Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/c044dfdf-545b-46de-a181-9b87e5052e28.roa
File:                     c044dfdf-545b-46de-a181-9b87e5052e28.roa (raw, json)
Hash identifier:          RyuOaTcv5u0s6Ructf45OZE/OiKqjJaRuK/AyMnJODo=
Subject key identifier:   B2:0E:D7:53:22:D4:59:46:E6:B2:83:0D:10:F1:05:09:E7:85:9E:21
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       07B531C04CDD3D0381DC434AFBAE98F51AD2DDDA
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/c044dfdf-545b-46de-a181-9b87e5052e28.roa
Signing time:             Fri 11 Jul 2025 18:01:12 +0000
ROA not before:           Fri 11 Jul 2025 18:01:12 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:2110::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:b5:31:c0:4c:dd:3d:03:81:dc:43:4a:fb:ae:98:f5:1a:d2:dd:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jul 11 18:01:12 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=f2a2e84fc185bcdd7222dfc0286ca015411da176e4e4c78707475a2491eb216e, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:3c:c4:13:3f:8a:58:95:5a:2d:b1:55:b9:e7:
                    48:d1:b8:c0:3a:5c:df:27:5a:83:f9:78:e7:d1:b0:
                    81:5b:a6:5a:c0:00:fc:5d:4b:be:8d:00:a4:1b:b7:
                    65:05:1b:4a:a4:ac:5e:33:fd:67:08:29:31:2d:98:
                    4c:b1:3b:77:91:7a:2d:17:4e:43:63:86:30:99:f6:
                    17:65:c3:0e:3c:99:a2:33:44:88:7d:ad:3d:27:e5:
                    69:99:b3:0a:2f:52:31:3b:92:fb:09:4c:f1:1d:5d:
                    b9:1e:5b:bc:f9:6a:5d:5c:e8:9e:27:91:be:4a:d0:
                    23:d6:76:cc:1f:23:31:3f:53:98:d2:be:4a:0a:54:
                    95:7a:6a:a0:c1:28:33:50:2b:97:56:fb:0e:e6:5e:
                    89:75:cf:37:88:86:2a:3f:58:cd:89:49:80:f9:5e:
                    a1:38:62:ab:f2:0e:68:bb:3c:89:6e:1a:0d:d9:71:
                    13:22:47:b1:c9:ab:70:be:5d:c1:b8:33:06:5b:f5:
                    b8:c1:6e:65:c3:9b:18:98:0c:27:20:90:9b:b4:94:
                    b5:06:83:87:19:4b:f3:b4:85:db:7f:ec:23:87:7b:
                    d4:ea:bc:b4:f4:1d:1b:9c:30:d2:93:68:41:36:e1:
                    c2:44:4a:00:56:e0:de:e7:91:b4:76:1d:d9:61:a4:
                    7c:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:0E:D7:53:22:D4:59:46:E6:B2:83:0D:10:F1:05:09:E7:85:9E:21
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/c044dfdf-545b-46de-a181-9b87e5052e28.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:2110::/44

    Signature Algorithm: sha256WithRSAEncryption
         6a:92:7e:1b:1b:57:78:ef:d8:a5:6b:a4:e2:8d:e4:71:93:dc:
         8d:07:3c:25:14:44:b6:30:66:f7:ae:80:b1:b1:a0:4b:5c:76:
         eb:b5:43:6a:40:22:4f:28:8c:f5:15:35:9e:98:48:6e:2e:f8:
         37:85:49:fc:f8:e9:cb:22:11:9d:76:19:ba:ca:81:00:8a:0f:
         f9:a7:ef:3b:d6:de:95:70:98:4e:55:a2:8a:ed:66:4e:05:bf:
         c5:aa:1b:8b:54:4c:7f:35:49:3e:bd:ad:15:ba:ac:e5:df:59:
         30:3d:b9:c1:c5:c6:97:db:79:91:52:2e:b2:19:07:82:07:9d:
         f9:8c:0c:d6:1b:95:45:00:1a:8e:59:86:e1:18:20:1e:2f:e0:
         dd:8a:d5:bf:aa:30:b6:21:db:09:e2:64:27:49:15:c7:28:40:
         8d:23:27:ef:3e:cc:39:a9:1a:f9:79:46:fb:ff:95:b7:65:98:
         77:54:e6:fc:c6:45:6a:f0:8b:53:ed:ee:1d:22:86:7d:7a:30:
         a2:dc:fe:7c:42:3c:25:d3:68:5f:2a:05:bc:06:5f:66:36:58:
         c5:17:f1:04:fc:a2:7d:f9:98:c5:15:dd:03:06:c9:c1:0f:70:
         57:ae:3c:9f:65:ce:20:e7:d9:ad:28:d8:c7:83:1d:3e:19:b5:
         56:03:22:89
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUB7UxwEzdPQOB3ENK+66Y9RrS3dowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNzExMTgwMTEyWhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMmEyZTg0ZmMxODViY2RkNzIyMmRmYzAyODZjYTAxNTQx
MWRhMTc2ZTRlNGM3ODcwNzQ3NWEyNDkxZWIyMTZlMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDIPMQTP4pYlVotsVW550jRuMA6XN8nWoP5eOfRsIFbplrA
APxdS76NAKQbt2UFG0qkrF4z/WcIKTEtmEyxO3eRei0XTkNjhjCZ9hdlww48maIz
RIh9rT0n5WmZswovUjE7kvsJTPEdXbkeW7z5al1c6J4nkb5K0CPWdswfIzE/U5jS
vkoKVJV6aqDBKDNQK5dW+w7mXol1zzeIhio/WM2JSYD5XqE4YqvyDmi7PIluGg3Z
cRMiR7HJq3C+XcG4MwZb9bjBbmXDmxiYDCcgkJu0lLUGg4cZS/O0hdt/7COHe9Tq
vLT0HRucMNKTaEE24cJESgBW4N7nkbR2HdlhpHz1AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUsg7XUyLUWUbmsoMNEPEFCeeFniEwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2MwNDRkZmRmLTU0NWItNDZkZS1hMTgxLTliODdlNTA1MmUyOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmBZzAIRAwDQYJKoZIhvcNAQELBQADggEBAGqSfhsbV3jv2KVrpOKN5HGT
3I0HPCUURLYwZveugLGxoEtcduu1Q2pAIk8ojPUVNZ6YSG4u+DeFSfz46csiEZ12
GbrKgQCKD/mn7zvW3pVwmE5VoortZk4Fv8WqG4tUTH81ST69rRW6rOXfWTA9ucHF
xpfbeZFSLrIZB4IHnfmMDNYblUUAGo5ZhuEYIB4v4N2K1b+qMLYh2wniZCdJFcco
QI0jJ+8+zDmpGvl5Rvv/lbdlmHdU5vzGRWrwi1Pt7h0ihn16MKLc/nxCPCXTaF8q
BbwGX2Y2WMUX8QT8on35mMUV3QMGycEPcFeuPJ9lziDn2a0o2MeDHT4ZtVYDIok=
-----END CERTIFICATE-----
Generated at Tue Aug 5 08:17:39 2025 by rpki-client