC8UDss0MJbhAlta7owHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyL2NmN2M4ZjRhLTA4MjctNDQ0Yi1iNmU0LTlhNDVjYTY5ZjYwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAjYAkwDQYJKoZIhvcNAQELBQADggEBAI9OkdRBDq+O5wSEARhk+pizEf2J
fiBsKwSUSMTaHaINo7jyQ1ZOsMOgKHiUfn6HVNtUlpjD0ZrvW22eNPHDZRfWmjLa
vIjEm2hRaRUXabPb3X+MQwy1Ut4RRtwJXVvkWkw3euaIS6ATsAc6cM51m8zWgRbf
GGx9CZ86Wkg+yp6J/l4RYskIx0nHRVxA2PcQzCR+jEN/5VY3dtXHfhZE/7yXVzi3
fG7+tTkY76U7WeZ5B2AEOXU/H5ipAhDZ/1c1cRsdNRgTXprtxdtjGcJJ+lKyM4uJ
HZJmlPf1yFgw5QPL7mJlyAT4edKbXA3KJszObDp/PyozXrG7D2MzRM5Cec4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:05:30 2025 by rpki-client