Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/8a0cac28-29b8-4996-b010-5eab278cc342.roa
File:                     8a0cac28-29b8-4996-b010-5eab278cc342.roa (raw, json)
Hash identifier:          ixZeZ/BLYeF/jG7t01WSKX07z7llsfLmUGlUmq2+5Jc=
Subject key identifier:   BC:5B:89:7B:80:7C:61:1E:05:2C:F7:EF:E4:D5:02:05:92:71:9F:3D
Certificate issuer:       /CN=c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173
Certificate serial:       55E33FD49BB5D3A5F8DE14273E4B4ABF6307B41B
Authority key identifier: CC:10:61:27:3F:FF:76:3F:76:D2:DE:E2:85:83:E8:BA:3B:05:C4:30
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/8a0cac28-29b8-4996-b010-5eab278cc342.roa
Signing time:             Tue 23 Sep 2025 00:10:17 +0000
ROA not before:           Tue 23 Sep 2025 00:10:17 +0000
ROA not after:            Tue 28 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        198.41.100.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 10 Oct 2025 19:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:e3:3f:d4:9b:b5:d3:a5:f8:de:14:27:3e:4b:4a:bf:63:07:b4:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173
        Validity
            Not Before: Sep 23 00:10:17 2025 GMT
            Not After : Oct 28 23:59:59 2025 GMT
        Subject: serialNumber=f8c7f1cb35dcb1a5223094a1359bc2a7b16155e77c5ac6ed7f4004105cde6f46, CN=88af7b95-2ef7-49fc-a37d-1b8f0547180d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:3a:f4:f2:01:da:79:55:8c:5d:c5:3f:5b:8e:
                    b8:51:12:b3:93:86:46:7c:e4:b2:ff:ae:3a:08:96:
                    80:e5:d2:62:e1:bb:eb:01:1c:07:f5:99:e1:81:67:
                    fd:0f:b7:b4:c6:63:3d:6b:24:9c:7e:17:b8:ab:44:
                    e2:dc:17:d1:8a:64:da:b1:24:42:77:b2:b6:10:0b:
                    56:b1:e9:7b:50:d5:af:5e:9e:3e:1b:00:e7:18:67:
                    93:7f:2a:77:df:1e:34:c2:90:f6:06:93:a6:e6:ad:
                    b8:94:73:a9:53:5c:e9:59:db:cb:ea:8e:7a:87:6e:
                    25:d6:f6:2b:4f:50:c9:e7:1e:d5:1b:6e:dc:94:ff:
                    01:4d:0a:ee:16:19:34:2b:7c:1f:08:dc:31:21:a9:
                    26:7d:e4:c3:af:b8:58:fa:f7:d5:fc:1e:35:5c:bf:
                    82:57:43:03:e1:9b:4b:2d:58:e9:3d:d2:23:c3:70:
                    b4:9f:a9:1e:db:58:bd:1b:6e:a4:32:43:79:6d:c4:
                    de:45:df:17:2e:2a:38:bc:4d:47:ff:ea:e7:f5:29:
                    02:7d:03:42:4f:16:50:c9:74:7d:44:98:95:31:11:
                    f9:30:79:58:9e:70:fb:de:39:51:77:f5:01:00:5a:
                    05:08:29:d3:4a:46:50:fa:fe:eb:3b:70:0c:9b:3b:
                    42:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:5B:89:7B:80:7C:61:1E:05:2C:F7:EF:E4:D5:02:05:92:71:9F:3D
            X509v3 Authority Key Identifier:
                keyid:CC:10:61:27:3F:FF:76:3F:76:D2:DE:E2:85:83:E8:BA:3B:05:C4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/8a0cac28-29b8-4996-b010-5eab278cc342.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  198.41.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:64:cf:49:eb:d4:b7:da:33:ed:51:74:38:89:5f:92:ba:f6:
         81:9b:41:04:4f:97:f8:90:44:85:e3:dc:58:6e:20:62:b2:85:
         27:a0:89:bf:58:e9:d2:84:30:4f:85:c0:4e:d9:1d:ec:00:64:
         55:0d:27:b7:0e:3c:2c:5f:fe:7f:c4:3d:a0:8d:b2:c6:8d:a3:
         f0:c4:7e:14:87:3b:60:d1:5a:be:fc:d5:7b:e9:b4:7f:dd:00:
         07:e3:b6:53:c5:ae:5e:79:10:2c:c0:d2:6e:36:94:07:33:a6:
         83:c3:90:11:55:e7:85:d3:9f:8d:83:5c:10:cc:af:3a:cf:a9:
         b4:93:f6:c3:87:1e:77:d1:79:f2:1b:fa:4d:6f:b9:1c:6f:c9:
         f8:a2:70:4f:27:6a:8a:42:0d:3d:3a:0a:0b:9f:cb:d2:ef:7f:
         ec:b2:e0:ff:72:60:f6:55:c7:35:95:78:1c:ce:09:ab:b8:aa:
         b2:ab:a9:48:54:ca:c9:30:86:e3:dd:94:57:1a:c6:a5:c4:7b:
         d3:d8:08:fc:b8:de:ff:3a:57:d0:2d:58:f1:07:3b:3e:7e:b8:
         d0:c2:71:84:3d:2b:3a:78:3d:42:cf:aa:c6:75:8a:57:e0:5c:
         86:4c:9c:2b:a6:05:b7:2f:be:f6:d9:44:88:25:99:68:22:0e:
         2a:1f:7b:d4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVeM/1Ju106X43hQnPktKv2MHtBswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzMxOTQyNGUwMzlmODZkNmFkOWZjNGU3MjIzZGY4NDFk
MjBhZTZkMGZmMTI0MjgxNzMwHhcNMjUwOTIzMDAxMDE3WhcNMjUxMDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BmOGM3ZjFjYjM1ZGNiMWE1MjIzMDk0YTEzNTliYzJhN2Ix
NjE1NWU3N2M1YWM2ZWQ3ZjQwMDQxMDVjZGU2ZjQ2MS0wKwYDVQQDEyQ4OGFmN2I5
NS0yZWY3LTQ5ZmMtYTM3ZC0xYjhmMDU0NzE4MGQwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZOvTyAdp5VYxdxT9bjrhRErOThkZ85LL/rjoIloDl0mLh
u+sBHAf1meGBZ/0Pt7TGYz1rJJx+F7irROLcF9GKZNqxJEJ3srYQC1ax6XtQ1a9e
nj4bAOcYZ5N/KnffHjTCkPYGk6bmrbiUc6lTXOlZ28vqjnqHbiXW9itPUMnnHtUb
btyU/wFNCu4WGTQrfB8I3DEhqSZ95MOvuFj699X8HjVcv4JXQwPhm0stWOk90iPD
cLSfqR7bWL0bbqQyQ3ltxN5F3xcuKji8TUf/6uf1KQJ9A0JPFlDJdH1EmJUxEfkw
eViecPveOVF39QEAWgUIKdNKRlD6/us7cAybO0IvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUvFuJe4B8YR4FLPfv5NUCBZJxnz0wHwYDVR0jBBgwFoAUzBBhJz//dj92
0t7ihYPoujsFxDAwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Q2YjVhZDI4LTFjYmMtNDdhYi05MDRlLTQ1MzYxYTU0ODdjMy9lNWRlYTY2MC1i
ZjU5LTRiNGMtYjlhZC00YTY3ODdlMDNmY2UvYzMxOTQyNGUwMzlmODZkNmFkOWZj
NGU3MjIzZGY4NDFkMjBhZTZkMGZmMTI0MjgxNzMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmRmNTFjZDItZTZhZi00OTNhLWE4OGEtMzIy
MWQwMWY3ZDkwLzhhMGNhYzI4LTI5YjgtNDk5Ni1iMDEwLTVlYWIyNzhjYzM0Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJkZjUxY2QyLWU2YWYtNDkzYS1hODhh
LTMyMjFkMDFmN2Q5MC9uNGJXclpfRTV5STktRUhTQ3ViUV94SkNnWE0uY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADGKWQwDQYJKoZIhvcNAQELBQADggEBAIVkz0nr1LfaM+1RdDiJX5K69oGb
QQRPl/iQRIXj3FhuIGKyhSegib9Y6dKEME+FwE7ZHewAZFUNJ7cOPCxf/n/EPaCN
ssaNo/DEfhSHO2DRWr781XvptH/dAAfjtlPFrl55ECzA0m42lAczpoPDkBFV54XT
n42DXBDMrzrPqbST9sOHHnfRefIb+k1vuRxvyfiicE8naopCDT06Cgufy9Lvf+yy
4P9yYPZVxzWVeBzOCau4qrKrqUhUyskwhuPdlFcaxqXEe9PYCPy43v86V9AtWPEH
Oz5+uNDCcYQ9Kzp4PULPqsZ1ilfgXIZMnCumBbcvvvbZRIglmWgiDiofe9Q=
-----END CERTIFICATE-----
Generated at Thu Oct 9 01:23:03 2025 by rpki-client