Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/8a5ff071-2589-4b8f-bab2-ab661880d472.roa
File:                     8a5ff071-2589-4b8f-bab2-ab661880d472.roa (raw, json)
Hash identifier:          Cj+Va2Ja14YXEPXjdkZdgPiTCeBcpHKhSRyMwDOiPx4=
Subject key identifier:   02:27:BC:AF:23:6F:00:1B:44:7A:22:3F:B9:C0:6C:6D:ED:24:52:44
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       3E9C6E905331297B189FB09435FDF605216F4A12
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/8a5ff071-2589-4b8f-bab2-ab661880d472.roa
Signing time:             Mon 28 Jul 2025 16:00:14 +0000
ROA not before:           Mon 28 Jul 2025 16:00:14 +0000
ROA not after:            Mon 01 Sep 2025 23:59:59 +0000
asID:                     21664
IP address blocks:        2605:9cc0:3c2::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:9c:6e:90:53:31:29:7b:18:9f:b0:94:35:fd:f6:05:21:6f:4a:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jul 28 16:00:14 2025 GMT
            Not After : Sep  1 23:59:59 2025 GMT
        Subject: serialNumber=8fd187d9a66fc2182bf5534de600913cc4bec187aacd3de514dadf450b134915, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:4f:42:49:3c:59:6b:0a:79:b3:10:bc:94:49:
                    7e:fa:75:61:c4:83:e1:73:05:47:83:8d:9d:78:55:
                    2b:db:4e:9c:d8:3a:ab:4c:d4:13:e2:4d:fd:01:b8:
                    07:90:50:d1:7c:3d:ea:0d:a2:10:e9:82:d4:5f:53:
                    47:c4:41:a0:38:4d:7f:d3:b7:c9:e7:25:a6:d7:be:
                    86:32:89:54:b3:fc:e4:70:88:ff:80:32:f9:f5:3a:
                    4d:60:b8:c5:4b:71:ab:77:cf:f5:9f:bd:fc:41:d2:
                    3c:35:74:f7:7d:0b:b9:82:b0:97:aa:99:1a:26:fd:
                    0c:08:89:b8:3d:7b:95:8f:35:b4:49:06:2f:bf:18:
                    56:d8:e7:01:0a:b4:69:f4:11:6c:e8:72:3a:45:b9:
                    55:3b:9f:9c:b7:de:9d:58:b3:46:a4:e0:6a:b3:f8:
                    8c:a6:f3:a1:21:4f:c3:0d:17:07:46:f9:72:dd:a4:
                    9f:b4:dc:19:d2:5f:46:7f:20:6c:a5:bf:4c:20:d1:
                    63:50:08:c9:c4:b4:0c:b9:95:ca:83:9b:ed:73:cc:
                    56:8f:66:64:ff:d7:30:29:35:a6:c4:f6:f4:e5:49:
                    45:3c:db:7d:ed:67:fc:e3:84:3f:1b:53:7b:82:1d:
                    2a:b8:35:a9:00:16:b3:28:84:46:5c:5a:4d:57:23:
                    fd:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:27:BC:AF:23:6F:00:1B:44:7A:22:3F:B9:C0:6C:6D:ED:24:52:44
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/8a5ff071-2589-4b8f-bab2-ab661880d472.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:3c2::/48

    Signature Algorithm: sha256WithRSAEncryption
         7b:77:50:a1:b1:55:04:4a:09:12:08:a1:1b:b7:b4:0f:10:0a:
         c3:8e:7b:59:78:8a:d2:39:05:9c:e9:75:9f:ce:c9:1c:35:95:
         d8:5a:c2:bd:e8:e6:88:a1:13:56:80:f0:41:16:d3:45:10:41:
         08:85:16:ac:f1:8c:17:47:78:f2:61:3e:b2:54:14:3c:85:37:
         2f:44:56:6b:0c:ef:76:bb:b0:0a:8e:58:c1:cc:27:f7:c1:16:
         28:0d:84:b4:29:21:25:66:e6:86:0b:c2:8b:03:43:d6:07:27:
         cf:be:cd:58:32:83:5d:bd:42:4e:52:44:6d:59:67:f1:b6:8f:
         af:b3:18:8b:f0:2d:71:b4:e4:a5:d4:5e:36:1f:73:4b:a5:37:
         bb:1b:89:22:93:0c:8e:37:07:33:de:ee:ae:40:d7:6e:77:a0:
         05:86:d6:10:ee:f0:f1:bc:5c:ac:29:65:80:bf:98:99:13:a3:
         32:e3:17:0f:a5:fe:b2:01:27:d7:e8:b3:8f:94:ae:8c:87:e2:
         40:7c:8e:d3:c4:97:c0:0a:f7:b6:08:89:1c:b4:34:a2:cd:f7:
         df:32:ae:d2:32:5f:b8:15:6c:1a:ca:ce:8b:a7:6b:f7:cf:52:
         41:fb:ab:4d:b1:e2:36:7f:6e:3c:ce:fd:85:52:6d:f0:b9:47:
         4a:d5:29:ff
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUPpxukFMxKXsYn7CUNf32BSFvShIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNzI4MTYwMDE0WhcNMjUwOTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZmQxODdkOWE2NmZjMjE4MmJmNTUzNGRlNjAwOTEzY2M0
YmVjMTg3YWFjZDNkZTUxNGRhZGY0NTBiMTM0OTE1MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdT0JJPFlrCnmzELyUSX76dWHEg+FzBUeDjZ14VSvbTpzY
OqtM1BPiTf0BuAeQUNF8PeoNohDpgtRfU0fEQaA4TX/Tt8nnJabXvoYyiVSz/ORw
iP+AMvn1Ok1guMVLcat3z/WfvfxB0jw1dPd9C7mCsJeqmRom/QwIibg9e5WPNbRJ
Bi+/GFbY5wEKtGn0EWzocjpFuVU7n5y33p1Ys0ak4Gqz+Iym86EhT8MNFwdG+XLd
pJ+03BnSX0Z/IGylv0wg0WNQCMnEtAy5lcqDm+1zzFaPZmT/1zApNabE9vTlSUU8
233tZ/zjhD8bU3uCHSq4NakAFrMohEZcWk1XI/2nAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUAie8ryNvABtEeiI/ucBsbe0kUkQwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzhhNWZmMDcxLTI1ODktNGI4Zi1iYWIyLWFiNjYxODgwZDQ3Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzAA8IwDQYJKoZIhvcNAQELBQADggEBAHt3UKGxVQRKCRIIoRu3tA8Q
CsOOe1l4itI5BZzpdZ/OyRw1ldhawr3o5oihE1aA8EEW00UQQQiFFqzxjBdHePJh
PrJUFDyFNy9EVmsM73a7sAqOWMHMJ/fBFigNhLQpISVm5oYLwosDQ9YHJ8++zVgy
g129Qk5SRG1ZZ/G2j6+zGIvwLXG05KXUXjYfc0ulN7sbiSKTDI43BzPe7q5A1253
oAWG1hDu8PG8XKwpZYC/mJkTozLjFw+l/rIBJ9fos4+UroyH4kB8jtPEl8AK97YI
iRy0NKLN998yrtIyX7gVbBrKzouna/fPUkH7q02x4jZ/bjzO/YVSbfC5R0rVKf8=
-----END CERTIFICATE-----