Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/e7607360-6fe5-44db-bbe5-edd1b127da54.roa
File:                     e7607360-6fe5-44db-bbe5-edd1b127da54.roa (raw, json)
Hash identifier:          i5Vw+C0xhAht3E2rXo3vtDo0402R2F6/gHXW+emAP3U=
Subject key identifier:   2F:FE:85:5E:8C:E8:0F:3E:57:0F:49:4D:54:DF:76:B2:24:EF:88:DA
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       685AF2FB808A1C244A7B1AEAA23AF4EA53D505FF
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/e7607360-6fe5-44db-bbe5-edd1b127da54.roa
Signing time:             Fri 11 Jul 2025 18:11:36 +0000
ROA not before:           Fri 11 Jul 2025 18:11:36 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:f03d::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 01:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:5a:f2:fb:80:8a:1c:24:4a:7b:1a:ea:a2:3a:f4:ea:53:d5:05:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jul 11 18:11:36 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=532568eab78aa9c5dddf64fb5d5438518c0a0e926ebc855e1964d78d6bc8a6a8, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:ab:78:87:59:97:13:e4:ed:9d:c6:4b:c0:4b:
                    ea:8e:30:04:18:19:44:30:ef:cb:48:60:cf:06:b2:
                    9d:5c:f8:7a:5d:25:91:af:5a:45:99:66:a6:c1:fb:
                    71:0f:3a:a4:73:76:12:08:40:7e:ca:df:c5:29:91:
                    25:23:17:6d:9b:b2:38:da:c3:a4:17:44:34:34:1a:
                    0f:eb:e0:63:fd:66:76:3c:06:f2:66:3d:1a:12:06:
                    90:f7:b2:65:67:20:b1:82:12:af:c6:b9:d9:42:e9:
                    0b:d7:7e:aa:7f:ff:f2:72:d1:98:f1:87:dd:10:30:
                    1b:06:3e:52:97:13:27:c0:17:26:4b:16:c2:59:47:
                    7e:32:9a:7b:44:d9:cb:4d:ad:05:e7:4f:eb:1f:4d:
                    ec:c5:5a:61:24:8a:47:b9:a4:49:aa:21:c5:5e:ea:
                    5b:a6:8d:dd:a4:38:ae:32:28:92:25:c9:25:70:b1:
                    76:b9:32:f4:91:ca:0d:0a:a9:7f:fb:d2:78:83:ad:
                    6e:5c:db:4e:c7:7b:05:10:85:26:b1:69:8b:ea:99:
                    f4:f9:09:eb:79:35:90:d0:bf:57:4e:22:01:96:dc:
                    b9:62:01:05:06:b8:cf:e4:0c:da:24:43:db:bf:d0:
                    e4:15:9f:35:52:ec:9f:b7:e1:8a:ea:3f:ca:d0:98:
                    08:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:FE:85:5E:8C:E8:0F:3E:57:0F:49:4D:54:DF:76:B2:24:EF:88:DA
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/e7607360-6fe5-44db-bbe5-edd1b127da54.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:f03d::/48

    Signature Algorithm: sha256WithRSAEncryption
         62:7b:a1:aa:3a:85:99:98:08:47:ad:bc:fc:e3:a6:8d:55:47:
         1a:c2:5a:ff:f8:da:50:f2:8d:0b:b8:e2:dc:cd:5e:83:0d:67:
         5a:89:e6:00:83:16:d4:1b:1e:6e:0e:5e:27:82:3d:c9:f1:93:
         f4:ab:1b:36:99:7e:79:db:0e:d8:d4:55:48:7d:68:24:df:80:
         69:2d:04:ab:5c:23:24:3a:c3:c2:b0:17:0e:f3:15:cd:de:4e:
         5d:40:1e:c9:88:20:0a:f1:ab:39:3b:63:d5:29:7b:65:ca:a8:
         3d:0e:7a:30:f9:bd:f4:e4:f1:42:4e:84:c0:5e:89:92:af:c9:
         88:eb:2d:aa:30:72:c4:dd:83:07:4d:b9:24:e5:6e:e6:b2:a7:
         b8:8a:63:60:66:9d:3a:3d:fe:1b:41:c4:ec:07:61:5d:f0:69:
         f5:ec:1e:60:6b:18:b0:58:f3:d6:ac:8a:c4:91:89:fd:22:c5:
         ef:2f:9f:a6:84:b4:f8:38:19:fc:ba:f5:fe:23:92:b9:c9:87:
         72:24:81:90:72:39:17:c7:b1:83:92:77:4d:b6:2f:6b:86:b1:
         f1:21:ed:76:cb:da:06:b2:fe:68:8f:d6:01:fb:f5:e1:80:bc:
         c6:90:a6:9b:48:50:d1:b7:b0:3c:51:d8:40:a5:42:bc:d4:27:
         7b:be:64:d4
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUaFry+4CKHCRKexrqojr06lPVBf8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNzExMTgxMTM2WhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A1MzI1NjhlYWI3OGFhOWM1ZGRkZjY0ZmI1ZDU0Mzg1MThj
MGEwZTkyNmViYzg1NWUxOTY0ZDc4ZDZiYzhhNmE4MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDpq3iHWZcT5O2dxkvAS+qOMAQYGUQw78tIYM8Gsp1c+Hpd
JZGvWkWZZqbB+3EPOqRzdhIIQH7K38UpkSUjF22bsjjaw6QXRDQ0Gg/r4GP9ZnY8
BvJmPRoSBpD3smVnILGCEq/GudlC6QvXfqp///Jy0Zjxh90QMBsGPlKXEyfAFyZL
FsJZR34ymntE2ctNrQXnT+sfTezFWmEkike5pEmqIcVe6lumjd2kOK4yKJIlySVw
sXa5MvSRyg0KqX/70niDrW5c207HewUQhSaxaYvqmfT5Cet5NZDQv1dOIgGW3Lli
AQUGuM/kDNokQ9u/0OQVnzVS7J+34YrqP8rQmAhtAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUL/6FXozoDz5XD0lNVN92siTviNowHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2U3NjA3MzYwLTZmZTUtNDRkYi1iYmU1LWVkZDFiMTI3ZGE1NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzA8D0wDQYJKoZIhvcNAQELBQADggEBAGJ7oao6hZmYCEetvPzjpo1V
RxrCWv/42lDyjQu44tzNXoMNZ1qJ5gCDFtQbHm4OXieCPcnxk/SrGzaZfnnbDtjU
VUh9aCTfgGktBKtcIyQ6w8KwFw7zFc3eTl1AHsmIIArxqzk7Y9Upe2XKqD0OejD5
vfTk8UJOhMBeiZKvyYjrLaowcsTdgwdNuSTlbuayp7iKY2BmnTo9/htBxOwHYV3w
afXsHmBrGLBY89asisSRif0ixe8vn6aEtPg4Gfy69f4jkrnJh3IkgZByORfHsYOS
d022L2uGsfEh7XbL2gay/miP1gH79eGAvMaQpptIUNG3sDxR2EClQrzUJ3u+ZNQ=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:45:23 2025 by rpki-client