Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/4dec765a-fd07-492c-af7f-ec695090cc13.roa
File:                     4dec765a-fd07-492c-af7f-ec695090cc13.roa (raw, json)
Hash identifier:          6VM9YmlQ/yVTkZ3wXzIm2f/c2hgUvsz5d4tu5F+tHSg=
Subject key identifier:   4A:B9:E3:A2:BF:DB:E6:BE:6B:B2:04:5B:93:F6:7C:03:5F:81:08:E9
Certificate issuer:       /CN=c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173
Certificate serial:       789BE3F3470975CE99324658FE09F60B4E06416C
Authority key identifier: CC:10:61:27:3F:FF:76:3F:76:D2:DE:E2:85:83:E8:BA:3B:05:C4:30
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/4dec765a-fd07-492c-af7f-ec695090cc13.roa
Signing time:             Tue 23 Sep 2025 00:10:11 +0000
ROA not before:           Tue 23 Sep 2025 00:10:11 +0000
ROA not after:            Tue 28 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        198.41.99.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 10 Oct 2025 19:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:9b:e3:f3:47:09:75:ce:99:32:46:58:fe:09:f6:0b:4e:06:41:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173
        Validity
            Not Before: Sep 23 00:10:11 2025 GMT
            Not After : Oct 28 23:59:59 2025 GMT
        Subject: serialNumber=ce408ca17d8f92610e3da5d189946d2bf107cab3f01ddb27ad61202df02f4752, CN=88af7b95-2ef7-49fc-a37d-1b8f0547180d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:e8:2c:af:7f:4e:8f:3b:f7:00:0f:5f:e8:49:
                    32:13:e8:5e:58:15:fc:f5:41:84:6a:a5:9d:db:a4:
                    04:ea:a3:64:4b:7e:d3:94:79:3f:3a:f2:9a:39:5c:
                    ce:1b:d9:23:92:84:59:b8:a1:00:d9:bf:c7:a4:5c:
                    bc:fc:10:2b:2a:24:5c:70:38:bd:10:36:df:3b:fe:
                    8d:d9:92:a6:ca:bf:f3:4a:6f:46:88:d5:bd:b1:74:
                    41:10:3f:9b:45:66:35:6c:88:26:56:88:c4:9c:a6:
                    83:67:99:67:b7:d1:fc:23:7c:b0:27:ef:8e:b6:d8:
                    86:62:b0:24:4f:51:5a:7b:27:56:a2:f7:3e:19:61:
                    0d:e1:49:66:3a:57:2c:08:33:66:80:de:64:7a:1f:
                    73:e0:42:cb:c6:5a:d9:fb:1f:e4:75:a1:3e:53:aa:
                    09:81:20:7f:21:32:46:58:74:ff:ed:6b:35:db:d7:
                    96:ee:74:f0:61:e5:13:20:ca:52:77:83:a1:dc:39:
                    98:ca:62:68:96:9b:0f:a5:94:80:f3:b1:08:64:41:
                    1e:e2:32:3b:b8:e1:22:d5:af:f6:69:a2:7c:a1:a3:
                    72:6d:c4:69:01:a5:d4:99:65:a4:a3:dd:b3:b1:6d:
                    e8:4e:46:d8:f8:a6:c9:21:70:29:f5:2a:eb:39:1b:
                    38:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:B9:E3:A2:BF:DB:E6:BE:6B:B2:04:5B:93:F6:7C:03:5F:81:08:E9
            X509v3 Authority Key Identifier:
                keyid:CC:10:61:27:3F:FF:76:3F:76:D2:DE:E2:85:83:E8:BA:3B:05:C4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/4dec765a-fd07-492c-af7f-ec695090cc13.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  198.41.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:de:a1:83:17:ef:a1:f9:c2:bb:84:c4:7e:4b:25:8b:e0:a4:
         25:22:78:51:1b:39:3c:0c:42:78:1f:ec:1f:45:9c:bb:a2:48:
         68:c0:ae:e4:e1:6d:99:70:0e:e8:3a:ad:3a:78:e8:7b:0f:46:
         21:b4:0f:16:6d:5f:d0:09:4d:62:2b:f3:5e:ec:95:21:90:91:
         86:ab:d1:8a:7a:87:5f:9f:65:17:21:30:a7:86:56:19:bd:74:
         69:6f:ee:d8:92:11:30:67:3d:8b:7a:86:90:a9:64:97:ec:b1:
         f4:52:11:0a:39:02:9c:dd:81:46:3b:ba:32:f3:3c:ee:10:6f:
         fd:49:e1:00:8b:f5:05:e5:e3:d6:49:a7:d3:c9:65:67:98:b9:
         65:65:5a:91:d5:94:89:b2:f8:40:07:94:87:d0:33:68:38:dd:
         b8:8b:4f:65:2f:27:1a:4d:2d:59:7c:5a:2a:b3:19:23:cc:14:
         2d:26:86:17:23:c3:82:7f:59:32:65:99:d3:74:68:71:a0:2c:
         a2:b2:20:b2:de:fb:00:06:d0:80:96:4c:a7:f2:a9:15:80:66:
         75:e6:0c:09:bb:30:93:bb:53:07:a9:f9:58:5c:f4:dd:04:05:
         ff:8e:c8:df:71:81:a6:75:b4:01:e7:23:ee:9e:b5:39:5c:cb:
         08:2b:1e:93
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeJvj80cJdc6ZMkZY/gn2C04GQWwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzMxOTQyNGUwMzlmODZkNmFkOWZjNGU3MjIzZGY4NDFk
MjBhZTZkMGZmMTI0MjgxNzMwHhcNMjUwOTIzMDAxMDExWhcNMjUxMDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BjZTQwOGNhMTdkOGY5MjYxMGUzZGE1ZDE4OTk0NmQyYmYx
MDdjYWIzZjAxZGRiMjdhZDYxMjAyZGYwMmY0NzUyMS0wKwYDVQQDEyQ4OGFmN2I5
NS0yZWY3LTQ5ZmMtYTM3ZC0xYjhmMDU0NzE4MGQwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDF6Cyvf06PO/cAD1/oSTIT6F5YFfz1QYRqpZ3bpATqo2RL
ftOUeT868po5XM4b2SOShFm4oQDZv8ekXLz8ECsqJFxwOL0QNt87/o3ZkqbKv/NK
b0aI1b2xdEEQP5tFZjVsiCZWiMScpoNnmWe30fwjfLAn74622IZisCRPUVp7J1ai
9z4ZYQ3hSWY6VywIM2aA3mR6H3PgQsvGWtn7H+R1oT5TqgmBIH8hMkZYdP/tazXb
15budPBh5RMgylJ3g6HcOZjKYmiWmw+llIDzsQhkQR7iMju44SLVr/Zponyho3Jt
xGkBpdSZZaSj3bOxbehORtj4pskhcCn1Kus5GzhjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUSrnjor/b5r5rsgRbk/Z8A1+BCOkwHwYDVR0jBBgwFoAUzBBhJz//dj92
0t7ihYPoujsFxDAwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Q2YjVhZDI4LTFjYmMtNDdhYi05MDRlLTQ1MzYxYTU0ODdjMy9lNWRlYTY2MC1i
ZjU5LTRiNGMtYjlhZC00YTY3ODdlMDNmY2UvYzMxOTQyNGUwMzlmODZkNmFkOWZj
NGU3MjIzZGY4NDFkMjBhZTZkMGZmMTI0MjgxNzMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmRmNTFjZDItZTZhZi00OTNhLWE4OGEtMzIy
MWQwMWY3ZDkwLzRkZWM3NjVhLWZkMDctNDkyYy1hZjdmLWVjNjk1MDkwY2MxMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJkZjUxY2QyLWU2YWYtNDkzYS1hODhh
LTMyMjFkMDFmN2Q5MC9uNGJXclpfRTV5STktRUhTQ3ViUV94SkNnWE0uY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADGKWMwDQYJKoZIhvcNAQELBQADggEBADTeoYMX76H5wruExH5LJYvgpCUi
eFEbOTwMQngf7B9FnLuiSGjAruThbZlwDug6rTp46HsPRiG0DxZtX9AJTWIr817s
lSGQkYar0Yp6h1+fZRchMKeGVhm9dGlv7tiSETBnPYt6hpCpZJfssfRSEQo5Apzd
gUY7ujLzPO4Qb/1J4QCL9QXl49ZJp9PJZWeYuWVlWpHVlImy+EAHlIfQM2g43biL
T2UvJxpNLVl8WiqzGSPMFC0mhhcjw4J/WTJlmdN0aHGgLKKyILLe+wAG0ICWTKfy
qRWAZnXmDAm7MJO7Uwep+Vhc9N0EBf+OyN9xgaZ1tAHnI+6etTlcywgrHpM=
-----END CERTIFICATE-----
Generated at Thu Oct 9 01:18:55 2025 by rpki-client