Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/c989c04a-7b52-4ce5-a0dc-f32498c5affd.roa
File:                     c989c04a-7b52-4ce5-a0dc-f32498c5affd.roa (raw, json)
Hash identifier:          Izac2wgU7VTE7TAct1Qin6jR30LycgL7DCHaVr9WAC4=
Subject key identifier:   1D:7B:F0:C3:52:3C:74:0F:FE:75:A3:2C:00:8C:EA:5E:99:A7:64:18
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       0B30A361D9C2D620367CD2CEFB3757AC604F2321
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/c989c04a-7b52-4ce5-a0dc-f32498c5affd.roa
Signing time:             Sat 12 Jul 2025 00:41:02 +0000
ROA not before:           Sat 12 Jul 2025 00:41:02 +0000
ROA not after:            Sat 16 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:62b::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 01:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:30:a3:61:d9:c2:d6:20:36:7c:d2:ce:fb:37:57:ac:60:4f:23:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jul 12 00:41:02 2025 GMT
            Not After : Aug 16 23:59:59 2025 GMT
        Subject: serialNumber=cddffecd4c89f8527e40d8adc1fb3b70f9c87468d52ef8a18f57da7c9fa98668, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:69:d7:a8:7b:b2:30:19:53:57:9e:75:fc:8a:
                    65:08:d8:97:3e:58:6a:af:ac:14:d7:93:22:aa:8a:
                    f9:74:68:9a:00:d6:8c:b0:fc:a0:da:e8:8a:52:20:
                    f7:72:54:e1:fa:b6:c3:fe:be:7c:32:00:e8:1e:30:
                    72:55:99:30:f4:bb:12:e3:d1:77:b8:f2:73:03:f8:
                    ed:fe:82:f9:e1:94:a0:5b:24:45:e5:61:a6:3f:32:
                    46:bf:30:e0:6a:d2:1e:9c:73:96:a0:cb:19:0b:c1:
                    30:69:04:f1:b5:32:1e:24:da:09:c7:5d:54:d0:73:
                    5c:54:35:a7:13:48:18:2e:40:af:cf:09:f2:2e:be:
                    e6:d7:03:c2:ec:6b:78:c2:4e:6d:8e:0a:63:77:73:
                    60:3c:a5:4d:13:4d:04:7d:1a:5f:95:c4:78:6c:15:
                    1d:78:ff:63:9d:16:2e:d2:b8:c4:4e:a1:ae:f3:a7:
                    48:49:19:fd:d4:40:6a:b6:86:46:fc:67:de:c8:d1:
                    15:4b:02:8d:7d:f6:45:e6:26:30:57:33:59:9a:3b:
                    9b:2a:de:b4:da:1d:a5:34:25:79:f9:51:d6:e8:e2:
                    f1:80:74:f7:b6:35:4f:f0:7d:3c:cb:4a:a5:e9:d3:
                    58:a4:8f:64:b6:93:f4:d8:44:12:cd:ff:be:63:f0:
                    5a:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:7B:F0:C3:52:3C:74:0F:FE:75:A3:2C:00:8C:EA:5E:99:A7:64:18
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/c989c04a-7b52-4ce5-a0dc-f32498c5affd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:62b::/48

    Signature Algorithm: sha256WithRSAEncryption
         54:11:0d:a7:8b:55:21:89:bc:7c:95:63:0b:4b:1c:31:7c:28:
         62:82:5d:7f:17:18:d7:ba:c1:ec:9e:15:3a:0e:0a:ef:1e:d3:
         89:75:50:f3:f9:b5:12:a5:2b:e8:c2:b5:b2:94:b3:61:74:da:
         1d:5c:ce:f3:3c:4f:49:c2:74:84:f1:f1:18:2a:24:8c:e3:ad:
         32:2b:4b:78:ef:bf:ce:d2:c0:02:d8:e6:2e:59:08:b2:aa:49:
         19:81:6d:9f:b5:7a:f3:ea:e2:7b:06:23:7d:ac:54:66:b0:2c:
         02:bf:6d:be:fc:12:a0:02:eb:91:ef:c9:f7:58:26:8b:36:b3:
         b8:2e:15:19:49:48:2e:ac:dc:fb:ca:a4:f1:07:5b:9f:d2:52:
         c5:a9:c6:b5:11:14:07:d4:e7:25:fb:18:23:b9:04:f6:17:e9:
         dd:2b:af:5b:d8:b1:dc:83:86:e1:a4:f8:c9:1a:37:d6:7e:07:
         54:fe:44:e3:16:b5:ad:b2:70:26:f2:1f:55:5c:bd:94:7c:61:
         b5:c6:95:69:81:5f:5d:64:49:97:46:41:74:f2:59:4f:a3:a0:
         f3:ae:b8:fb:58:35:fe:e3:a2:1b:5f:a0:ea:90:36:23:42:84:
         fb:87:12:04:89:2d:41:4e:97:75:f2:18:35:bc:b5:a4:4d:f1:
         8b:52:3d:3c
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUCzCjYdnC1iA2fNLO+zdXrGBPIyEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNzEyMDA0MTAyWhcNMjUwODE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BjZGRmZmVjZDRjODlmODUyN2U0MGQ4YWRjMWZiM2I3MGY5
Yzg3NDY4ZDUyZWY4YTE4ZjU3ZGE3YzlmYTk4NjY4MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCuadeoe7IwGVNXnnX8imUI2Jc+WGqvrBTXkyKqivl0aJoA
1oyw/KDa6IpSIPdyVOH6tsP+vnwyAOgeMHJVmTD0uxLj0Xe48nMD+O3+gvnhlKBb
JEXlYaY/Mka/MOBq0h6cc5agyxkLwTBpBPG1Mh4k2gnHXVTQc1xUNacTSBguQK/P
CfIuvubXA8Lsa3jCTm2OCmN3c2A8pU0TTQR9Gl+VxHhsFR14/2OdFi7SuMROoa7z
p0hJGf3UQGq2hkb8Z97I0RVLAo199kXmJjBXM1maO5sq3rTaHaU0JXn5Udbo4vGA
dPe2NU/wfTzLSqXp01ikj2S2k/TYRBLN/75j8FrjAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUHXvww1I8dA/+daMsAIzqXpmnZBgwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2M5ODljMDRhLTdiNTItNGNlNS1hMGRjLWYzMjQ5OGM1YWZmZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABiswDQYJKoZIhvcNAQELBQADggEBAFQRDaeLVSGJvHyVYwtLHDF8
KGKCXX8XGNe6weyeFToOCu8e04l1UPP5tRKlK+jCtbKUs2F02h1czvM8T0nCdITx
8RgqJIzjrTIrS3jvv87SwALY5i5ZCLKqSRmBbZ+1evPq4nsGI32sVGawLAK/bb78
EqAC65HvyfdYJos2s7guFRlJSC6s3PvKpPEHW5/SUsWpxrURFAfU5yX7GCO5BPYX
6d0rr1vYsdyDhuGk+MkaN9Z+B1T+ROMWta2ycCbyH1VcvZR8YbXGlWmBX11kSZdG
QXTyWU+joPOuuPtYNf7johtfoOqQNiNChPuHEgSJLUFOl3XyGDW8taRN8YtSPTw=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:45:00 2025 by rpki-client