Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/41bd3cf9-8613-4e24-ae61-0f8b0a979958.roa
File:                     41bd3cf9-8613-4e24-ae61-0f8b0a979958.roa (raw, json)
Hash identifier:          uXRzrhfl//95+XcmpQr3Y2mrw3qdTWaYSwIqN4F+LpI=
Subject key identifier:   3A:54:57:F0:9F:EF:0E:34:EF:CD:8A:09:D9:79:84:B0:AB:85:15:77
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       4C1FB89B405CBBF244CFB084D8ADCEFDC003AD96
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/41bd3cf9-8613-4e24-ae61-0f8b0a979958.roa
Signing time:             Mon 21 Jul 2025 16:30:13 +0000
ROA not before:           Mon 21 Jul 2025 16:30:13 +0000
ROA not after:            Mon 25 Aug 2025 23:59:59 +0000
asID:                     40045
IP address blocks:        2605:9cc0:c16::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:1f:b8:9b:40:5c:bb:f2:44:cf:b0:84:d8:ad:ce:fd:c0:03:ad:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jul 21 16:30:13 2025 GMT
            Not After : Aug 25 23:59:59 2025 GMT
        Subject: serialNumber=f3c30ab5428d2fc2dc5a4739d958209a87aee63e52ada2bd95758e2eb1d5a5fa, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:0c:9f:89:0f:37:1f:39:5e:b4:4b:fb:cf:ef:
                    4a:85:26:e2:5f:36:f3:55:a0:91:00:c2:8b:32:55:
                    bf:f1:95:5f:25:7e:46:b3:b8:56:65:21:bc:14:e9:
                    8b:be:f1:8e:dd:b9:e3:46:bf:24:ae:39:d1:89:1a:
                    c6:5d:be:00:d8:7f:ba:89:09:e1:af:f0:1a:9c:b6:
                    ee:25:40:94:84:b9:88:8d:ac:bd:06:e8:24:5a:0f:
                    6b:a5:58:a1:17:93:57:8f:b7:18:41:ee:94:a8:ff:
                    41:42:8d:4e:1e:b9:d4:a6:18:ab:b4:13:cf:1d:d2:
                    67:cf:b0:20:8d:00:9e:12:9f:5e:ed:a4:81:73:8b:
                    0c:57:b0:50:fa:87:35:68:ae:f1:55:e5:c2:79:06:
                    a3:0e:ca:4c:9c:ea:26:38:30:9e:9b:b4:8f:8b:ca:
                    9b:24:c1:19:f2:86:25:cb:e8:34:95:ce:8b:69:f6:
                    d2:c1:b3:d5:9a:fa:0a:36:c2:ad:b9:f6:7a:91:cf:
                    78:e4:15:78:3d:c5:53:6a:27:07:9c:05:4a:52:b9:
                    3a:74:48:7c:77:f3:e8:88:1f:6b:0d:cf:36:a1:0b:
                    47:11:fe:82:e0:ef:33:52:e2:89:bf:4c:df:c3:c2:
                    a7:81:5b:c3:e1:3a:b6:0f:a9:07:f2:a0:70:86:fb:
                    1f:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:54:57:F0:9F:EF:0E:34:EF:CD:8A:09:D9:79:84:B0:AB:85:15:77
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/41bd3cf9-8613-4e24-ae61-0f8b0a979958.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c16::/48

    Signature Algorithm: sha256WithRSAEncryption
         1c:a4:43:73:62:24:8a:56:00:2a:05:ae:e2:a3:44:f5:4d:16:
         c1:5d:89:ee:2f:3e:12:64:37:aa:91:d2:9e:1d:cd:30:c9:c2:
         22:9b:c3:af:da:bc:3e:49:3a:bf:b2:b1:68:0b:60:0a:82:ee:
         fe:c6:aa:5a:84:44:22:77:02:9d:76:3d:4a:27:eb:5d:ec:ff:
         b9:c3:94:8f:ff:08:15:34:29:e1:ab:89:c9:78:06:1f:93:03:
         f9:d0:b0:a0:1d:1d:e2:ed:b8:59:31:27:00:c5:d9:db:d6:b0:
         60:28:59:ad:cf:f1:31:39:c6:f8:87:6b:64:99:ee:aa:96:13:
         92:ac:98:7a:1e:92:57:43:7d:48:32:a6:02:2e:88:9c:ee:8e:
         da:35:cd:37:39:4e:97:30:1a:34:f0:ac:56:98:fa:dc:6b:fe:
         f0:4a:0b:98:3a:1c:e7:0b:67:69:d8:70:36:ba:18:14:ea:3b:
         e4:a4:17:ad:df:29:01:03:77:aa:50:28:69:42:cc:a5:0b:cb:
         58:be:7b:10:e7:6c:0f:3f:c9:8e:c4:03:01:c0:ac:7e:2f:ba:
         45:84:37:8b:4b:95:b6:65:c8:85:ca:eb:5b:21:9d:8e:57:f7:
         3d:d9:86:de:c9:23:29:4a:c2:f2:58:ec:35:e6:23:1b:80:8e:
         9a:43:66:7a
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUTB+4m0Bcu/JEz7CE2K3O/cADrZYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNzIxMTYzMDEzWhcNMjUwODI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BmM2MzMGFiNTQyOGQyZmMyZGM1YTQ3MzlkOTU4MjA5YTg3
YWVlNjNlNTJhZGEyYmQ5NTc1OGUyZWIxZDVhNWZhMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBDJ+JDzcfOV60S/vP70qFJuJfNvNVoJEAwosyVb/xlV8l
fkazuFZlIbwU6Yu+8Y7dueNGvySuOdGJGsZdvgDYf7qJCeGv8Bqctu4lQJSEuYiN
rL0G6CRaD2ulWKEXk1ePtxhB7pSo/0FCjU4eudSmGKu0E88d0mfPsCCNAJ4Sn17t
pIFziwxXsFD6hzVorvFV5cJ5BqMOykyc6iY4MJ6btI+LypskwRnyhiXL6DSVzotp
9tLBs9Wa+go2wq259nqRz3jkFXg9xVNqJwecBUpSuTp0SHx38+iIH2sNzzahC0cR
/oLg7zNS4om/TN/DwqeBW8PhOrYPqQfyoHCG+x8jAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUOlRX8J/vDjTvzYoJ2XmEsKuFFXcwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzQxYmQzY2Y5LTg2MTMtNGUyNC1hZTYxLTBmOGIwYTk3OTk1OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADBYwDQYJKoZIhvcNAQELBQADggEBABykQ3NiJIpWACoFruKjRPVN
FsFdie4vPhJkN6qR0p4dzTDJwiKbw6/avD5JOr+ysWgLYAqC7v7GqlqERCJ3Ap12
PUon613s/7nDlI//CBU0KeGricl4Bh+TA/nQsKAdHeLtuFkxJwDF2dvWsGAoWa3P
8TE5xviHa2SZ7qqWE5KsmHoekldDfUgypgIuiJzujto1zTc5TpcwGjTwrFaY+txr
/vBKC5g6HOcLZ2nYcDa6GBTqO+SkF63fKQEDd6pQKGlCzKULy1i+exDnbA8/yY7E
AwHArH4vukWEN4tLlbZlyIXK61shnY5X9z3Zht7JIylKwvJY7DXmIxuAjppDZno=
-----END CERTIFICATE-----
Generated at Wed Aug 6 12:29:21 2025 by rpki-client