Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/d29b6497-5e29-4d74-9bc9-54ef6082f794.roa
File:                     d29b6497-5e29-4d74-9bc9-54ef6082f794.roa (raw, json)
Hash identifier:          AQ3Nmm1nUX1deANTqeIvRuuRdg5xu6izDuOBeM1HWWU=
Subject key identifier:   2A:46:B5:85:39:B8:57:A3:20:40:5F:92:60:60:F5:06:F4:FF:9B:98
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       612ADDC0F952E7CD072DDBA1126C1F6AAECC8343
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/d29b6497-5e29-4d74-9bc9-54ef6082f794.roa
Signing time:             Fri 11 Jul 2025 18:01:30 +0000
ROA not before:           Fri 11 Jul 2025 18:01:30 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:308::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:2a:dd:c0:f9:52:e7:cd:07:2d:db:a1:12:6c:1f:6a:ae:cc:83:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jul 11 18:01:30 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=1b763dc98ce5989d117a2c21d557864e6974070cbdf80ce5dbbb17d54dba3f6c, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:d1:40:cd:ab:23:65:89:4c:8e:82:23:85:ae:
                    bd:9a:fa:5b:66:3e:f8:93:c1:45:bd:0c:f6:eb:60:
                    a2:9f:c1:4f:a3:f4:30:1b:2b:d7:d5:71:83:e2:28:
                    46:01:e6:88:84:a3:1f:e8:38:a1:5d:54:68:f0:e9:
                    89:7a:d7:3b:9c:67:aa:e8:c1:9f:72:4d:e9:a2:b3:
                    81:9e:63:f6:56:d3:4b:b9:22:a4:5d:cc:16:5c:5d:
                    01:be:df:6d:48:b0:dd:7e:5b:16:21:3d:98:93:dc:
                    f1:e8:6b:6d:6d:ca:89:9d:b1:1c:97:b4:67:6e:df:
                    91:4a:36:a3:8b:b9:2a:24:dd:ce:6a:d7:48:b4:b6:
                    4e:82:11:c2:75:f3:7c:3a:ae:ae:1f:06:7b:28:74:
                    a8:d9:7f:f2:7f:25:0c:ee:f6:98:c5:d4:b6:e4:f4:
                    75:98:1c:7e:ef:e9:e7:c7:86:46:dc:99:0d:2b:6d:
                    d9:68:3d:6d:0d:48:88:a0:63:9f:7c:a3:93:6d:21:
                    c5:af:7f:a4:80:5d:71:f6:68:52:0f:5f:86:f1:69:
                    6d:32:36:c3:e8:a7:dc:0f:58:69:e4:e0:18:99:83:
                    74:ff:8f:bc:8e:0f:28:a9:43:04:0e:f5:5c:ef:46:
                    84:dc:86:2c:6f:5e:02:1a:2b:88:cc:1b:a4:02:f0:
                    28:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:46:B5:85:39:B8:57:A3:20:40:5F:92:60:60:F5:06:F4:FF:9B:98
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/d29b6497-5e29-4d74-9bc9-54ef6082f794.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:308::/48

    Signature Algorithm: sha256WithRSAEncryption
         65:3e:36:ba:83:0f:cb:9a:3f:48:b8:6b:79:37:82:73:24:2e:
         6d:9d:41:4f:2c:56:dc:b6:0c:89:05:79:83:48:b2:b8:8e:69:
         da:b4:1c:2e:b6:e3:6b:59:16:38:5d:50:70:df:e4:39:a6:bf:
         54:24:47:bf:99:6c:f9:22:e2:25:af:7d:c8:36:2f:91:c6:be:
         f2:a4:fc:72:7f:b3:5a:29:9e:da:62:e0:91:1b:fc:78:6f:95:
         c3:be:61:73:db:6d:24:33:4b:27:18:d1:11:4b:fd:fe:d0:b3:
         28:ef:2d:40:0d:d3:4c:77:e9:1d:f7:4f:8b:da:cf:17:ad:dc:
         93:16:ef:bf:35:57:b5:ba:55:37:b7:16:77:c8:c7:94:a7:c5:
         d5:f7:40:33:7f:63:94:86:29:b4:28:35:5d:7e:09:8c:e9:4d:
         5e:28:f5:9e:c3:11:9d:b7:c5:52:ef:b7:72:49:5d:74:af:ff:
         0f:b1:e4:32:92:ae:5f:67:4a:ff:7f:58:4a:7c:48:33:f0:31:
         cf:83:b2:3d:a5:2f:73:cc:3e:93:af:06:c6:d4:89:ef:67:48:
         02:52:ce:02:72:5d:b5:95:70:a5:89:2f:9d:dd:ed:4b:28:7f:
         d1:39:c9:a1:14:99:03:cc:79:70:2a:d9:2f:78:63:19:0a:37:
         f8:48:f4:ef
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUYSrdwPlS580HLduhEmwfaq7Mg0MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNzExMTgwMTMwWhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYjc2M2RjOThjZTU5ODlkMTE3YTJjMjFkNTU3ODY0ZTY5
NzQwNzBjYmRmODBjZTVkYmJiMTdkNTRkYmEzZjZjMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCw0UDNqyNliUyOgiOFrr2a+ltmPviTwUW9DPbrYKKfwU+j
9DAbK9fVcYPiKEYB5oiEox/oOKFdVGjw6Yl61zucZ6rowZ9yTemis4GeY/ZW00u5
IqRdzBZcXQG+321IsN1+WxYhPZiT3PHoa21tyomdsRyXtGdu35FKNqOLuSok3c5q
10i0tk6CEcJ183w6rq4fBnsodKjZf/J/JQzu9pjF1Lbk9HWYHH7v6efHhkbcmQ0r
bdloPW0NSIigY598o5NtIcWvf6SAXXH2aFIPX4bxaW0yNsPop9wPWGnk4BiZg3T/
j7yODyipQwQO9VzvRoTchixvXgIaK4jMG6QC8CibAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUKka1hTm4V6MgQF+SYGD1BvT/m5gwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2QyOWI2NDk3LTVlMjktNGQ3NC05YmM5LTU0ZWY2MDgyZjc5NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzAAwgwDQYJKoZIhvcNAQELBQADggEBAGU+NrqDD8uaP0i4a3k3gnMk
Lm2dQU8sVty2DIkFeYNIsriOadq0HC6242tZFjhdUHDf5Dmmv1QkR7+ZbPki4iWv
fcg2L5HGvvKk/HJ/s1opntpi4JEb/HhvlcO+YXPbbSQzSycY0RFL/f7QsyjvLUAN
00x36R33T4vazxet3JMW7781V7W6VTe3FnfIx5SnxdX3QDN/Y5SGKbQoNV1+CYzp
TV4o9Z7DEZ23xVLvt3JJXXSv/w+x5DKSrl9nSv9/WEp8SDPwMc+Dsj2lL3PMPpOv
BsbUie9nSAJSzgJyXbWVcKWJL53d7Usof9E5yaEUmQPMeXAq2S94YxkKN/hI9O8=
-----END CERTIFICATE-----
Generated at Tue Aug 5 08:17:42 2025 by rpki-client