Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/3983d9b9-cb06-4315-b0e8-52b47d039b39.roa
File:                     3983d9b9-cb06-4315-b0e8-52b47d039b39.roa (raw, json)
Hash identifier:          AYTJ0+8uN2HUx7fMURs01zQBWhmROuz1/9YqCMh9i6g=
Subject key identifier:   5C:3F:73:9E:B7:0A:6A:CD:95:50:0A:52:B2:1A:10:F5:BB:D2:3C:3A
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       389105FB34849AE21F0E267A5D92FD41CC97C64C
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/3983d9b9-cb06-4315-b0e8-52b47d039b39.roa
Signing time:             Fri 15 Aug 2025 15:11:22 +0000
ROA not before:           Fri 15 Aug 2025 15:11:22 +0000
ROA not after:            Fri 19 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:9cc0:c0d::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:91:05:fb:34:84:9a:e2:1f:0e:26:7a:5d:92:fd:41:cc:97:c6:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Aug 15 15:11:22 2025 GMT
            Not After : Sep 19 23:59:59 2025 GMT
        Subject: serialNumber=b6c8cf929e47d1e3d00a8aaea1d89e6ced4b14bd711afca3fbba410a36debf3f, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:5e:cf:44:29:ad:fe:5f:dd:dc:51:d3:fe:66:
                    97:53:18:08:80:84:f6:5f:f6:e5:a5:0a:0a:df:c4:
                    b3:5e:ff:bc:7e:20:e7:02:d1:10:64:49:02:f8:84:
                    d0:f8:09:a4:8d:74:d5:ce:f5:ff:96:b8:fe:54:d4:
                    46:a1:08:e0:59:41:73:7d:d9:77:f3:fe:f9:6c:b1:
                    3d:36:7f:e3:4f:7e:3e:e5:7f:6c:ad:08:27:96:72:
                    6f:78:4f:93:2a:ca:6d:46:b7:6a:19:8b:5f:56:cc:
                    7c:a0:2a:26:fb:d9:30:95:3a:9a:0a:93:95:84:bc:
                    0c:94:5a:01:c9:17:d9:6f:1e:71:19:41:b3:71:60:
                    b5:55:6c:51:eb:f0:c0:40:d4:58:1a:b4:8b:6d:6a:
                    71:8e:32:ff:24:fb:c3:86:97:6b:71:8d:48:d2:d7:
                    d5:31:75:09:70:09:17:30:fd:bc:88:46:20:95:9e:
                    19:18:d0:b3:d0:1b:da:a0:a3:44:d4:4b:d4:f3:42:
                    fe:09:ca:c2:c8:c6:0e:86:26:f6:f9:f7:e4:af:c2:
                    db:5e:dc:77:1a:6a:84:df:c5:2a:3b:5f:b0:af:9b:
                    1d:23:43:fe:6d:44:b0:dc:d6:71:5c:c1:d6:08:a1:
                    0c:e6:1a:55:96:4c:db:05:14:29:20:8d:ce:63:b0:
                    c6:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:3F:73:9E:B7:0A:6A:CD:95:50:0A:52:B2:1A:10:F5:BB:D2:3C:3A
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/3983d9b9-cb06-4315-b0e8-52b47d039b39.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c0d::/48

    Signature Algorithm: sha256WithRSAEncryption
         2e:78:a5:6a:9e:ce:ca:e1:12:2d:0a:b1:55:5c:1e:a7:2e:83:
         3c:30:4c:70:91:ff:28:25:92:74:18:c9:bc:42:ec:bf:2e:3c:
         63:03:01:1a:91:18:94:0d:4b:3a:68:37:9f:2a:42:e2:ce:fd:
         af:ec:a1:0e:2f:9e:a2:eb:6b:6a:a9:8e:ae:d9:b3:8a:6f:82:
         8d:9e:49:1e:38:67:64:26:f1:07:f2:47:9f:31:8e:c4:2b:b0:
         c7:39:a7:9b:28:37:2a:8d:53:fb:48:36:1f:6a:1e:6f:e8:94:
         1b:e8:99:21:18:c8:bd:a8:22:56:ea:9a:f6:29:8d:c4:44:6a:
         e1:95:64:3f:a8:a7:00:8f:a5:e4:72:18:2a:29:b4:f4:d8:84:
         89:5c:8a:3c:05:da:a4:44:4b:2c:90:48:b6:97:be:f5:09:35:
         83:1b:4d:bc:16:22:9f:c6:77:2c:4b:fb:66:4e:09:4f:0a:d5:
         d2:f8:a7:95:ef:d1:60:c9:cc:e7:fb:cd:9b:21:c0:0d:14:32:
         2b:3e:01:b9:7d:fa:c8:19:d1:f8:f4:d4:f6:a3:8f:8f:39:df:
         8d:94:7e:fa:11:3f:85:9a:5e:72:ff:9d:06:a2:5a:b8:09:b8:
         79:f5:4e:5c:a1:5d:35:a7:61:99:c0:04:75:00:df:a7:d9:f4:
         37:d7:d1:af
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUOJEF+zSEmuIfDiZ6XZL9QcyXxkwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwODE1MTUxMTIyWhcNMjUwOTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNmM4Y2Y5MjllNDdkMWUzZDAwYThhYWVhMWQ4OWU2Y2Vk
NGIxNGJkNzExYWZjYTNmYmJhNDEwYTM2ZGViZjNmMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsXs9EKa3+X93cUdP+ZpdTGAiAhPZf9uWlCgrfxLNe/7x+
IOcC0RBkSQL4hND4CaSNdNXO9f+WuP5U1EahCOBZQXN92Xfz/vlssT02f+NPfj7l
f2ytCCeWcm94T5Mqym1Gt2oZi19WzHygKib72TCVOpoKk5WEvAyUWgHJF9lvHnEZ
QbNxYLVVbFHr8MBA1FgatIttanGOMv8k+8OGl2txjUjS19UxdQlwCRcw/byIRiCV
nhkY0LPQG9qgo0TUS9TzQv4JysLIxg6GJvb59+Svwtte3HcaaoTfxSo7X7Cvmx0j
Q/5tRLDc1nFcwdYIoQzmGlWWTNsFFCkgjc5jsMZpAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUXD9znrcKas2VUApSshoQ9bvSPDowHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzM5ODNkOWI5LWNiMDYtNDMxNS1iMGU4LTUyYjQ3ZDAzOWIzOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADA0wDQYJKoZIhvcNAQELBQADggEBAC54pWqezsrhEi0KsVVcHqcu
gzwwTHCR/yglknQYybxC7L8uPGMDARqRGJQNSzpoN58qQuLO/a/soQ4vnqLra2qp
jq7Zs4pvgo2eSR44Z2Qm8QfyR58xjsQrsMc5p5soNyqNU/tINh9qHm/olBvomSEY
yL2oIlbqmvYpjcREauGVZD+opwCPpeRyGCoptPTYhIlcijwF2qRESyyQSLaXvvUJ
NYMbTbwWIp/GdyxL+2ZOCU8K1dL4p5Xv0WDJzOf7zZshwA0UMis+Abl9+sgZ0fj0
1Pajj485342UfvoRP4WaXnL/nQaiWrgJuHn1TlyhXTWnYZnABHUA36fZ9DfX0a8=
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:05:30 2025 by rpki-client