Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/f5f45ee0-86c2-4d70-a0dc-72e1f5e4ed74.roa
File:                     f5f45ee0-86c2-4d70-a0dc-72e1f5e4ed74.roa (raw, json)
Hash identifier:          KsFXsnnuzRUhSjh6Di0n0oS6r8/ygOR5LzyRfrY5GNE=
Subject key identifier:   5D:08:F0:2F:E8:F2:7A:AC:50:9D:94:23:9F:3E:A2:80:21:C5:61:AF
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       779081DA17F3C1B2616073ACF376BC489880238B
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/f5f45ee0-86c2-4d70-a0dc-72e1f5e4ed74.roa
Signing time:             Tue 04 Nov 2025 16:50:15 +0000
ROA not before:           Tue 04 Nov 2025 16:50:15 +0000
ROA not after:            Tue 09 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:c08::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 06 Nov 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:90:81:da:17:f3:c1:b2:61:60:73:ac:f3:76:bc:48:98:80:23:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Nov  4 16:50:15 2025 GMT
            Not After : Dec  9 23:59:59 2025 GMT
        Subject: serialNumber=fab332efe0084e4b04fea64251f9059c0ce78fde71b368769397eff31b34356a, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:d7:00:da:7b:52:b4:c2:05:32:43:02:22:10:
                    07:a5:fa:2d:23:8d:ee:f2:75:dd:4f:a8:76:78:3a:
                    d7:26:2d:09:7a:70:b7:56:05:60:01:ca:ac:b7:ae:
                    58:5c:d2:5a:f6:cf:98:f1:84:04:92:25:9c:83:fb:
                    db:ea:6a:8b:0f:c5:68:70:aa:dc:bf:0c:1e:82:0d:
                    2b:90:ec:42:6b:73:d8:63:f0:fb:e8:4b:c2:9d:4c:
                    74:91:79:22:2c:bb:9b:14:5f:b5:56:74:83:ed:5b:
                    27:3a:4f:cb:65:f5:41:78:92:a4:39:55:a7:a7:95:
                    49:b5:61:11:e5:f1:79:6a:77:41:90:5e:d3:05:0e:
                    83:3c:0e:7a:05:09:41:c3:1c:0b:31:f8:ee:4f:0f:
                    48:35:80:5f:f1:53:cf:3e:4b:e8:f6:f1:9c:39:5f:
                    9a:31:9f:32:d2:9b:a8:d9:63:55:e8:38:a4:3e:81:
                    91:4f:7a:34:8a:74:2c:29:e1:29:8b:40:ba:b2:cb:
                    bb:a5:11:ca:d7:3c:e6:80:5c:e8:df:ad:98:d5:d6:
                    84:16:d7:7a:59:e6:df:88:df:96:03:a2:a2:04:e7:
                    b5:d7:cf:48:51:fb:1b:a4:60:7f:7f:ca:dd:e4:de:
                    aa:2e:e0:e4:8e:11:a5:5c:d7:b0:d7:53:a9:36:60:
                    76:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:08:F0:2F:E8:F2:7A:AC:50:9D:94:23:9F:3E:A2:80:21:C5:61:AF
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/f5f45ee0-86c2-4d70-a0dc-72e1f5e4ed74.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c08::/48

    Signature Algorithm: sha256WithRSAEncryption
         4e:c7:2f:1a:0b:e0:66:bb:3c:77:75:c6:92:52:06:5b:f6:ce:
         58:87:ae:24:44:4f:d0:a9:06:73:32:f9:2e:32:d7:15:01:dc:
         b1:2e:59:91:89:ef:95:51:e3:98:2f:aa:87:20:df:26:b0:19:
         b9:5f:8f:8d:7c:77:a8:97:98:9b:43:d1:73:91:51:fb:8f:db:
         31:18:4e:8b:90:9e:78:94:af:f4:7d:b3:74:0d:50:5e:7e:a1:
         92:0c:b9:d7:ae:24:9d:37:c7:f3:d2:a2:6e:73:ed:29:07:97:
         68:c3:4f:af:87:f2:86:14:ff:49:34:8a:6c:30:fb:7c:68:34:
         9e:a1:07:d0:5e:a5:5c:b8:7d:03:5d:34:dc:80:f6:d4:fb:4a:
         f5:c5:8d:2e:1d:f4:a8:d7:c6:f9:6d:a6:7d:fd:8e:a8:64:0a:
         97:25:5d:57:5c:04:f3:c8:ce:55:70:91:98:39:3f:cf:e6:98:
         e6:0b:12:7a:e9:d1:64:4a:ad:13:0e:c3:1c:6c:6d:84:85:36:
         ae:88:79:51:1d:11:af:a1:aa:d1:db:b8:3a:25:06:8f:8c:24:
         71:c6:b0:a1:02:f3:68:f7:24:1f:a0:30:c8:37:79:a5:43:fd:
         b9:a7:2e:88:e3:a1:01:ec:23:3f:d4:51:b5:92:04:06:ae:48:
         5a:ce:55:56
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUd5CB2hfzwbJhYHOs83a8SJiAI4swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUxMTA0MTY1MDE1WhcNMjUxMjA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BmYWIzMzJlZmUwMDg0ZTRiMDRmZWE2NDI1MWY5MDU5YzBj
ZTc4ZmRlNzFiMzY4NzY5Mzk3ZWZmMzFiMzQzNTZhMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDe1wDae1K0wgUyQwIiEAel+i0jje7ydd1PqHZ4OtcmLQl6
cLdWBWAByqy3rlhc0lr2z5jxhASSJZyD+9vqaosPxWhwqty/DB6CDSuQ7EJrc9hj
8PvoS8KdTHSReSIsu5sUX7VWdIPtWyc6T8tl9UF4kqQ5VaenlUm1YRHl8Xlqd0GQ
XtMFDoM8DnoFCUHDHAsx+O5PD0g1gF/xU88+S+j28Zw5X5oxnzLSm6jZY1XoOKQ+
gZFPejSKdCwp4SmLQLqyy7ulEcrXPOaAXOjfrZjV1oQW13pZ5t+I35YDoqIE57XX
z0hR+xukYH9/yt3k3qou4OSOEaVc17DXU6k2YHb1AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUXQjwL+jyeqxQnZQjnz6igCHFYa8wHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2Y1ZjQ1ZWUwLTg2YzItNGQ3MC1hMGRjLTcyZTFmNWU0ZWQ3NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADAgwDQYJKoZIhvcNAQELBQADggEBAE7HLxoL4Ga7PHd1xpJSBlv2
zliHriRET9CpBnMy+S4y1xUB3LEuWZGJ75VR45gvqocg3yawGblfj418d6iXmJtD
0XORUfuP2zEYTouQnniUr/R9s3QNUF5+oZIMudeuJJ03x/PSom5z7SkHl2jDT6+H
8oYU/0k0imww+3xoNJ6hB9BepVy4fQNdNNyA9tT7SvXFjS4d9KjXxvltpn39jqhk
CpclXVdcBPPIzlVwkZg5P8/mmOYLEnrp0WRKrRMOwxxsbYSFNq6IeVEdEa+hqtHb
uDolBo+MJHHGsKEC82j3JB+gMMg3eaVD/bmnLojjoQHsIz/UUbWSBAauSFrOVVY=
-----END CERTIFICATE-----