Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/3d2c81ea-9409-45ff-91e4-45a394e9fb80.roa
File:                     3d2c81ea-9409-45ff-91e4-45a394e9fb80.roa (raw, json)
Hash identifier:          IZCA+5+njZ6p+yty512j6Ns0Bk4JxLqcKEwShmJPOGc=
Subject key identifier:   5E:59:51:7D:F8:B1:61:8F:69:73:0E:29:04:E0:33:E7:A4:8A:E9:AF
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       1F0F9A28957D8E20EB5043B4F4CFA658E1F30549
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/3d2c81ea-9409-45ff-91e4-45a394e9fb80.roa
Signing time:             Fri 26 Sep 2025 17:53:33 +0000
ROA not before:           Fri 26 Sep 2025 17:53:33 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2605:9cc0:62b::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 22 Oct 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:0f:9a:28:95:7d:8e:20:eb:50:43:b4:f4:cf:a6:58:e1:f3:05:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Sep 26 17:53:33 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=9a4c9b8e1b1ef520231bd45c109200720f38f5af3be1c006043eb96fa4e62305, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:4b:10:42:5a:39:3e:fc:27:94:35:5f:c9:df:
                    a9:38:b3:1a:f2:89:56:53:49:89:66:30:c6:93:05:
                    70:2a:1a:fa:7d:08:31:e0:46:5a:90:6d:ba:94:91:
                    08:f9:ba:ca:2a:9a:5e:06:ad:68:05:3d:e5:a9:93:
                    b6:03:55:03:0b:70:59:f4:38:87:59:bb:cc:16:7c:
                    aa:0e:b6:08:48:27:e0:ac:e1:38:38:39:7c:a1:43:
                    4c:70:d2:fa:4c:f6:b1:62:f5:5b:3b:1b:ab:54:4d:
                    09:1b:98:d0:d5:aa:13:b8:eb:4f:43:9e:bc:dc:15:
                    90:e6:a2:2f:69:6a:7d:d0:08:20:bc:3d:ed:eb:96:
                    00:f8:12:1d:61:34:44:60:0b:09:b1:e5:08:7e:2d:
                    c3:93:7a:83:bf:01:22:68:c8:b3:6e:4c:57:4c:8e:
                    cb:bd:53:6e:86:4d:9f:1b:94:0a:82:e0:4a:f1:6a:
                    9a:dd:e8:63:e8:9b:ad:84:27:a8:15:2a:59:a7:5a:
                    ab:e5:86:4f:2c:0d:3d:69:76:54:75:2f:de:80:21:
                    6c:9e:e9:51:be:c1:75:45:4c:c5:4c:54:dd:67:fc:
                    97:fb:e8:98:41:40:57:dd:ee:50:52:e5:81:35:a6:
                    74:ed:50:5e:81:7d:4b:f8:16:ce:e1:96:09:37:ce:
                    50:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:59:51:7D:F8:B1:61:8F:69:73:0E:29:04:E0:33:E7:A4:8A:E9:AF
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/3d2c81ea-9409-45ff-91e4-45a394e9fb80.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:62b::/48

    Signature Algorithm: sha256WithRSAEncryption
         90:10:38:94:e9:b7:29:3d:9b:89:17:ad:ab:44:73:d3:99:1e:
         8b:91:5b:bc:33:ca:6d:84:25:bb:af:a7:d3:43:11:3d:2e:4f:
         94:5b:79:53:54:0e:40:a3:3f:0b:20:c3:bd:06:29:40:1d:92:
         f0:bb:7f:2e:78:0a:8f:96:7f:d3:ff:24:73:f2:c6:08:3e:62:
         fe:bc:da:da:51:c5:e8:02:e4:1d:ed:dd:de:39:e2:b6:ad:43:
         62:90:96:06:51:1e:ae:3a:1e:66:ae:a9:8d:d1:67:18:a7:c8:
         db:50:b2:5a:00:6e:a3:c5:8b:43:b1:3b:d0:51:fe:bf:af:0a:
         7e:70:98:03:e3:c7:5c:06:d0:ff:de:b7:9a:ea:0d:fa:7c:38:
         6c:e1:bd:b7:fa:08:1b:85:60:c5:aa:b6:93:39:62:b8:78:cf:
         c4:a6:6f:ab:4a:30:3f:f8:af:a9:da:27:01:f2:bc:e2:42:19:
         b8:63:73:3b:06:9b:17:ea:83:86:fc:df:bf:e2:10:e9:82:5e:
         ed:da:f0:2b:11:97:5f:67:f5:48:58:83:0f:fa:a4:db:e9:ff:
         c8:34:53:45:b5:ac:00:1c:c8:62:b8:54:c5:b8:64:09:dc:28:
         cd:1c:a2:e9:7f:ff:1d:42:f4:e6:db:3c:d7:11:7f:7b:69:2d:
         33:aa:b4:f6
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUHw+aKJV9jiDrUEO09M+mWOHzBUkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwOTI2MTc1MzMzWhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A5YTRjOWI4ZTFiMWVmNTIwMjMxYmQ0NWMxMDkyMDA3MjBm
MzhmNWFmM2JlMWMwMDYwNDNlYjk2ZmE0ZTYyMzA1MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpSxBCWjk+/CeUNV/J36k4sxryiVZTSYlmMMaTBXAqGvp9
CDHgRlqQbbqUkQj5usoqml4GrWgFPeWpk7YDVQMLcFn0OIdZu8wWfKoOtghIJ+Cs
4Tg4OXyhQ0xw0vpM9rFi9Vs7G6tUTQkbmNDVqhO4609DnrzcFZDmoi9pan3QCCC8
Pe3rlgD4Eh1hNERgCwmx5Qh+LcOTeoO/ASJoyLNuTFdMjsu9U26GTZ8blAqC4Erx
aprd6GPom62EJ6gVKlmnWqvlhk8sDT1pdlR1L96AIWye6VG+wXVFTMVMVN1n/Jf7
6JhBQFfd7lBS5YE1pnTtUF6BfUv4Fs7hlgk3zlCjAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUXllRffixYY9pcw4pBOAz56SK6a8wHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzNkMmM4MWVhLTk0MDktNDVmZi05MWU0LTQ1YTM5NGU5ZmI4MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABiswDQYJKoZIhvcNAQELBQADggEBAJAQOJTptyk9m4kXratEc9OZ
HouRW7wzym2EJbuvp9NDET0uT5RbeVNUDkCjPwsgw70GKUAdkvC7fy54Co+Wf9P/
JHPyxgg+Yv682tpRxegC5B3t3d454ratQ2KQlgZRHq46HmauqY3RZxinyNtQsloA
bqPFi0OxO9BR/r+vCn5wmAPjx1wG0P/et5rqDfp8OGzhvbf6CBuFYMWqtpM5Yrh4
z8Smb6tKMD/4r6naJwHyvOJCGbhjczsGmxfqg4b837/iEOmCXu3a8CsRl19n9UhY
gw/6pNvp/8g0U0W1rAAcyGK4VMW4ZAncKM0coul//x1C9ObbPNcRf3tpLTOqtPY=
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:04:33 2025 by rpki-client