Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/f5f45ee0-86c2-4d70-a0dc-72e1f5e4ed74.roa
File:                     f5f45ee0-86c2-4d70-a0dc-72e1f5e4ed74.roa (raw, json)
Hash identifier:          O3DJpPXoIt2F2UzYc1jr6A2eMcMG+C97dOKqqmu38KM=
Subject key identifier:   96:A5:04:7F:BB:23:D8:47:99:1B:11:57:D1:21:9D:13:15:02:F6:DA
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       7186F7AB75E1C7FDCF0561851ECE5A022F1962EE
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/f5f45ee0-86c2-4d70-a0dc-72e1f5e4ed74.roa
Signing time:             Mon 21 Jul 2025 16:21:22 +0000
ROA not before:           Mon 21 Jul 2025 16:21:22 +0000
ROA not after:            Mon 25 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:c08::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 01:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:86:f7:ab:75:e1:c7:fd:cf:05:61:85:1e:ce:5a:02:2f:19:62:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jul 21 16:21:22 2025 GMT
            Not After : Aug 25 23:59:59 2025 GMT
        Subject: serialNumber=6bec9fe1ef69482f7786d03d7d9cdb2c763c83093fd91392c9f44b01ee4d04d5, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:2d:51:78:62:b3:51:56:a7:c7:f3:92:3e:c7:
                    6b:d5:75:45:c9:91:8c:b2:98:29:64:49:02:89:6f:
                    a7:9c:7e:be:e4:11:0d:38:89:18:9e:61:83:ef:61:
                    c5:dc:84:4d:3e:bb:6d:e9:5c:49:c9:8d:45:83:76:
                    ab:f0:5f:e4:82:72:a6:ea:c9:c2:68:04:4c:0e:6b:
                    86:40:09:3c:36:e8:48:10:33:6f:72:eb:76:1f:91:
                    fb:1d:9a:95:d1:b6:40:80:74:c6:de:95:a0:de:d2:
                    25:52:0f:a4:01:f0:1a:7f:46:87:bf:bb:40:72:40:
                    34:b7:c5:65:b1:5a:64:97:77:10:05:4e:f8:80:28:
                    04:74:f7:de:89:5f:22:9c:b1:6a:7d:55:df:9d:46:
                    8f:dc:21:c2:57:c8:6f:e3:b5:97:ee:a3:fa:71:a4:
                    bf:d2:69:24:a3:4a:d7:f9:86:8c:3c:41:37:19:ec:
                    a3:c8:91:9a:0f:a6:cd:37:e5:11:72:56:92:ee:f1:
                    03:57:87:54:f6:ea:1a:25:ce:1e:ea:eb:0a:e9:8a:
                    3d:0a:3e:43:c0:74:db:24:e1:32:58:1a:a9:f6:9c:
                    aa:a7:3e:fc:c9:e3:80:e4:9a:ef:84:1e:9e:0c:91:
                    14:49:46:67:83:6a:4e:f0:a5:6a:f6:4f:68:93:0d:
                    c4:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:A5:04:7F:BB:23:D8:47:99:1B:11:57:D1:21:9D:13:15:02:F6:DA
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/f5f45ee0-86c2-4d70-a0dc-72e1f5e4ed74.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c08::/48

    Signature Algorithm: sha256WithRSAEncryption
         21:60:01:ec:aa:d4:54:39:7d:3b:a5:70:7b:fd:fa:0a:c7:40:
         33:c8:2a:62:4e:98:0a:a3:9e:a4:81:36:3a:c1:36:46:64:19:
         0b:a4:2d:2e:a8:82:69:40:9e:a3:e0:dd:3f:10:80:b1:af:0e:
         8a:cf:81:d1:1a:bd:9d:e2:dd:18:48:de:9b:fd:86:c2:f5:f3:
         c2:38:96:7f:e7:19:93:d9:c9:ed:33:48:bc:a5:e5:a0:db:bc:
         b5:f9:75:20:24:e0:97:a9:f1:89:fd:de:87:18:de:08:0e:f4:
         1f:e0:f2:cf:5b:4b:c7:fe:8f:b4:4f:b4:71:73:31:5e:8e:c2:
         25:91:d8:15:bc:fc:15:15:d7:ba:f9:9d:b2:95:62:84:f6:10:
         2f:f1:06:66:f4:c0:cd:73:05:af:51:a0:5f:2d:6f:e5:a2:b2:
         0f:51:0d:a7:7b:86:da:97:cc:95:7a:6c:f2:9c:eb:55:95:70:
         cb:e4:84:85:ab:6f:b4:dd:06:a6:61:1d:e2:36:62:38:36:fe:
         47:a7:09:68:b7:73:69:75:fd:09:38:a2:cb:2e:42:b8:77:c5:
         bc:a2:d4:1b:8e:43:0e:9d:49:1a:44:c0:30:27:08:0e:17:da:
         5a:c4:ac:ab:60:ef:86:c3:88:8f:4b:cc:6a:f1:70:dc:8a:a7:
         66:85:bc:75
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUcYb3q3Xhx/3PBWGFHs5aAi8ZYu4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNzIxMTYyMTIyWhcNMjUwODI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A2YmVjOWZlMWVmNjk0ODJmNzc4NmQwM2Q3ZDljZGIyYzc2
M2M4MzA5M2ZkOTEzOTJjOWY0NGIwMWVlNGQwNGQ1MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQLVF4YrNRVqfH85I+x2vVdUXJkYyymClkSQKJb6ecfr7k
EQ04iRieYYPvYcXchE0+u23pXEnJjUWDdqvwX+SCcqbqycJoBEwOa4ZACTw26EgQ
M29y63YfkfsdmpXRtkCAdMbelaDe0iVSD6QB8Bp/Roe/u0ByQDS3xWWxWmSXdxAF
TviAKAR0996JXyKcsWp9Vd+dRo/cIcJXyG/jtZfuo/pxpL/SaSSjStf5how8QTcZ
7KPIkZoPps035RFyVpLu8QNXh1T26holzh7q6wrpij0KPkPAdNsk4TJYGqn2nKqn
PvzJ44Dkmu+EHp4MkRRJRmeDak7wpWr2T2iTDcQDAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUlqUEf7sj2EeZGxFX0SGdExUC9towHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2Y1ZjQ1ZWUwLTg2YzItNGQ3MC1hMGRjLTcyZTFmNWU0ZWQ3NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADAgwDQYJKoZIhvcNAQELBQADggEBACFgAeyq1FQ5fTulcHv9+grH
QDPIKmJOmAqjnqSBNjrBNkZkGQukLS6ogmlAnqPg3T8QgLGvDorPgdEavZ3i3RhI
3pv9hsL188I4ln/nGZPZye0zSLyl5aDbvLX5dSAk4Jep8Yn93ocY3ggO9B/g8s9b
S8f+j7RPtHFzMV6OwiWR2BW8/BUV17r5nbKVYoT2EC/xBmb0wM1zBa9RoF8tb+Wi
sg9RDad7htqXzJV6bPKc61WVcMvkhIWrb7TdBqZhHeI2Yjg2/kenCWi3c2l1/Qk4
ossuQrh3xbyi1BuOQw6dSRpEwDAnCA4X2lrErKtg74bDiI9LzGrxcNyKp2aFvHU=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:37:31 2025 by rpki-client