Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/834cec14-31c8-42fb-ab06-5c07ee79d6d1.roa
File:                     834cec14-31c8-42fb-ab06-5c07ee79d6d1.roa (raw, json)
Hash identifier:          j1hVDkHtlToZftt6rQhn041isPsLCBorGy9PyFlI1mk=
Subject key identifier:   1A:3F:CC:37:52:5A:E5:67:20:65:CE:17:88:CB:BD:40:23:D6:16:DE
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       4710490F7892415F31B284C6339D96CEDBA42E36
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/834cec14-31c8-42fb-ab06-5c07ee79d6d1.roa
Signing time:             Fri 11 Apr 2025 00:20:23 +0000
ROA not before:           Fri 11 Apr 2025 00:20:23 +0000
ROA not after:            Fri 16 May 2025 23:59:59 +0000
asID:                     21664
IP address blocks:        2605:9cc0:647::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 29 Apr 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:10:49:0f:78:92:41:5f:31:b2:84:c6:33:9d:96:ce:db:a4:2e:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Apr 11 00:20:23 2025 GMT
            Not After : May 16 23:59:59 2025 GMT
        Subject: serialNumber=380b272fd48384776922bf580839e09a3801bae6a6c923138efe7d4f93c2cb51, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:e5:e8:34:2e:4b:e8:7f:9e:71:87:6d:01:1b:
                    0e:7a:c6:99:12:c0:38:74:e4:e6:bc:5f:25:31:a8:
                    60:64:5b:12:25:13:92:68:bc:4d:69:3e:5b:14:fb:
                    f5:1f:b7:b4:fc:92:a7:77:22:56:56:ce:fa:e9:9d:
                    47:80:a9:74:ca:57:52:a2:e0:58:b5:fa:eb:10:4e:
                    ec:8f:ba:56:07:4a:e6:4c:92:da:46:11:6c:cb:66:
                    33:f5:e2:73:35:24:19:d9:42:bf:fb:ec:53:39:2a:
                    30:f0:5c:92:3a:92:6c:88:c1:33:54:26:6f:27:51:
                    f8:78:e9:31:7c:f7:ba:3b:5d:c3:5b:da:cf:84:4c:
                    7e:67:82:81:37:4a:e9:3a:d6:23:06:64:af:b0:d2:
                    45:69:d0:c7:d7:3c:ab:b0:2c:6c:23:f5:53:6d:0c:
                    ac:50:bf:e7:49:33:61:16:03:a7:85:d0:ef:dc:ec:
                    ea:8a:ae:28:93:81:04:6f:72:d5:c7:ae:e8:2b:71:
                    25:0a:50:8f:2c:4f:93:2a:d9:4d:59:0a:03:0d:20:
                    1d:e1:6b:26:29:b8:0e:82:34:8d:18:39:01:4b:6d:
                    8b:06:c8:a8:39:4d:da:68:af:f3:24:4e:2b:f3:06:
                    bf:c1:17:1a:4f:73:1e:a9:fc:ce:dd:9a:b8:06:29:
                    23:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:3F:CC:37:52:5A:E5:67:20:65:CE:17:88:CB:BD:40:23:D6:16:DE
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/834cec14-31c8-42fb-ab06-5c07ee79d6d1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:647::/48

    Signature Algorithm: sha256WithRSAEncryption
         8d:50:98:7f:85:bb:97:4f:2d:88:a8:94:db:fa:06:9e:36:86:
         b8:94:61:86:ab:a3:1c:09:94:fc:c0:64:2d:49:6a:13:9b:bf:
         cc:ea:e0:b5:8d:a3:40:aa:cf:29:83:cb:1f:7d:3b:6f:2a:d6:
         2e:6a:f6:5a:8a:4b:17:b1:85:a6:81:e1:0a:11:2c:64:4a:32:
         08:e8:ac:93:8f:d2:9a:ec:d7:b5:53:1f:75:cd:d4:b9:1d:12:
         04:93:ea:ac:d1:08:a1:a3:3a:74:95:fb:12:a7:11:03:9d:9c:
         d6:0b:33:09:9d:fd:73:78:30:28:9f:c0:35:a3:1b:0d:27:bc:
         f2:58:07:51:82:af:90:1c:29:25:a7:c4:f6:ec:18:50:97:14:
         bd:a7:22:6f:07:51:fe:a7:17:e8:88:ac:f7:21:f5:76:06:69:
         40:fa:78:61:50:5e:59:c4:1f:57:55:e2:29:40:53:ae:67:4b:
         2d:67:f4:03:ae:d5:18:ba:ee:4e:fe:88:ec:4c:f6:2a:17:59:
         09:b6:54:0f:15:cc:b6:f5:81:5e:1b:f2:7f:d6:34:b6:3e:f9:
         f2:8c:f0:6f:9b:c5:e4:fa:eb:f8:27:31:a3:40:17:20:44:a1:
         c3:ee:51:45:e1:8d:51:d7:c0:3d:5c:86:34:a9:92:e8:43:8e:
         40:bc:0f:e6
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIURxBJD3iSQV8xsoTGM52WztukLjYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNDExMDAyMDIzWhcNMjUwNTE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AzODBiMjcyZmQ0ODM4NDc3NjkyMmJmNTgwODM5ZTA5YTM4
MDFiYWU2YTZjOTIzMTM4ZWZlN2Q0ZjkzYzJjYjUxMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCt5eg0Lkvof55xh20BGw56xpkSwDh05Oa8XyUxqGBkWxIl
E5JovE1pPlsU+/Uft7T8kqd3IlZWzvrpnUeAqXTKV1Ki4Fi1+usQTuyPulYHSuZM
ktpGEWzLZjP14nM1JBnZQr/77FM5KjDwXJI6kmyIwTNUJm8nUfh46TF897o7XcNb
2s+ETH5ngoE3Suk61iMGZK+w0kVp0MfXPKuwLGwj9VNtDKxQv+dJM2EWA6eF0O/c
7OqKriiTgQRvctXHrugrcSUKUI8sT5Mq2U1ZCgMNIB3hayYpuA6CNI0YOQFLbYsG
yKg5Tdpor/MkTivzBr/BFxpPcx6p/M7dmrgGKSNTAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUGj/MN1Ja5WcgZc4XiMu9QCPWFt4wHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzgzNGNlYzE0LTMxYzgtNDJmYi1hYjA2LTVjMDdlZTc5ZDZkMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABkcwDQYJKoZIhvcNAQELBQADggEBAI1QmH+Fu5dPLYiolNv6Bp42
hriUYYaroxwJlPzAZC1JahObv8zq4LWNo0CqzymDyx99O28q1i5q9lqKSxexhaaB
4QoRLGRKMgjorJOP0prs17VTH3XN1LkdEgST6qzRCKGjOnSV+xKnEQOdnNYLMwmd
/XN4MCifwDWjGw0nvPJYB1GCr5AcKSWnxPbsGFCXFL2nIm8HUf6nF+iIrPch9XYG
aUD6eGFQXlnEH1dV4ilAU65nSy1n9AOu1Ri67k7+iOxM9ioXWQm2VA8VzLb1gV4b
8n/WNLY++fKM8G+bxeT66/gnMaNAFyBEocPuUUXhjVHXwD1chjSpkuhDjkC8D+Y=
-----END CERTIFICATE-----
Generated at Sun Apr 27 20:57:01 2025 by rpki-client