Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/e2b8a763-83e4-408e-854a-a2e9f68ca99e.roa
File:                     e2b8a763-83e4-408e-854a-a2e9f68ca99e.roa (raw, json)
Hash identifier:          vMcQJkNIDXhDu6AiCi/i2EfwHZrX15Avryj9eHQmlPI=
Subject key identifier:   FE:18:0D:6F:F8:25:4B:CD:8D:F9:3C:89:9A:97:0E:F0:98:A0:EE:08
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       2939D6513F95E7B7C40E1684770B7E8B198CCF8F
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/e2b8a763-83e4-408e-854a-a2e9f68ca99e.roa
Signing time:             Mon 06 Oct 2025 17:37:44 +0000
ROA not before:           Mon 06 Oct 2025 17:37:44 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     801
IP address blocks:        35.96.22.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:39:d6:51:3f:95:e7:b7:c4:0e:16:84:77:0b:7e:8b:19:8c:cf:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Oct  6 17:37:44 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=848dc34a0433d147955da63b75b787b76e99ae63c0e92636dfdfdd56d63a6756, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:7a:5e:8a:59:8d:63:19:d8:11:0c:95:e7:c7:
                    69:4b:7f:a5:32:41:d1:6e:26:79:d7:e0:59:c4:ea:
                    2e:b8:e2:0a:b5:38:6f:41:81:ee:fc:ba:77:33:4f:
                    ea:82:30:bc:99:75:32:f1:11:ee:f1:d2:44:a4:3b:
                    8b:72:4f:87:fb:1d:06:7a:3f:b7:fd:7b:58:18:11:
                    78:4f:aa:94:77:ca:65:5b:8a:51:fe:70:6b:f1:a4:
                    43:26:0e:fe:c3:87:95:14:e8:9f:b7:02:11:23:98:
                    93:02:1c:7b:82:8c:67:d8:77:6a:0c:dc:2a:a9:89:
                    c0:08:fe:40:2f:6c:98:d5:e0:c8:e3:ae:ce:d6:3c:
                    c8:28:b2:24:14:59:d7:c9:52:d9:c4:0d:5d:e0:04:
                    7a:ec:48:0a:92:b1:fd:c5:10:86:9a:cd:9f:38:4b:
                    ce:16:56:34:39:b4:16:f6:b6:8c:22:03:96:9f:39:
                    76:85:84:20:37:78:3e:21:df:7b:e4:00:55:d3:13:
                    ee:62:86:3a:34:d3:1a:3c:8e:b3:7b:53:74:68:c9:
                    a6:df:36:dc:9e:a0:93:4f:79:3b:a2:99:42:c7:5e:
                    81:71:1e:eb:f3:9a:d9:3e:ad:7a:91:61:f3:05:a1:
                    e9:78:0e:fe:5a:9f:6f:fc:e3:44:5b:7d:fa:db:dd:
                    34:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:18:0D:6F:F8:25:4B:CD:8D:F9:3C:89:9A:97:0E:F0:98:A0:EE:08
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/e2b8a763-83e4-408e-854a-a2e9f68ca99e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.96.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         17:31:04:05:e6:ed:25:d5:74:cf:9a:0c:f2:eb:d9:c1:02:6b:
         cb:c6:d4:fe:4f:31:cf:34:cc:b6:a3:70:21:ad:12:a4:52:5a:
         ca:f8:09:d3:60:68:da:0a:1a:c5:a2:78:c4:12:d3:4d:0e:cc:
         0a:7b:f8:a3:e3:72:cd:63:84:12:dd:b9:b9:e5:8d:e3:36:a1:
         84:0f:a5:1e:6b:b3:03:54:d7:42:ea:b7:82:7c:e8:a6:d7:91:
         5a:f8:df:97:28:ea:5f:d1:86:14:1b:5d:eb:32:33:3e:79:d8:
         bd:e6:c0:de:31:7a:f6:7c:58:23:fa:56:90:ed:9a:e8:ca:ba:
         0d:c6:5a:b2:56:d7:d7:7c:34:aa:7e:0e:55:56:67:5b:ee:55:
         07:dd:50:7a:51:1a:a6:07:7c:77:f0:80:da:18:a8:0a:3d:ce:
         43:75:6f:5d:80:34:90:4d:24:d0:0d:82:ae:e2:c8:27:78:30:
         de:51:62:82:e6:5e:66:8b:f7:1e:52:36:dc:20:2a:3d:bd:72:
         3a:c9:f8:21:b2:6a:9d:1b:b2:d4:b1:80:40:05:ff:f8:5a:16:
         61:d3:e8:6b:41:d9:56:f7:43:15:e2:03:09:8c:57:fd:2d:8c:
         8b:44:d0:27:a3:40:41:2e:56:86:a4:80:d1:55:ac:86:7d:c6:
         04:7f:f2:27
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKTnWUT+V57fEDhaEdwt+ixmMz48wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUxMDA2MTczNzQ0WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A4NDhkYzM0YTA0MzNkMTQ3OTU1ZGE2M2I3NWI3ODdiNzZl
OTlhZTYzYzBlOTI2MzZkZmRmZGQ1NmQ2M2E2NzU2MS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/el6KWY1jGdgRDJXnx2lLf6UyQdFuJnnX4FnE6i644gq1
OG9Bge78unczT+qCMLyZdTLxEe7x0kSkO4tyT4f7HQZ6P7f9e1gYEXhPqpR3ymVb
ilH+cGvxpEMmDv7Dh5UU6J+3AhEjmJMCHHuCjGfYd2oM3CqpicAI/kAvbJjV4Mjj
rs7WPMgosiQUWdfJUtnEDV3gBHrsSAqSsf3FEIaazZ84S84WVjQ5tBb2towiA5af
OXaFhCA3eD4h33vkAFXTE+5ihjo00xo8jrN7U3RoyabfNtyeoJNPeTuimULHXoFx
Huvzmtk+rXqRYfMFoel4Dv5an2/840Rbffrb3TS1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU/hgNb/glS82N+TyJmpcO8Jig7ggwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyL2UyYjhhNzYzLTgzZTQtNDA4ZS04NTRhLWEyZTlmNjhjYTk5ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEjYBYwDQYJKoZIhvcNAQELBQADggEBABcxBAXm7SXVdM+aDPLr2cECa8vG
1P5PMc80zLajcCGtEqRSWsr4CdNgaNoKGsWieMQS000OzAp7+KPjcs1jhBLdubnl
jeM2oYQPpR5rswNU10Lqt4J86KbXkVr435co6l/RhhQbXesyMz552L3mwN4xevZ8
WCP6VpDtmujKug3GWrJW19d8NKp+DlVWZ1vuVQfdUHpRGqYHfHfwgNoYqAo9zkN1
b12ANJBNJNANgq7iyCd4MN5RYoLmXmaL9x5SNtwgKj29cjrJ+CGyap0bstSxgEAF
//haFmHT6GtB2Vb3QxXiAwmMV/0tjItE0CejQEEuVoakgNFVrIZ9xgR/8ic=
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:18:18 2025 by rpki-client