Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/2ff0469b-9f32-4585-929d-a8709323cfa2.roa
File:                     2ff0469b-9f32-4585-929d-a8709323cfa2.roa (raw, json)
Hash identifier:          G0yuNqVPQ1m7MDH8IM2QWG8WwzFA7DSKoQvapcWP1c4=
Subject key identifier:   A1:94:FE:7D:20:05:63:79:28:14:E6:22:5A:5E:B3:A7:41:6B:C5:06
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       3C3EFB08F224657E32A6585E01B19A6551CE04D2
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/2ff0469b-9f32-4585-929d-a8709323cfa2.roa
Signing time:             Mon 06 Oct 2025 17:13:52 +0000
ROA not before:           Mon 06 Oct 2025 17:13:52 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     21664
IP address blocks:        2605:9cc0:c0e::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 22 Oct 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:3e:fb:08:f2:24:65:7e:32:a6:58:5e:01:b1:9a:65:51:ce:04:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Oct  6 17:13:52 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=cdde2b57ba6761d5327a0c99f36f8cf19a259c7f10fd300aab17c7228edb64eb, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:de:3a:66:f7:12:9f:89:cc:9a:78:43:70:3d:
                    09:8f:95:7f:72:5e:bb:e6:16:c6:5e:94:21:a2:0a:
                    74:d7:e9:57:89:40:bc:1f:19:b5:35:dd:9a:e0:81:
                    25:09:d2:d9:50:36:c3:c4:f5:4e:b1:25:1a:b3:c4:
                    70:3b:f3:c8:a4:08:2d:a5:fa:16:fe:e5:fe:f5:24:
                    51:ab:f8:d9:f4:05:b9:42:1a:05:f4:8b:fa:f6:a4:
                    f2:3f:43:20:c2:04:c7:e4:91:04:14:fa:c1:80:91:
                    97:a4:a4:a9:c8:82:a4:d8:a4:b7:42:d5:c7:9b:be:
                    dd:a9:d5:32:84:95:e9:a9:35:64:2d:22:ac:18:6e:
                    e2:3e:af:4b:1a:c0:1a:ff:71:5f:83:d0:f1:67:43:
                    fd:60:96:64:c0:7a:70:97:8a:5e:e1:5e:1d:4a:1c:
                    c8:56:a2:40:f3:2e:a4:ec:d7:c4:f4:1c:ef:c6:c5:
                    06:1d:5b:84:d3:53:a3:47:a1:85:60:51:66:2a:0b:
                    27:67:a2:58:e8:bb:c6:3c:1f:89:c5:d0:8b:59:3e:
                    bc:33:be:31:5e:b2:94:c5:19:39:68:a6:fb:1b:a7:
                    8d:cb:09:e3:7c:1e:65:c5:1e:7e:53:9c:15:93:39:
                    9b:b7:b9:50:d3:69:fa:99:c5:fc:7a:be:c8:22:fc:
                    1b:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:94:FE:7D:20:05:63:79:28:14:E6:22:5A:5E:B3:A7:41:6B:C5:06
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/2ff0469b-9f32-4585-929d-a8709323cfa2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c0e::/48

    Signature Algorithm: sha256WithRSAEncryption
         1c:49:73:95:6c:30:69:5e:d9:5f:7d:5f:3f:88:16:a0:8f:24:
         27:87:36:d1:b3:aa:7c:41:2e:be:8a:75:a2:b7:c7:a6:0d:09:
         b7:50:a1:87:07:07:8b:e3:a6:1f:a6:ba:e2:74:c5:8d:39:40:
         43:ed:b8:92:0b:e6:a8:9d:bc:a1:aa:3c:40:2a:f3:2d:65:8c:
         cb:e7:41:24:f7:3b:49:a6:77:91:35:fc:ef:ee:b0:8c:ad:8f:
         d8:b7:5f:21:16:d4:5c:2e:72:9b:c7:e2:7a:68:10:19:17:e5:
         73:f3:42:0f:19:57:75:59:3f:7f:1a:ce:b9:34:68:56:bb:9e:
         c2:a4:1e:c1:89:8e:33:59:cd:b4:a9:c0:7d:e2:36:3e:c3:6c:
         15:3e:1f:c5:26:bc:6f:90:4f:09:ee:aa:ad:68:c0:ee:1c:f7:
         9f:90:31:dc:f7:51:c8:83:22:fa:42:c4:01:f1:a8:a3:ed:74:
         08:c0:46:b1:12:78:9a:ab:42:91:96:83:b1:e7:03:f4:92:17:
         19:07:99:af:4c:4e:90:60:27:b7:c8:5f:ec:3d:fb:fe:1c:ae:
         4d:e5:36:d7:b7:86:99:d5:f9:7e:e6:a0:75:b5:ca:85:56:96:
         70:10:2d:9d:c4:b1:94:a6:c9:dc:14:8a:06:44:4a:51:9c:5d:
         e2:7e:24:b6
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUPD77CPIkZX4yplheAbGaZVHOBNIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUxMDA2MTcxMzUyWhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BjZGRlMmI1N2JhNjc2MWQ1MzI3YTBjOTlmMzZmOGNmMTlh
MjU5YzdmMTBmZDMwMGFhYjE3YzcyMjhlZGI2NGViMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCi3jpm9xKficyaeENwPQmPlX9yXrvmFsZelCGiCnTX6VeJ
QLwfGbU13ZrggSUJ0tlQNsPE9U6xJRqzxHA788ikCC2l+hb+5f71JFGr+Nn0BblC
GgX0i/r2pPI/QyDCBMfkkQQU+sGAkZekpKnIgqTYpLdC1cebvt2p1TKElempNWQt
IqwYbuI+r0sawBr/cV+D0PFnQ/1glmTAenCXil7hXh1KHMhWokDzLqTs18T0HO/G
xQYdW4TTU6NHoYVgUWYqCydnoljou8Y8H4nF0ItZPrwzvjFespTFGTlopvsbp43L
CeN8HmXFHn5TnBWTOZu3uVDTafqZxfx6vsgi/BtjAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUoZT+fSAFY3koFOYiWl6zp0FrxQYwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzJmZjA0NjliLTlmMzItNDU4NS05MjlkLWE4NzA5MzIzY2ZhMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADA4wDQYJKoZIhvcNAQELBQADggEBABxJc5VsMGle2V99Xz+IFqCP
JCeHNtGzqnxBLr6KdaK3x6YNCbdQoYcHB4vjph+muuJ0xY05QEPtuJIL5qidvKGq
PEAq8y1ljMvnQST3O0mmd5E1/O/usIytj9i3XyEW1FwucpvH4npoEBkX5XPzQg8Z
V3VZP38azrk0aFa7nsKkHsGJjjNZzbSpwH3iNj7DbBU+H8UmvG+QTwnuqq1owO4c
95+QMdz3UciDIvpCxAHxqKPtdAjARrESeJqrQpGWg7HnA/SSFxkHma9MTpBgJ7fI
X+w9+/4crk3lNte3hpnV+X7moHW1yoVWlnAQLZ3EsZSmydwUigZESlGcXeJ+JLY=
-----END CERTIFICATE-----