Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/5fa46662-88d2-4fa9-9076-26587048b3d0.roa
File:                     5fa46662-88d2-4fa9-9076-26587048b3d0.roa (raw, json)
Hash identifier:          s/2f3OLLE1/Bso9qwQhaNJfFo9HO7UgysVW8K+B2VJI=
Subject key identifier:   B5:B6:CE:7E:C1:EA:3E:67:2F:55:A3:3C:A3:93:DF:49:7A:C0:5D:6F
Certificate issuer:       /CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
Certificate serial:       61CCDE583CEECD7932F2B40899C78993DEA82DDE
Authority key identifier: 99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/5fa46662-88d2-4fa9-9076-26587048b3d0.roa
Signing time:             Tue 21 Oct 2025 00:50:12 +0000
ROA not before:           Tue 21 Oct 2025 00:50:12 +0000
ROA not after:            Tue 25 Nov 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        96.127.8.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 27 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:cc:de:58:3c:ee:cd:79:32:f2:b4:08:99:c7:89:93:de:a8:2d:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
        Validity
            Not Before: Oct 21 00:50:12 2025 GMT
            Not After : Nov 25 23:59:59 2025 GMT
        Subject: serialNumber=529febcf1192ee2cb67281f4d980935e1c3b0b1013deaf8a9864668d01b92ed9, CN=0099a7ea-794a-4a28-b164-49547626eb11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:f3:80:bb:3d:08:4f:a6:02:83:6c:6d:07:d8:
                    cf:aa:82:11:82:96:1f:4a:d8:a8:a1:68:24:0e:95:
                    c9:dc:8d:0f:03:67:3a:b3:48:75:c8:f4:f7:d1:75:
                    1d:7a:63:97:e1:ae:15:e8:ba:36:65:40:5a:a7:a0:
                    ef:c1:29:99:15:77:90:7e:b0:6e:f6:e5:5b:1d:07:
                    cf:a6:5d:8a:c3:fc:3b:ec:22:1c:dd:8f:75:25:f2:
                    5e:27:77:55:d9:d3:57:db:9c:82:5d:5b:62:bd:37:
                    35:65:48:ff:ec:26:9e:ce:1b:7f:1d:a0:22:89:a9:
                    71:41:09:08:53:d2:52:ac:fc:9c:9d:0d:6f:48:a0:
                    ff:84:0d:51:b8:a3:ef:57:ff:72:9a:8d:e4:d0:9c:
                    59:77:93:93:50:f0:6b:75:5c:40:f5:c8:ac:7b:17:
                    9d:1f:4f:86:05:b9:60:55:f0:f8:1d:36:5b:8f:ac:
                    27:38:6e:ed:66:1f:6a:4d:f9:1f:25:22:95:99:02:
                    4e:bd:ed:ed:d1:b3:e7:b4:b4:c0:58:f6:de:e4:48:
                    a7:92:9f:7d:f1:db:50:e1:63:ec:23:aa:53:72:88:
                    39:95:8f:59:44:71:23:fb:2b:7b:ae:d6:99:2d:af:
                    f6:a8:5a:28:e2:89:31:4a:20:e5:35:f0:48:b8:51:
                    2b:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:B6:CE:7E:C1:EA:3E:67:2F:55:A3:3C:A3:93:DF:49:7A:C0:5D:6F
            X509v3 Authority Key Identifier:
                keyid:99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/5fa46662-88d2-4fa9-9076-26587048b3d0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  96.127.8.0/21

    Signature Algorithm: sha256WithRSAEncryption
         52:2f:0b:59:9f:ca:23:0d:68:73:30:70:ad:b8:55:65:50:47:
         b4:1e:3d:07:b4:03:ea:c0:90:a8:69:27:4e:a1:6c:03:5e:ae:
         27:6a:ec:48:47:2a:18:31:e1:ff:d7:6a:06:6c:5d:8c:a7:91:
         30:44:ab:d3:e4:e6:bb:93:fa:6e:2b:d7:94:61:b3:1b:a4:71:
         17:d2:73:c8:4a:3a:1b:4d:32:4a:97:8b:20:02:4a:97:f4:de:
         65:8c:ec:0a:2b:20:5a:b4:45:df:23:f2:52:87:4f:7f:e0:08:
         47:5b:4d:b6:1a:69:72:25:6d:c6:51:e7:d3:3d:e6:dd:51:6c:
         e9:50:c5:eb:21:7f:ad:b3:e0:d2:76:f9:0e:64:f2:28:44:a3:
         ae:06:18:52:f8:6e:7f:ac:5c:d9:f4:fb:7a:3e:1f:5c:c5:d6:
         39:07:5b:61:1b:1d:a2:a4:8d:81:75:a3:3b:df:ae:3a:4b:e4:
         71:8c:de:a5:26:20:3a:8f:2f:05:1f:2a:29:63:d3:2a:a4:8c:
         7a:32:b2:18:c0:37:75:c8:c5:47:60:a8:39:85:a6:2b:69:79:
         85:a9:d1:b0:5c:f4:6b:41:69:fe:de:b6:65:99:00:d1:ef:bc:
         b5:6e:77:99:93:ac:80:d0:4e:09:f2:ff:a9:d3:90:a8:91:c2:
         c2:ff:e2:7c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYczeWDzuzXky8rQImceJk96oLd4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzA1Njc2YzczM2ZkOGNjYWU1YmU2M2I5MmJkZGM5MGI3
YTViNzRlNjk0NDljMWViMDQwHhcNMjUxMDIxMDA1MDEyWhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A1MjlmZWJjZjExOTJlZTJjYjY3MjgxZjRkOTgwOTM1ZTFj
M2IwYjEwMTNkZWFmOGE5ODY0NjY4ZDAxYjkyZWQ5MS0wKwYDVQQDEyQwMDk5YTdl
YS03OTRhLTRhMjgtYjE2NC00OTU0NzYyNmViMTEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC384C7PQhPpgKDbG0H2M+qghGClh9K2KihaCQOlcncjQ8D
ZzqzSHXI9PfRdR16Y5fhrhXoujZlQFqnoO/BKZkVd5B+sG725VsdB8+mXYrD/Dvs
Ihzdj3Ul8l4nd1XZ01fbnIJdW2K9NzVlSP/sJp7OG38doCKJqXFBCQhT0lKs/Jyd
DW9IoP+EDVG4o+9X/3KajeTQnFl3k5NQ8Gt1XED1yKx7F50fT4YFuWBV8PgdNluP
rCc4bu1mH2pN+R8lIpWZAk697e3Rs+e0tMBY9t7kSKeSn33x21DhY+wjqlNyiDmV
j1lEcSP7K3uu1pktr/aoWijiiTFKIOU18Ei4USvTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUtbbOfsHqPmcvVaM8o5PfSXrAXW8wHwYDVR0jBBgwFoAUmcNUTAjJlFS4
eZUe/6R6j2PIp3cwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi83N2I1NjQyOC05
YjUyLTQxNmYtYjI3OS1iYmFlMTQ0MjJkZTIvYzA1Njc2YzczM2ZkOGNjYWU1YmU2
M2I5MmJkZGM5MGI3YTViNzRlNjk0NDljMWViMDQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNDI1ODJjNjctZGQzZi00YmM1LWJhNjAtZTk3
ZTU1MmM2ZTM1LzVmYTQ2NjYyLTg4ZDItNGZhOS05MDc2LTI2NTg3MDQ4YjNkMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzQyNTgyYzY3LWRkM2YtNGJjNS1iYTYw
LWU5N2U1NTJjNmUzNS9fWXpLNWI1anVTdmR5UXQ2VzNUbWxFbkI2d1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANgfwgwDQYJKoZIhvcNAQELBQADggEBAFIvC1mfyiMNaHMwcK24VWVQR7Qe
PQe0A+rAkKhpJ06hbANeridq7EhHKhgx4f/XagZsXYynkTBEq9Pk5ruT+m4r15Rh
sxukcRfSc8hKOhtNMkqXiyACSpf03mWM7AorIFq0Rd8j8lKHT3/gCEdbTbYaaXIl
bcZR59M95t1RbOlQxeshf62z4NJ2+Q5k8ihEo64GGFL4bn+sXNn0+3o+H1zF1jkH
W2EbHaKkjYF1ozvfrjpL5HGM3qUmIDqPLwUfKilj0yqkjHoyshjAN3XIxUdgqDmF
pitpeYWp0bBc9GtBaf7etmWZANHvvLVud5mTrIDQTgny/6nTkKiRwsL/4nw=
-----END CERTIFICATE-----
Generated at Fri Oct 24 17:21:00 2025 by rpki-client