Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/1a27840b-04f0-4281-ae61-d39dd7cf54c3.roa
File:                     1a27840b-04f0-4281-ae61-d39dd7cf54c3.roa (raw, json)
Hash identifier:          FgoWiKlAfLz84j8/JvX0VjLnUtAfQZ321ZR5Y9i/X2Q=
Subject key identifier:   C5:83:96:B8:EE:4B:6F:4A:73:D6:54:94:92:3A:57:6C:C6:55:AD:86
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       75088CDB62F61AF497FAA728A1060BBBD9C2FD6A
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/1a27840b-04f0-4281-ae61-d39dd7cf54c3.roa
Signing time:             Fri 26 Sep 2025 17:52:17 +0000
ROA not before:           Fri 26 Sep 2025 17:52:17 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2605:9cc0:549::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:08:8c:db:62:f6:1a:f4:97:fa:a7:28:a1:06:0b:bb:d9:c2:fd:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Sep 26 17:52:17 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=c2280794cf0af14842e32465f02442f6e198b3d0f96464181621228bc7f0b293, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:37:d9:09:82:bd:db:8d:2e:19:c0:60:4a:ac:
                    9f:c3:ca:5e:ea:d6:96:b9:ff:4f:2f:d3:8d:56:f7:
                    62:65:82:2c:2b:f9:7c:85:34:fd:ec:c3:d7:9a:d6:
                    be:2a:f4:28:02:cd:a9:dc:ff:67:e3:ff:ca:5f:02:
                    fb:a7:65:56:48:8e:58:58:d8:77:25:8e:13:f4:80:
                    ba:5f:1c:45:f8:9a:43:61:79:8c:c0:ce:13:b2:c4:
                    ba:32:2f:5d:61:cb:82:9f:d2:aa:53:01:5a:aa:7f:
                    b2:b7:f8:d4:dc:63:ef:c8:fa:1d:fa:f7:2e:fe:59:
                    42:ef:ff:86:8d:0c:bb:53:99:53:29:af:de:82:b5:
                    59:87:be:19:8b:35:81:9b:83:6e:d9:84:1e:90:4e:
                    2b:f3:a3:11:66:de:ec:e1:79:cd:5c:18:c2:5d:0b:
                    24:ef:c9:ad:b7:2c:2f:53:bf:ec:c5:9a:f1:8b:fc:
                    33:6b:8d:35:0c:2f:78:e5:30:30:10:bb:76:46:85:
                    a7:cb:c1:5a:10:4c:7d:c5:37:99:8e:a7:e6:4e:bd:
                    de:17:35:3f:3f:cb:6a:16:b9:59:c3:79:64:2a:07:
                    8d:a3:cd:46:32:da:8c:bc:f3:8e:a5:9c:24:76:ee:
                    2d:0a:89:b2:d9:7e:78:4a:d0:6e:6a:3b:f7:8b:6a:
                    d2:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:83:96:B8:EE:4B:6F:4A:73:D6:54:94:92:3A:57:6C:C6:55:AD:86
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/1a27840b-04f0-4281-ae61-d39dd7cf54c3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:549::/48

    Signature Algorithm: sha256WithRSAEncryption
         1c:2d:96:9b:bd:3c:ea:53:48:44:04:68:68:9b:3e:f7:19:bf:
         c0:e7:56:cb:89:73:83:cd:15:ff:9a:ba:ad:01:5b:64:1b:a0:
         b1:58:18:70:50:12:94:03:2d:01:bf:46:d3:ec:ed:4c:04:6e:
         23:82:ee:2c:f2:33:f8:20:6f:7e:ce:94:fd:ce:ff:ec:ff:e7:
         f5:6d:fe:ec:40:69:25:34:6b:41:b4:fb:2f:86:65:89:07:7d:
         f4:c1:02:fe:fe:a2:ed:fc:bc:00:69:5d:26:60:1e:84:eb:34:
         46:4b:06:57:13:f6:4e:bf:cc:c2:ae:ef:76:50:4d:63:d4:71:
         a6:eb:15:9d:0d:9f:29:bb:02:5b:24:2b:5a:f9:db:40:b4:1a:
         ec:a9:25:0a:62:22:56:61:99:00:07:2d:22:4f:a3:2b:81:ec:
         71:ff:15:55:af:77:93:e4:58:1f:d7:ef:1d:11:62:a1:bf:17:
         a6:9f:f0:03:f3:10:1b:4c:05:b9:50:2a:99:5d:84:79:f7:f9:
         f6:fc:eb:dd:78:65:97:09:29:94:7e:1e:a6:b2:87:15:1b:25:
         94:ad:9b:9f:bd:44:cd:ce:66:86:33:ac:da:da:83:52:bf:8d:
         d5:c5:d7:ae:ce:1c:a1:37:e6:80:f4:b2:8f:c3:64:50:4c:6c:
         f3:fd:d3:4c
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUdQiM22L2GvSX+qcooQYLu9nC/WowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwOTI2MTc1MjE3WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BjMjI4MDc5NGNmMGFmMTQ4NDJlMzI0NjVmMDI0NDJmNmUx
OThiM2QwZjk2NDY0MTgxNjIxMjI4YmM3ZjBiMjkzMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsN9kJgr3bjS4ZwGBKrJ/Dyl7q1pa5/08v041W92Jlgiwr
+XyFNP3sw9ea1r4q9CgCzanc/2fj/8pfAvunZVZIjlhY2HcljhP0gLpfHEX4mkNh
eYzAzhOyxLoyL11hy4Kf0qpTAVqqf7K3+NTcY+/I+h369y7+WULv/4aNDLtTmVMp
r96CtVmHvhmLNYGbg27ZhB6QTivzoxFm3uzhec1cGMJdCyTvya23LC9Tv+zFmvGL
/DNrjTUML3jlMDAQu3ZGhafLwVoQTH3FN5mOp+ZOvd4XNT8/y2oWuVnDeWQqB42j
zUYy2oy8846lnCR27i0KibLZfnhK0G5qO/eLatLFAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUxYOWuO5Lb0pz1lSUkjpXbMZVrYYwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzFhMjc4NDBiLTA0ZjAtNDI4MS1hZTYxLWQzOWRkN2NmNTRjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABUkwDQYJKoZIhvcNAQELBQADggEBABwtlpu9POpTSEQEaGibPvcZ
v8DnVsuJc4PNFf+auq0BW2QboLFYGHBQEpQDLQG/RtPs7UwEbiOC7izyM/ggb37O
lP3O/+z/5/Vt/uxAaSU0a0G0+y+GZYkHffTBAv7+ou38vABpXSZgHoTrNEZLBlcT
9k6/zMKu73ZQTWPUcabrFZ0Nnym7AlskK1r520C0GuypJQpiIlZhmQAHLSJPoyuB
7HH/FVWvd5PkWB/X7x0RYqG/F6af8APzEBtMBblQKpldhHn3+fb86914ZZcJKZR+
HqayhxUbJZStm5+9RM3OZoYzrNrag1K/jdXF167OHKE35oD0so/DZFBMbPP900w=
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:07:28 2025 by rpki-client