Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/403622d9-a664-4a85-8a9f-5e0ce4cd4726.roa
File:                     403622d9-a664-4a85-8a9f-5e0ce4cd4726.roa (raw, json)
Hash identifier:          8cuEnR6TN4wlosYau1kZTkKhbPf2Jr5Vh6M8PyVj65o=
Subject key identifier:   33:96:05:8E:CA:5E:7A:5C:90:8D:A9:4B:2B:BB:86:EB:78:16:6A:75
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       2F38EB275A64C41F35633C4C5A872757E7740EF3
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/403622d9-a664-4a85-8a9f-5e0ce4cd4726.roa
Signing time:             Mon 21 Jul 2025 16:20:10 +0000
ROA not before:           Mon 21 Jul 2025 16:20:10 +0000
ROA not after:            Mon 25 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:c0b::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:38:eb:27:5a:64:c4:1f:35:63:3c:4c:5a:87:27:57:e7:74:0e:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jul 21 16:20:10 2025 GMT
            Not After : Aug 25 23:59:59 2025 GMT
        Subject: serialNumber=767c4ef8c0376cf0fb172fdce399518f7b23d46c853b27a66dc55dcb4733d00b, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:9c:72:0a:1b:8c:c4:b3:8e:fb:fa:d6:5c:9a:
                    2f:56:05:1d:34:14:d4:c9:0b:73:80:f2:e6:40:78:
                    a5:8e:23:36:ba:83:f3:5b:09:92:b6:16:40:9a:7f:
                    6a:9b:73:5b:e0:95:6f:f2:b8:9d:cc:3a:f1:fd:55:
                    1e:c1:56:fe:23:78:e5:00:41:a9:b5:fa:b9:40:ac:
                    12:83:7f:fb:7d:5f:74:05:06:3b:6b:e9:a8:2d:8e:
                    ac:09:94:7d:b9:b9:52:2a:3d:d9:f2:0f:9f:be:29:
                    12:13:3f:33:a3:e4:f8:3c:75:77:7b:c3:a5:b4:fb:
                    c9:11:59:a1:5e:19:f8:7b:e0:89:a8:7e:57:75:33:
                    86:1d:04:4d:14:e2:ad:1b:24:ee:b2:7f:ad:19:97:
                    5c:27:fb:cd:9f:d2:02:8b:20:d6:a4:7c:65:88:7e:
                    d6:0c:89:c8:21:ae:b7:1f:4e:9b:4c:8e:bc:bf:d5:
                    a0:78:81:b3:2d:d9:47:3f:fc:3a:c4:a1:9f:e6:a6:
                    cd:47:cb:b5:ae:2b:e8:04:9b:b1:dd:c9:9c:a7:87:
                    38:c6:5b:ce:d1:58:17:82:5e:a1:1a:b8:c3:20:c3:
                    8d:57:99:fb:ca:b0:d8:34:e2:f2:c0:0b:c5:5a:fd:
                    c9:4b:d6:3b:74:f2:96:9d:db:b5:8e:4d:0d:47:31:
                    f2:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:96:05:8E:CA:5E:7A:5C:90:8D:A9:4B:2B:BB:86:EB:78:16:6A:75
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/403622d9-a664-4a85-8a9f-5e0ce4cd4726.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c0b::/48

    Signature Algorithm: sha256WithRSAEncryption
         a3:f8:ff:70:cc:bd:97:b4:6d:cd:d7:62:ec:c5:44:79:03:86:
         af:6e:d1:8f:db:3a:39:bd:f0:8b:f6:4f:b5:25:82:13:39:c7:
         3a:12:77:58:a9:da:dc:2e:d0:c8:c1:e8:a3:c3:c7:56:25:8e:
         d3:27:27:10:33:2c:b8:01:0a:db:cd:45:aa:13:2e:87:44:fc:
         0f:67:db:d1:39:a2:4c:a3:40:9b:47:f1:fc:db:0d:a2:cf:d3:
         66:11:59:52:65:36:05:44:09:03:15:56:8b:aa:9b:cf:e8:be:
         5e:27:06:93:9a:df:e8:6d:1c:37:c4:02:dd:b2:17:e1:34:64:
         b6:c4:cf:9e:cd:4c:b1:dd:7a:a7:d3:90:0d:b8:a9:07:54:93:
         9f:16:61:7e:48:f1:25:3a:d5:16:f0:d2:c1:b6:d8:3f:35:b2:
         be:53:d0:fc:1d:98:28:7f:cc:71:a9:0c:81:86:03:22:6c:22:
         db:01:9b:39:c8:ff:02:52:26:38:93:ff:23:9a:48:ed:4c:3b:
         cd:15:fb:54:3c:82:5e:62:55:15:78:83:25:7b:c2:70:d3:33:
         87:68:b1:8a:3d:52:7f:5c:f5:91:e0:29:3c:ef:5f:fb:23:19:
         2e:ad:13:de:64:68:7f:f7:d6:e9:10:85:14:b8:33:0c:40:e0:
         5f:eb:9a:98
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIULzjrJ1pkxB81YzxMWocnV+d0DvMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNzIxMTYyMDEwWhcNMjUwODI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A3NjdjNGVmOGMwMzc2Y2YwZmIxNzJmZGNlMzk5NTE4Zjdi
MjNkNDZjODUzYjI3YTY2ZGM1NWRjYjQ3MzNkMDBiMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDhnHIKG4zEs477+tZcmi9WBR00FNTJC3OA8uZAeKWOIza6
g/NbCZK2FkCaf2qbc1vglW/yuJ3MOvH9VR7BVv4jeOUAQam1+rlArBKDf/t9X3QF
Bjtr6agtjqwJlH25uVIqPdnyD5++KRITPzOj5Pg8dXd7w6W0+8kRWaFeGfh74Imo
fld1M4YdBE0U4q0bJO6yf60Zl1wn+82f0gKLINakfGWIftYMicghrrcfTptMjry/
1aB4gbMt2Uc//DrEoZ/mps1Hy7WuK+gEm7HdyZynhzjGW87RWBeCXqEauMMgw41X
mfvKsNg04vLAC8Va/clL1jt08pad27WOTQ1HMfLFAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUM5YFjspeelyQjalLK7uG63gWanUwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzQwMzYyMmQ5LWE2NjQtNGE4NS04YTlmLTVlMGNlNGNkNDcyNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADAswDQYJKoZIhvcNAQELBQADggEBAKP4/3DMvZe0bc3XYuzFRHkD
hq9u0Y/bOjm98Iv2T7UlghM5xzoSd1ip2twu0MjB6KPDx1YljtMnJxAzLLgBCtvN
RaoTLodE/A9n29E5okyjQJtH8fzbDaLP02YRWVJlNgVECQMVVouqm8/ovl4nBpOa
3+htHDfEAt2yF+E0ZLbEz57NTLHdeqfTkA24qQdUk58WYX5I8SU61Rbw0sG22D81
sr5T0PwdmCh/zHGpDIGGAyJsItsBmznI/wJSJjiT/yOaSO1MO80V+1Q8gl5iVRV4
gyV7wnDTM4dosYo9Un9c9ZHgKTzvX/sjGS6tE95kaH/31ukQhRS4MwxA4F/rmpg=
-----END CERTIFICATE-----
Generated at Tue Aug 5 08:17:09 2025 by rpki-client