Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/0e389254-682a-49dc-8f48-9e1c009e2b94.roa
File:                     0e389254-682a-49dc-8f48-9e1c009e2b94.roa (raw, json)
Hash identifier:          GUS1zu1MhLH12SpL6BzEIH53dupv8JsiAGB02v3EZMo=
Subject key identifier:   AC:FE:51:6E:33:82:50:8A:95:7E:D5:18:A1:29:F4:71:42:0E:00:B4
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       5EC4AD3597A5AE12700355999A99ED3541E24730
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/0e389254-682a-49dc-8f48-9e1c009e2b94.roa
Signing time:             Mon 21 Jul 2025 16:11:06 +0000
ROA not before:           Mon 21 Jul 2025 16:11:06 +0000
ROA not after:            Mon 25 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:64c::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 01:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:c4:ad:35:97:a5:ae:12:70:03:55:99:9a:99:ed:35:41:e2:47:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jul 21 16:11:06 2025 GMT
            Not After : Aug 25 23:59:59 2025 GMT
        Subject: serialNumber=1b7d17e5514519427c3356308addc4767bf9e1b4f85c736a127ad73a824ce60a, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:91:50:cc:e3:2f:d8:f4:55:e9:86:f6:79:2e:
                    0a:43:8d:6a:c6:03:a5:a7:bb:12:f9:4e:3d:e9:23:
                    3d:21:e1:fd:60:c3:cf:82:20:cd:61:88:67:ca:96:
                    c9:d3:1a:08:5c:2c:ec:40:ba:bf:52:4c:05:85:ff:
                    e9:1b:e2:64:cb:5f:86:ab:0d:0a:6a:08:ae:2e:10:
                    e5:ba:ed:dd:9c:00:de:73:2c:23:1c:73:e0:16:9e:
                    0c:e1:87:c6:53:ba:a3:3b:dc:d9:69:8e:88:7d:d3:
                    2a:41:aa:11:bc:62:30:7d:56:5d:68:2f:7c:d8:66:
                    bc:19:90:aa:4a:54:65:ed:0d:f7:5b:c8:d3:84:ee:
                    e1:0d:fb:27:5d:20:49:41:a4:3c:91:a6:5d:83:8d:
                    2a:f0:c1:34:32:40:2b:3c:5a:41:64:52:f5:49:03:
                    ec:3c:5f:40:4d:ad:96:af:3e:51:95:6a:fc:6d:cd:
                    33:96:c3:fd:16:cd:d1:13:a5:39:4a:cc:a7:48:cc:
                    74:ad:12:8b:a0:a2:00:a4:6d:9d:06:25:d2:b2:77:
                    2d:ad:ae:86:e8:57:be:35:44:f0:1f:52:a4:42:29:
                    b1:42:42:72:06:e0:ee:8e:4f:d2:a7:aa:77:29:0e:
                    5e:eb:23:d2:a1:1f:e0:05:58:94:92:48:6e:3b:5c:
                    c2:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:FE:51:6E:33:82:50:8A:95:7E:D5:18:A1:29:F4:71:42:0E:00:B4
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/0e389254-682a-49dc-8f48-9e1c009e2b94.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:64c::/48

    Signature Algorithm: sha256WithRSAEncryption
         75:27:b8:43:52:a7:32:aa:9f:44:77:4b:d6:0e:fb:64:64:b6:
         1b:ea:d6:62:d9:c2:14:c5:92:c4:56:2b:40:ee:38:31:68:d0:
         2e:dc:6a:27:d2:ff:fa:1e:e8:7b:ec:02:af:68:02:08:1d:e1:
         a5:cd:a4:39:88:27:71:4e:a6:ae:60:d9:ad:f9:9d:a6:fa:ae:
         29:0b:31:46:78:4b:e4:33:58:d5:cd:c1:ec:83:e6:bc:8b:24:
         e6:03:e9:d8:be:56:ab:30:16:af:5d:1c:19:eb:1e:52:5e:23:
         19:cd:66:0a:ba:14:2f:09:00:72:51:c5:36:65:56:1a:7b:49:
         b1:2c:b7:1d:47:f2:d5:1d:89:d8:71:fa:7f:ac:3e:9e:5b:a9:
         ae:1d:72:46:c6:d9:19:c5:61:ae:d8:b9:4b:4e:5b:aa:33:53:
         2b:5d:8e:0d:bd:61:45:82:a2:74:5f:a9:08:c3:9d:e6:2c:7e:
         94:97:62:51:20:5e:4a:8d:1e:38:95:91:7b:f8:01:9b:a0:ca:
         07:de:ea:ef:9c:26:1c:ca:71:16:85:9a:37:8c:c3:f8:29:2d:
         1a:f7:5b:79:bd:58:42:63:23:be:d9:b0:2c:a5:33:cb:57:d4:
         0a:86:59:70:19:ec:8b:b9:12:ed:38:45:82:82:f1:dd:37:7f:
         26:0e:42:c4
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUXsStNZelrhJwA1WZmpntNUHiRzAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNzIxMTYxMTA2WhcNMjUwODI1MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYjdkMTdlNTUxNDUxOTQyN2MzMzU2MzA4YWRkYzQ3Njdi
ZjllMWI0Zjg1YzczNmExMjdhZDczYTgyNGNlNjBhMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmkVDM4y/Y9FXphvZ5LgpDjWrGA6WnuxL5Tj3pIz0h4f1g
w8+CIM1hiGfKlsnTGghcLOxAur9STAWF/+kb4mTLX4arDQpqCK4uEOW67d2cAN5z
LCMcc+AWngzhh8ZTuqM73Nlpjoh90ypBqhG8YjB9Vl1oL3zYZrwZkKpKVGXtDfdb
yNOE7uEN+yddIElBpDyRpl2DjSrwwTQyQCs8WkFkUvVJA+w8X0BNrZavPlGVavxt
zTOWw/0WzdETpTlKzKdIzHStEougogCkbZ0GJdKydy2troboV741RPAfUqRCKbFC
QnIG4O6OT9KnqncpDl7rI9KhH+AFWJSSSG47XMInAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUrP5RbjOCUIqVftUYoSn0cUIOALQwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzBlMzg5MjU0LTY4MmEtNDlkYy04ZjQ4LTllMWMwMDllMmI5NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABkwwDQYJKoZIhvcNAQELBQADggEBAHUnuENSpzKqn0R3S9YO+2Rk
thvq1mLZwhTFksRWK0DuODFo0C7caifS//oe6HvsAq9oAggd4aXNpDmIJ3FOpq5g
2a35nab6rikLMUZ4S+QzWNXNweyD5ryLJOYD6di+VqswFq9dHBnrHlJeIxnNZgq6
FC8JAHJRxTZlVhp7SbEstx1H8tUdidhx+n+sPp5bqa4dckbG2RnFYa7YuUtOW6oz
Uytdjg29YUWConRfqQjDneYsfpSXYlEgXkqNHjiVkXv4AZugygfe6u+cJhzKcRaF
mjeMw/gpLRr3W3m9WEJjI77ZsCylM8tX1AqGWXAZ7Iu5Eu04RYKC8d03fyYOQsQ=
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:25:35 2025 by rpki-client