Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/9b93eae4-d00c-47ae-8fdb-bc1f1cd1d0c6.roa
File:                     9b93eae4-d00c-47ae-8fdb-bc1f1cd1d0c6.roa (raw, json)
Hash identifier:          L43VdvjBeAJQgppQNYIvLsbdIUGpaEg2emA692bsZQg=
Subject key identifier:   20:CE:C1:92:CE:08:46:4A:DA:40:ED:22:5C:C9:51:88:33:D3:D5:AA
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       6234820B0FF57C4C7833FF9D0E81FFD595A24E31
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/9b93eae4-d00c-47ae-8fdb-bc1f1cd1d0c6.roa
Signing time:             Sat 12 Jul 2025 00:41:06 +0000
ROA not before:           Sat 12 Jul 2025 00:41:06 +0000
ROA not after:            Sat 16 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:9cc0:639::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 05 Aug 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:34:82:0b:0f:f5:7c:4c:78:33:ff:9d:0e:81:ff:d5:95:a2:4e:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jul 12 00:41:06 2025 GMT
            Not After : Aug 16 23:59:59 2025 GMT
        Subject: serialNumber=09d834df007b1decab728478c2b963c8def80051100d47eec79db27da94efb73, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:db:b3:73:16:e4:f7:7d:a4:39:fa:6d:8b:3d:
                    16:00:5a:bf:4d:e2:8d:5c:76:81:16:d5:22:b3:e7:
                    a4:71:4f:90:f2:2d:ee:ce:9c:78:7b:f6:86:12:96:
                    d1:a1:68:e1:e8:fe:03:28:45:52:de:62:1d:e9:a9:
                    a1:7f:ad:dd:5c:d5:10:ee:2c:ef:9b:94:fc:64:86:
                    b2:d2:38:bd:52:21:a9:93:e9:04:be:37:7f:f5:66:
                    0a:ff:95:11:47:d8:2f:5c:77:23:f7:93:70:a4:52:
                    c4:49:f6:2f:38:94:36:ca:19:d3:67:4f:48:5c:ae:
                    67:d7:87:9a:b7:9d:b6:d4:99:80:46:21:a6:93:32:
                    62:f0:72:73:8b:85:34:5a:c0:ed:6e:f9:b3:b7:b7:
                    75:bb:4e:e6:dc:c1:f4:20:ca:40:34:c6:ad:1f:da:
                    0f:00:45:59:49:01:41:b0:47:8e:cf:7a:bc:19:e6:
                    c4:39:21:86:c6:8f:93:39:4f:73:8d:72:53:8a:a9:
                    59:db:58:79:a7:0e:2f:ca:2e:87:e5:8d:16:94:db:
                    db:db:c3:31:eb:d9:dd:6e:ac:7f:3a:1a:4b:83:11:
                    d1:1f:9b:85:13:57:22:b4:fb:c1:55:00:d2:12:53:
                    17:a4:33:88:da:e6:74:85:04:43:7b:24:5e:b8:df:
                    6c:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:CE:C1:92:CE:08:46:4A:DA:40:ED:22:5C:C9:51:88:33:D3:D5:AA
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/9b93eae4-d00c-47ae-8fdb-bc1f1cd1d0c6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:639::/48

    Signature Algorithm: sha256WithRSAEncryption
         56:29:79:cf:b9:e9:24:e8:d7:e3:46:f0:72:f9:ad:0d:36:ae:
         91:d3:40:ce:54:ff:c2:00:c9:72:6a:e3:52:45:0d:e0:6a:14:
         f5:39:7e:b6:fb:d7:78:86:77:d0:9b:de:a6:84:d4:cd:20:a4:
         05:6f:d7:e6:7e:ab:fa:42:58:87:14:6a:a0:17:e1:5a:d4:c1:
         fe:df:66:50:b1:00:8f:75:08:f7:55:a6:c2:6d:8f:f7:98:a3:
         1a:d7:b4:07:cf:66:d1:69:a5:ec:62:29:08:b2:f4:b7:e9:46:
         e0:77:d4:8d:16:8d:b6:b2:a9:cc:16:14:25:1d:48:a7:e0:13:
         9c:ad:c7:ba:a1:52:19:2b:c3:3e:ed:a3:bb:19:5c:28:ae:8b:
         28:50:d4:b1:00:41:ab:7e:3d:3f:7d:16:e9:c4:98:8f:22:dd:
         ad:bc:d6:da:38:9d:6d:5a:c2:2c:23:14:9e:56:1c:67:3d:35:
         fc:e7:ee:10:00:02:2c:6f:8e:e3:d0:53:da:8e:76:40:81:fa:
         8d:6c:a4:32:94:ac:ea:17:2e:a9:2e:4a:41:45:f2:4d:2d:7c:
         59:6c:a0:46:2e:ad:f4:22:92:68:52:53:39:5d:86:76:62:f5:
         ca:cd:72:48:c5:e8:93:ec:09:b3:b5:5f:cf:8f:11:fd:9f:2f:
         ae:0c:f4:ba
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUYjSCCw/1fEx4M/+dDoH/1ZWiTjEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNzEyMDA0MTA2WhcNMjUwODE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AwOWQ4MzRkZjAwN2IxZGVjYWI3Mjg0NzhjMmI5NjNjOGRl
ZjgwMDUxMTAwZDQ3ZWVjNzlkYjI3ZGE5NGVmYjczMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCx27NzFuT3faQ5+m2LPRYAWr9N4o1cdoEW1SKz56RxT5Dy
Le7OnHh79oYSltGhaOHo/gMoRVLeYh3pqaF/rd1c1RDuLO+blPxkhrLSOL1SIamT
6QS+N3/1Zgr/lRFH2C9cdyP3k3CkUsRJ9i84lDbKGdNnT0hcrmfXh5q3nbbUmYBG
IaaTMmLwcnOLhTRawO1u+bO3t3W7TubcwfQgykA0xq0f2g8ARVlJAUGwR47PerwZ
5sQ5IYbGj5M5T3ONclOKqVnbWHmnDi/KLofljRaU29vbwzHr2d1urH86GkuDEdEf
m4UTVyK0+8FVANISUxekM4ja5nSFBEN7JF6432wdAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUIM7Bks4IRkraQO0iXMlRiDPT1aowHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzliOTNlYWU0LWQwMGMtNDdhZS04ZmRiLWJjMWYxY2QxZDBjNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABjkwDQYJKoZIhvcNAQELBQADggEBAFYpec+56STo1+NG8HL5rQ02
rpHTQM5U/8IAyXJq41JFDeBqFPU5frb713iGd9Cb3qaE1M0gpAVv1+Z+q/pCWIcU
aqAX4VrUwf7fZlCxAI91CPdVpsJtj/eYoxrXtAfPZtFppexiKQiy9LfpRuB31I0W
jbayqcwWFCUdSKfgE5ytx7qhUhkrwz7to7sZXCiuiyhQ1LEAQat+PT99FunEmI8i
3a281to4nW1awiwjFJ5WHGc9Nfzn7hAAAixvjuPQU9qOdkCB+o1spDKUrOoXLqku
SkFF8k0tfFlsoEYurfQikmhSUzldhnZi9crNckjF6JPsCbO1X8+PEf2fL64M9Lo=
-----END CERTIFICATE-----