Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/2f44b632-2720-4ef0-917c-4b1813ed903f.roa
File:                     2f44b632-2720-4ef0-917c-4b1813ed903f.roa (raw, json)
Hash identifier:          H3Hjdx3jWVYt9RArw4gq/zBpxjgIYb1cBCyjLNxVMIs=
Subject key identifier:   7B:9B:38:29:D7:B9:A0:93:4C:A4:16:A6:1D:10:AF:44:AB:63:81:83
Certificate issuer:       /CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
Certificate serial:       04930C2DEAED7AA951B3A8F21EC3C6DB9E37D476
Authority key identifier: 99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/2f44b632-2720-4ef0-917c-4b1813ed903f.roa
Signing time:             Tue 21 Oct 2025 00:50:11 +0000
ROA not before:           Tue 21 Oct 2025 00:50:11 +0000
ROA not after:            Tue 25 Nov 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        96.127.64.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 27 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:93:0c:2d:ea:ed:7a:a9:51:b3:a8:f2:1e:c3:c6:db:9e:37:d4:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
        Validity
            Not Before: Oct 21 00:50:11 2025 GMT
            Not After : Nov 25 23:59:59 2025 GMT
        Subject: serialNumber=6d430097b5c975acea39590b4f8c7042ad1e414221d1f1bbdb1f5d08db463b0c, CN=0099a7ea-794a-4a28-b164-49547626eb11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:7f:de:23:c7:b5:f7:da:41:a7:32:20:dd:28:
                    da:ec:56:f2:f5:e8:51:ca:d3:72:17:e3:77:e3:e5:
                    2b:c5:78:35:09:da:69:49:42:af:21:af:21:ae:92:
                    48:93:66:8a:79:95:bb:2c:00:21:a3:e1:cb:5d:a8:
                    c3:fd:67:f3:0a:76:b8:8f:e6:87:2a:37:e6:4f:d2:
                    46:3e:32:0c:fe:83:b8:79:bc:ed:4e:ab:d3:cf:b6:
                    7d:39:7e:99:87:01:41:14:96:dd:41:63:77:e1:0c:
                    bf:b5:bb:ef:a5:1e:92:2b:8d:da:4c:b3:a4:d8:c7:
                    12:68:6e:c5:00:d8:3e:68:11:0d:2e:04:36:0f:b8:
                    b8:df:81:8e:a0:86:39:5f:0b:36:67:9a:bd:95:42:
                    e4:5f:62:14:06:d6:c0:13:9f:3b:ec:8e:83:f0:09:
                    19:ba:ea:fe:75:83:ad:f7:78:9b:75:b0:08:d8:dc:
                    76:26:e0:af:18:11:f0:9c:aa:63:c8:ad:9d:a3:79:
                    65:9d:dc:e0:e8:aa:a6:93:d0:00:01:73:37:00:85:
                    47:18:e5:71:e9:34:aa:35:9f:31:4f:6b:1c:65:e3:
                    7e:cb:95:90:d2:c1:ec:03:d5:a0:3f:6e:f7:11:4a:
                    98:e6:1e:78:a2:53:17:d6:76:50:64:24:83:de:80:
                    2a:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:9B:38:29:D7:B9:A0:93:4C:A4:16:A6:1D:10:AF:44:AB:63:81:83
            X509v3 Authority Key Identifier:
                keyid:99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/2f44b632-2720-4ef0-917c-4b1813ed903f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  96.127.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         3d:94:df:5b:b2:48:01:de:47:b9:61:39:16:9c:a7:bd:51:80:
         ca:43:62:b6:6d:46:92:07:54:02:ab:af:e0:4e:f5:08:94:c0:
         f4:b9:56:e8:c3:1a:11:ee:4f:71:aa:83:04:e9:44:06:ae:fb:
         25:e5:62:19:8c:9b:4b:2e:dd:15:5a:97:82:05:b2:ad:8e:36:
         f0:60:49:f8:67:ad:81:6c:4e:3a:99:2a:a0:9e:f2:35:17:6f:
         01:ae:53:f5:20:9d:e2:36:08:bf:c4:c2:ca:80:5b:12:95:50:
         0d:fc:ce:d0:8d:a8:cd:47:0f:d9:6d:7e:c7:56:eb:f5:c8:a2:
         ce:71:98:c9:3f:ab:f0:45:7f:20:7e:f9:54:8c:c1:7f:ec:6f:
         69:f4:a4:79:d1:6a:c2:ce:c7:35:f3:77:73:2e:0c:36:1f:bc:
         78:c2:e2:13:e0:76:65:f2:d6:2a:c5:ed:9f:f1:ec:6c:2b:96:
         e5:4e:f9:d6:e1:e1:ed:34:2c:58:70:55:f8:db:6c:7b:8f:83:
         56:c3:71:ee:c2:df:f1:3d:61:79:e5:bf:88:75:f2:03:51:74:
         40:84:9c:08:57:5e:a9:24:f7:70:e4:a1:51:b0:65:be:bf:8e:
         61:a4:f7:73:88:96:38:63:ed:00:6a:f0:8f:e7:a6:1a:f4:5a:
         af:26:20:57
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBJMMLerteqlRs6jyHsPG25431HYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzA1Njc2YzczM2ZkOGNjYWU1YmU2M2I5MmJkZGM5MGI3
YTViNzRlNjk0NDljMWViMDQwHhcNMjUxMDIxMDA1MDExWhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A2ZDQzMDA5N2I1Yzk3NWFjZWEzOTU5MGI0ZjhjNzA0MmFk
MWU0MTQyMjFkMWYxYmJkYjFmNWQwOGRiNDYzYjBjMS0wKwYDVQQDEyQwMDk5YTdl
YS03OTRhLTRhMjgtYjE2NC00OTU0NzYyNmViMTEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmf94jx7X32kGnMiDdKNrsVvL16FHK03IX43fj5SvFeDUJ
2mlJQq8hryGukkiTZop5lbssACGj4ctdqMP9Z/MKdriP5ocqN+ZP0kY+Mgz+g7h5
vO1Oq9PPtn05fpmHAUEUlt1BY3fhDL+1u++lHpIrjdpMs6TYxxJobsUA2D5oEQ0u
BDYPuLjfgY6ghjlfCzZnmr2VQuRfYhQG1sATnzvsjoPwCRm66v51g633eJt1sAjY
3HYm4K8YEfCcqmPIrZ2jeWWd3ODoqqaT0AABczcAhUcY5XHpNKo1nzFPaxxl437L
lZDSwewD1aA/bvcRSpjmHniiUxfWdlBkJIPegCoBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUe5s4Kde5oJNMpBamHRCvRKtjgYMwHwYDVR0jBBgwFoAUmcNUTAjJlFS4
eZUe/6R6j2PIp3cwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi83N2I1NjQyOC05
YjUyLTQxNmYtYjI3OS1iYmFlMTQ0MjJkZTIvYzA1Njc2YzczM2ZkOGNjYWU1YmU2
M2I5MmJkZGM5MGI3YTViNzRlNjk0NDljMWViMDQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNDI1ODJjNjctZGQzZi00YmM1LWJhNjAtZTk3
ZTU1MmM2ZTM1LzJmNDRiNjMyLTI3MjAtNGVmMC05MTdjLTRiMTgxM2VkOTAzZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzQyNTgyYzY3LWRkM2YtNGJjNS1iYTYw
LWU5N2U1NTJjNmUzNS9fWXpLNWI1anVTdmR5UXQ2VzNUbWxFbkI2d1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZgf0AwDQYJKoZIhvcNAQELBQADggEBAD2U31uySAHeR7lhORacp71RgMpD
YrZtRpIHVAKrr+BO9QiUwPS5VujDGhHuT3GqgwTpRAau+yXlYhmMm0su3RVal4IF
sq2ONvBgSfhnrYFsTjqZKqCe8jUXbwGuU/UgneI2CL/EwsqAWxKVUA38ztCNqM1H
D9ltfsdW6/XIos5xmMk/q/BFfyB++VSMwX/sb2n0pHnRasLOxzXzd3MuDDYfvHjC
4hPgdmXy1irF7Z/x7GwrluVO+dbh4e00LFhwVfjbbHuPg1bDce7C3/E9YXnlv4h1
8gNRdECEnAhXXqkk93DkoVGwZb6/jmGk93OIljhj7QBq8I/nphr0Wq8mIFc=
-----END CERTIFICATE-----
Generated at Fri Oct 24 17:13:18 2025 by rpki-client