Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/e52fa04b-f965-4052-87cb-6e539ccd0345.roa
File:                     e52fa04b-f965-4052-87cb-6e539ccd0345.roa (raw, json)
Hash identifier:          rkOclozWe20+KCq6844fK2ELxuikNFwS9yY+f1i/Pgc=
Subject key identifier:   A6:E9:8D:95:49:BA:69:C4:16:7D:52:9B:A3:88:88:54:48:CA:63:41
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       65F75D602117346A9E0BD07E88AE022187CA4514
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/e52fa04b-f965-4052-87cb-6e539ccd0345.roa
Signing time:             Mon 21 Jul 2025 16:31:10 +0000
ROA not before:           Mon 21 Jul 2025 16:31:10 +0000
ROA not after:            Mon 25 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:c1b::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:f7:5d:60:21:17:34:6a:9e:0b:d0:7e:88:ae:02:21:87:ca:45:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jul 21 16:31:10 2025 GMT
            Not After : Aug 25 23:59:59 2025 GMT
        Subject: serialNumber=08c1d97044696a79a0c5a99ff9abae4b31fccc761164378239887ec197c5cdf1, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:9f:47:e9:64:11:15:64:b2:95:cf:e0:34:95:
                    92:23:6a:14:29:cf:52:56:3b:28:03:7b:17:12:01:
                    22:11:bd:1b:92:ca:84:2a:f5:9d:e1:94:8e:82:46:
                    91:bd:ac:bb:b5:77:b1:9c:a5:a7:fa:b4:dc:08:c7:
                    c4:86:1d:e8:70:af:c6:bf:ff:3d:f0:68:d5:2b:83:
                    14:62:8d:6c:93:72:f3:f1:02:d7:84:b8:d6:4b:3d:
                    08:f5:1b:cd:aa:46:ea:b6:6e:9f:7d:0f:7d:1f:94:
                    64:e7:f9:84:78:ee:f0:5c:2d:1d:a1:2f:a1:9c:bc:
                    11:42:cb:46:34:2d:2f:53:6c:cf:d7:17:9e:3d:d0:
                    1d:3c:45:d4:7d:4a:f7:e2:cc:de:7f:2c:06:5c:70:
                    7b:05:b1:48:59:86:90:5b:03:01:e5:53:95:26:99:
                    e0:4b:fb:9c:3b:95:19:99:d1:cb:48:0c:5c:cd:6d:
                    7a:ea:40:d5:ec:9b:d9:a4:67:90:20:eb:f4:9b:4f:
                    d6:2c:9f:d3:76:49:1d:9d:f1:72:4f:d0:32:e5:20:
                    d4:14:5f:2b:58:30:68:3d:9b:fd:78:c3:db:cc:41:
                    f0:74:93:59:8f:9c:8b:2c:4d:44:70:e2:6f:5b:89:
                    2a:7b:94:90:ab:92:4a:46:e4:db:8d:a4:33:db:12:
                    81:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:E9:8D:95:49:BA:69:C4:16:7D:52:9B:A3:88:88:54:48:CA:63:41
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/e52fa04b-f965-4052-87cb-6e539ccd0345.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c1b::/48

    Signature Algorithm: sha256WithRSAEncryption
         2a:df:bf:e1:ea:32:ae:c1:6c:43:55:e9:72:76:5b:15:95:43:
         d6:7b:92:ac:4b:a6:0f:c6:0d:06:5b:7d:85:7f:f9:77:b5:aa:
         39:2d:2e:d9:3d:64:8e:2e:58:9a:a2:fd:22:5b:6e:1a:22:ab:
         e6:07:c5:5e:03:b1:ec:60:9e:92:94:6e:c8:7f:e6:3f:57:5f:
         79:77:ca:5a:92:4d:7c:3f:e0:41:08:db:48:f1:b8:cd:67:82:
         a4:09:82:a0:51:40:33:b3:69:1f:c3:17:a2:88:9b:1c:6b:fd:
         b3:e6:a3:b5:9b:3f:8b:3b:9c:c0:14:a9:46:1e:b6:0a:10:79:
         e6:c9:1e:3b:0a:9b:5c:05:e8:be:da:03:8b:55:76:4f:0c:a1:
         e0:3e:2f:8a:59:23:6a:20:07:2b:59:36:23:27:4d:c6:09:35:
         55:3f:77:7d:4d:bf:ec:aa:4d:fb:2f:9d:cb:ec:7e:2d:a2:cd:
         06:09:07:4c:bd:70:90:3a:28:47:a1:35:88:e5:3d:f8:1d:dc:
         aa:99:d2:1d:b0:7a:1e:5e:9a:e6:fe:e4:73:93:eb:21:84:86:
         09:00:1d:d9:d6:c2:f2:76:54:b2:b5:11:52:50:22:54:5e:0d:
         1d:3b:f1:6a:32:ad:bd:a5:f4:16:cc:cd:97:95:04:65:43:d4:
         b3:e5:fd:36
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUZfddYCEXNGqeC9B+iK4CIYfKRRQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNzIxMTYzMTEwWhcNMjUwODI1MjM1OTU5
WjB6MUkwRwYDVQQFE0AwOGMxZDk3MDQ0Njk2YTc5YTBjNWE5OWZmOWFiYWU0YjMx
ZmNjYzc2MTE2NDM3ODIzOTg4N2VjMTk3YzVjZGYxMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCEn0fpZBEVZLKVz+A0lZIjahQpz1JWOygDexcSASIRvRuS
yoQq9Z3hlI6CRpG9rLu1d7Gcpaf6tNwIx8SGHehwr8a//z3waNUrgxRijWyTcvPx
AteEuNZLPQj1G82qRuq2bp99D30flGTn+YR47vBcLR2hL6GcvBFCy0Y0LS9TbM/X
F5490B08RdR9SvfizN5/LAZccHsFsUhZhpBbAwHlU5UmmeBL+5w7lRmZ0ctIDFzN
bXrqQNXsm9mkZ5Ag6/SbT9Ysn9N2SR2d8XJP0DLlINQUXytYMGg9m/14w9vMQfB0
k1mPnIssTURw4m9biSp7lJCrkkpG5NuNpDPbEoHhAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUpumNlUm6acQWfVKbo4iIVEjKY0EwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2U1MmZhMDRiLWY5NjUtNDA1Mi04N2NiLTZlNTM5Y2NkMDM0NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADBswDQYJKoZIhvcNAQELBQADggEBACrfv+HqMq7BbENV6XJ2WxWV
Q9Z7kqxLpg/GDQZbfYV/+Xe1qjktLtk9ZI4uWJqi/SJbbhoiq+YHxV4DsexgnpKU
bsh/5j9XX3l3ylqSTXw/4EEI20jxuM1ngqQJgqBRQDOzaR/DF6KImxxr/bPmo7Wb
P4s7nMAUqUYetgoQeebJHjsKm1wF6L7aA4tVdk8MoeA+L4pZI2ogBytZNiMnTcYJ
NVU/d31Nv+yqTfsvncvsfi2izQYJB0y9cJA6KEehNYjlPfgd3KqZ0h2weh5emub+
5HOT6yGEhgkAHdnWwvJ2VLK1EVJQIlReDR078Woyrb2l9BbMzZeVBGVD1LPl/TY=
-----END CERTIFICATE-----
Generated at Tue Aug 5 17:27:31 2025 by rpki-client