Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/2f789924-a980-48eb-b42e-463688379f41.roa
File:                     2f789924-a980-48eb-b42e-463688379f41.roa (raw, json)
Hash identifier:          vZeYJQ6HjrN5Cb/Qfha6+UIVNC04TRVc1mkTEoh3cSk=
Subject key identifier:   D3:95:EF:86:4B:30:EE:79:1B:07:75:6F:92:36:12:4D:F0:D7:89:EB
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       0B4DD699F1D8B65450B3E49715C0874BC58F8BC3
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/2f789924-a980-48eb-b42e-463688379f41.roa
Signing time:             Mon 06 Oct 2025 17:13:07 +0000
ROA not before:           Mon 06 Oct 2025 17:13:07 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     21664
IP address blocks:        2605:9cc0:64c::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:4d:d6:99:f1:d8:b6:54:50:b3:e4:97:15:c0:87:4b:c5:8f:8b:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Oct  6 17:13:07 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=6b609eeca283d584db0329d79bf05ba56e2772817467566d744fa105e96c7f48, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:fb:52:3e:01:46:e7:ac:be:16:af:55:fc:cf:
                    9f:83:24:50:47:10:ab:5a:ff:3a:c5:c8:e6:fc:df:
                    70:fe:a9:d8:6a:98:26:1c:a3:4f:d9:36:4d:cc:f8:
                    4d:24:40:89:3a:26:6e:85:b4:c4:f1:9e:df:35:69:
                    55:59:d7:a0:bb:26:a3:73:cd:48:39:20:85:87:a5:
                    ac:38:1e:ed:65:0d:5b:ad:14:69:b7:8b:40:a9:5c:
                    d1:6f:0e:18:3e:2f:28:c2:1c:3b:67:92:3e:19:69:
                    6a:39:f3:eb:00:af:e8:e6:19:3e:8c:4b:a7:0e:98:
                    c3:77:a1:e7:0d:58:85:d6:b5:ee:28:d2:ce:c0:aa:
                    ed:b7:9f:3c:7f:f4:65:e1:56:69:c9:20:1a:f8:4e:
                    aa:24:0f:13:03:7c:09:2f:b9:82:cd:20:79:3c:70:
                    2c:40:14:f6:ea:3c:9c:36:20:75:97:63:04:55:9e:
                    50:b5:d8:63:49:7b:81:e5:b4:4e:97:83:5b:2f:73:
                    ef:01:04:d2:be:ab:31:19:5b:d1:70:9e:35:a9:70:
                    77:e1:21:99:b6:23:3d:e7:2f:0d:f5:ca:4e:99:ba:
                    4f:61:f6:d0:2e:47:42:fa:ea:4f:30:1c:d9:a3:68:
                    12:4b:79:1c:67:e4:93:39:92:d3:a7:27:f8:17:e2:
                    d8:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:95:EF:86:4B:30:EE:79:1B:07:75:6F:92:36:12:4D:F0:D7:89:EB
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/2f789924-a980-48eb-b42e-463688379f41.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:64c::/48

    Signature Algorithm: sha256WithRSAEncryption
         8c:63:09:8c:94:6e:5c:89:bd:ee:8f:af:e7:be:c6:53:63:84:
         c3:5e:6f:04:fe:e1:c2:e8:79:93:3c:17:2f:4c:27:ed:dc:89:
         fa:f0:36:bb:5b:a7:a0:23:0b:c1:fc:33:c3:0f:80:4e:03:b6:
         f7:6e:d5:ce:81:29:52:d2:34:e1:80:31:f2:04:e6:82:62:5e:
         cb:dd:04:77:f3:63:ed:2d:83:2d:68:95:c7:35:27:b4:70:4a:
         06:bd:f6:8a:02:87:54:fd:f5:42:f4:eb:73:41:ab:23:f3:2c:
         7a:bc:e2:95:12:19:77:0a:fa:70:c2:79:62:9d:f1:fb:ee:58:
         1f:be:29:8d:87:7c:15:bd:02:fe:8d:9b:6d:29:f8:24:c8:d2:
         8e:6a:19:2b:70:51:d9:bd:bd:35:ab:2b:02:f1:7f:ae:8e:bb:
         5e:b3:4d:8a:d9:84:31:1d:59:15:bf:fd:ed:b8:61:42:c3:6b:
         6e:5a:17:e8:5f:a0:c7:2b:3a:17:ea:90:83:79:d9:b0:1a:76:
         f5:2b:15:a9:ec:72:17:87:d6:a3:72:2e:aa:dd:5b:50:3d:cb:
         c2:fb:f5:5c:50:51:c2:43:58:9a:96:4f:25:70:f0:bc:73:4d:
         2b:8e:51:55:35:07:e0:5f:5e:2a:65:ac:aa:73:59:de:17:42:
         dd:6f:bf:61
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUC03WmfHYtlRQs+SXFcCHS8WPi8MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUxMDA2MTcxMzA3WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A2YjYwOWVlY2EyODNkNTg0ZGIwMzI5ZDc5YmYwNWJhNTZl
Mjc3MjgxNzQ2NzU2NmQ3NDRmYTEwNWU5NmM3ZjQ4MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDC+1I+AUbnrL4Wr1X8z5+DJFBHEKta/zrFyOb833D+qdhq
mCYco0/ZNk3M+E0kQIk6Jm6FtMTxnt81aVVZ16C7JqNzzUg5IIWHpaw4Hu1lDVut
FGm3i0CpXNFvDhg+LyjCHDtnkj4ZaWo58+sAr+jmGT6MS6cOmMN3oecNWIXWte4o
0s7Aqu23nzx/9GXhVmnJIBr4TqokDxMDfAkvuYLNIHk8cCxAFPbqPJw2IHWXYwRV
nlC12GNJe4HltE6Xg1svc+8BBNK+qzEZW9FwnjWpcHfhIZm2Iz3nLw31yk6Zuk9h
9tAuR0L66k8wHNmjaBJLeRxn5JM5ktOnJ/gX4tjTAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU05Xvhksw7nkbB3VvkjYSTfDXieswHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzJmNzg5OTI0LWE5ODAtNDhlYi1iNDJlLTQ2MzY4ODM3OWY0MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABkwwDQYJKoZIhvcNAQELBQADggEBAIxjCYyUblyJve6Pr+e+xlNj
hMNebwT+4cLoeZM8Fy9MJ+3cifrwNrtbp6AjC8H8M8MPgE4Dtvdu1c6BKVLSNOGA
MfIE5oJiXsvdBHfzY+0tgy1olcc1J7RwSga99ooCh1T99UL063NBqyPzLHq84pUS
GXcK+nDCeWKd8fvuWB++KY2HfBW9Av6Nm20p+CTI0o5qGStwUdm9vTWrKwLxf66O
u16zTYrZhDEdWRW//e24YULDa25aF+hfoMcrOhfqkIN52bAadvUrFanscheH1qNy
LqrdW1A9y8L79VxQUcJDWJqWTyVw8LxzTSuOUVU1B+BfXiplrKpzWd4XQt1vv2E=
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:52:55 2025 by rpki-client