Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/8e5cac31-33d2-454d-a2b7-6ef85a8d494d.roa
File:                     8e5cac31-33d2-454d-a2b7-6ef85a8d494d.roa (raw, json)
Hash identifier:          uLB50pUmgf/oTDKUp6yDMFDxQXgQzk0jXQmyLa2P70A=
Subject key identifier:   67:52:24:F3:8D:91:E2:98:41:7C:05:B1:6A:88:C4:BC:73:E1:88:9B
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       37DC9D0D8FF1D18AB01B9E6D233449B70E72E284
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/8e5cac31-33d2-454d-a2b7-6ef85a8d494d.roa
Signing time:             Fri 11 Jul 2025 18:10:47 +0000
ROA not before:           Fri 11 Jul 2025 18:10:47 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:396::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 01:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:dc:9d:0d:8f:f1:d1:8a:b0:1b:9e:6d:23:34:49:b7:0e:72:e2:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jul 11 18:10:47 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=35b32d533ac880b047a91583c085bb76445e83b0836a4c1159b8df74bf84c18a, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:38:b8:b4:5b:89:bc:cc:c5:f8:04:dd:73:f4:
                    41:de:a4:7b:c0:e9:bf:a0:f5:b2:d2:3f:db:15:d8:
                    05:df:6a:11:78:c3:42:7e:dd:a8:6c:d6:19:fb:f5:
                    1f:d5:3f:b6:b7:ad:7a:ab:c8:b5:39:9b:92:69:77:
                    4a:01:f5:6d:ba:14:49:cd:60:99:e3:c2:f6:70:ab:
                    fd:0e:4c:8c:94:e7:8a:82:49:12:15:1e:9f:e4:e3:
                    62:89:b3:7f:a8:42:d0:39:c4:f2:4a:0a:df:48:ad:
                    3b:b2:df:94:31:ed:4b:8f:28:90:7e:c8:5a:df:8b:
                    44:3a:40:eb:b7:be:74:ac:91:34:24:a3:57:0c:85:
                    2e:02:42:1b:11:73:17:a5:45:1d:f5:01:6a:62:f8:
                    00:82:31:d0:e8:98:35:6a:29:f9:a0:cc:d6:9b:82:
                    c3:70:1d:20:2e:9a:ef:63:5c:cb:d3:67:0c:64:78:
                    f8:4a:72:b0:4a:e1:67:77:16:9d:de:67:79:7e:51:
                    14:81:cb:03:5c:14:51:24:73:38:3e:90:42:ff:7d:
                    28:92:d2:41:4c:f3:b1:ab:b6:38:96:d9:2a:c7:da:
                    bf:e8:6b:5c:8d:ac:f8:0d:f9:a1:52:e0:b1:f7:7b:
                    8d:7c:78:f6:90:61:09:81:7c:d4:10:58:cb:40:69:
                    64:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:52:24:F3:8D:91:E2:98:41:7C:05:B1:6A:88:C4:BC:73:E1:88:9B
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/8e5cac31-33d2-454d-a2b7-6ef85a8d494d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:396::/48

    Signature Algorithm: sha256WithRSAEncryption
         03:97:03:3f:f1:f5:4f:51:f0:64:32:2b:88:bb:92:3c:5b:1c:
         3b:d5:b0:8a:f1:21:e9:26:1e:95:c0:a7:ce:94:8b:03:a3:a0:
         98:74:9c:a8:26:b9:a7:80:f7:ae:67:91:d2:6f:bb:33:f9:f1:
         4c:70:84:4b:3e:b3:f4:2c:99:cc:98:6e:9c:e3:39:e0:77:96:
         b9:df:48:d5:57:84:9e:5c:d0:d6:60:55:ac:6e:0c:69:52:ac:
         5a:f0:8f:60:df:2b:17:b9:47:8e:0f:1c:04:ab:49:5b:3d:0f:
         e4:63:b7:50:86:82:f1:d5:28:28:24:4a:60:5b:60:e1:b4:69:
         bd:01:0a:04:23:fe:41:db:cb:18:59:3b:a2:37:c0:78:63:7b:
         0c:cc:82:16:c8:31:15:aa:a5:96:45:3b:17:c3:9b:cd:6d:89:
         97:1f:c8:28:e3:d6:f0:f9:f8:89:e3:06:8d:e7:37:53:cd:9b:
         16:30:9e:a6:91:68:c5:16:a3:62:e5:5b:d8:a9:28:f1:70:16:
         b4:5a:f5:cd:90:7b:a1:23:bd:bc:7a:34:7e:71:65:8f:40:1e:
         2d:95:37:5e:7e:f2:28:49:86:1a:ad:6c:22:04:21:df:a0:8c:
         f5:b8:4c:97:ef:f1:43:96:bc:39:48:14:33:22:73:26:4e:93:
         e6:d2:01:56
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUN9ydDY/x0YqwG55tIzRJtw5y4oQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNzExMTgxMDQ3WhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNWIzMmQ1MzNhYzg4MGIwNDdhOTE1ODNjMDg1YmI3NjQ0
NWU4M2IwODM2YTRjMTE1OWI4ZGY3NGJmODRjMThhMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFOLi0W4m8zMX4BN1z9EHepHvA6b+g9bLSP9sV2AXfahF4
w0J+3ahs1hn79R/VP7a3rXqryLU5m5Jpd0oB9W26FEnNYJnjwvZwq/0OTIyU54qC
SRIVHp/k42KJs3+oQtA5xPJKCt9IrTuy35Qx7UuPKJB+yFrfi0Q6QOu3vnSskTQk
o1cMhS4CQhsRcxelRR31AWpi+ACCMdDomDVqKfmgzNabgsNwHSAumu9jXMvTZwxk
ePhKcrBK4Wd3Fp3eZ3l+URSBywNcFFEkczg+kEL/fSiS0kFM87GrtjiW2SrH2r/o
a1yNrPgN+aFS4LH3e418ePaQYQmBfNQQWMtAaWRZAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUZ1Ik842R4phBfAWxaojEvHPhiJswHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzhlNWNhYzMxLTMzZDItNDU0ZC1hMmI3LTZlZjg1YThkNDk0ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzAA5YwDQYJKoZIhvcNAQELBQADggEBAAOXAz/x9U9R8GQyK4i7kjxb
HDvVsIrxIekmHpXAp86UiwOjoJh0nKgmuaeA965nkdJvuzP58UxwhEs+s/QsmcyY
bpzjOeB3lrnfSNVXhJ5c0NZgVaxuDGlSrFrwj2DfKxe5R44PHASrSVs9D+Rjt1CG
gvHVKCgkSmBbYOG0ab0BCgQj/kHbyxhZO6I3wHhjewzMghbIMRWqpZZFOxfDm81t
iZcfyCjj1vD5+InjBo3nN1PNmxYwnqaRaMUWo2LlW9ipKPFwFrRa9c2Qe6Ejvbx6
NH5xZY9AHi2VN15+8ihJhhqtbCIEId+gjPW4TJfv8UOWvDlIFDMicyZOk+bSAVY=
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:11:46 2025 by rpki-client