Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/3f9eac71-74eb-41d6-909a-a188024d8d5f.roa
File:                     3f9eac71-74eb-41d6-909a-a188024d8d5f.roa (raw, json)
Hash identifier:          SMPPFPvLITh5YNemQyKMXCwsxurQhPQZSmaBce/Wtdw=
Subject key identifier:   AA:F8:76:B5:DA:17:71:AC:5A:47:B4:99:D7:B4:76:1D:56:E9:F7:ED
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       283385D018DF3ECB88525F01F017B74D87F058A9
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/3f9eac71-74eb-41d6-909a-a188024d8d5f.roa
Signing time:             Mon 06 Oct 2025 17:20:05 +0000
ROA not before:           Mon 06 Oct 2025 17:20:05 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     21664
IP address blocks:        2605:9cc0:c16::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:33:85:d0:18:df:3e:cb:88:52:5f:01:f0:17:b7:4d:87:f0:58:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Oct  6 17:20:05 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=f51f1396a1de23236a2a42b8100d276e6c8db66f60e5043eb090311588da1047, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:cd:ab:b3:29:bf:a4:df:80:46:7d:5e:22:47:
                    32:1b:62:3a:03:83:40:b1:05:e9:c4:64:7f:4e:79:
                    c5:49:eb:90:b2:e2:80:77:a6:7f:cc:a1:ab:d7:8e:
                    24:d6:89:48:88:6d:68:5d:be:4e:48:e9:f9:81:6a:
                    7b:51:07:b0:08:ee:c9:3b:35:31:0b:a3:e4:65:6a:
                    49:f9:6f:e5:01:eb:d2:93:8b:0e:1a:ef:af:7b:d1:
                    7c:82:b2:36:d8:ad:c8:c1:45:48:8f:7f:47:70:1f:
                    e2:77:7a:40:64:1c:cd:03:d6:c1:50:55:f3:35:5e:
                    0a:8a:92:c1:32:e4:f3:a0:dc:b6:e8:36:1e:7e:d1:
                    8c:94:91:cd:a8:2f:6f:b0:b5:a3:93:d6:c3:56:12:
                    31:f6:3b:f8:10:38:35:d4:42:4b:80:0c:a1:9d:ba:
                    4b:a5:80:89:c4:31:5d:fc:53:ba:3d:fe:6e:8b:40:
                    9c:5d:32:35:e9:df:2d:ec:d2:58:d3:8c:15:cc:8c:
                    e8:0a:f0:a7:bb:02:c1:28:f5:0f:ff:49:a3:21:a2:
                    c8:0c:7a:c0:0f:10:a9:c0:8e:74:dc:5c:fc:c6:f1:
                    19:f5:ab:72:b2:3b:c0:8e:65:55:66:99:15:2e:7c:
                    2b:61:d3:3e:88:5c:85:ae:6c:d5:0a:d3:84:4e:ef:
                    d6:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:F8:76:B5:DA:17:71:AC:5A:47:B4:99:D7:B4:76:1D:56:E9:F7:ED
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/3f9eac71-74eb-41d6-909a-a188024d8d5f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c16::/48

    Signature Algorithm: sha256WithRSAEncryption
         4f:da:3b:71:8f:f3:88:3f:54:9c:52:37:b8:a1:a4:ff:f1:85:
         49:a5:94:b2:6e:7c:cc:13:db:35:23:89:bb:24:a4:09:da:81:
         d8:b0:0a:09:2a:ad:0d:d1:b4:a7:fd:26:11:88:28:ad:93:84:
         af:9e:7e:8e:fd:da:b1:f1:fd:0d:87:35:86:62:3c:99:5f:12:
         5b:95:c9:9a:53:0f:87:44:23:8c:88:46:b2:76:7b:39:f6:55:
         1a:78:61:10:33:40:ed:2b:34:12:26:99:7c:6b:14:3e:2a:a5:
         a2:f4:85:df:8c:ce:f0:48:c2:cb:cc:6b:31:a3:86:5e:ee:c4:
         15:c9:d5:23:7a:22:f1:16:79:25:24:53:19:53:37:3b:d1:a5:
         af:19:3e:bd:06:7f:1d:38:2a:30:16:92:86:a3:3c:84:d3:e2:
         17:4d:5b:f6:7b:47:a3:29:3b:5f:77:71:78:20:19:f8:41:f2:
         57:9d:48:d8:77:a4:f9:82:cf:7f:6f:12:aa:fd:7a:4e:42:e4:
         30:71:1a:c3:76:14:58:7b:8e:14:f7:cc:b3:35:05:d0:ff:bf:
         18:2b:d5:10:56:63:0a:88:f0:93:6d:ec:e5:43:f6:1a:f0:96:
         af:83:f0:82:63:c0:86:8b:de:ee:1a:c3:2a:52:01:70:18:2f:
         2e:b8:e6:c8
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUKDOF0BjfPsuIUl8B8Be3TYfwWKkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUxMDA2MTcyMDA1WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BmNTFmMTM5NmExZGUyMzIzNmEyYTQyYjgxMDBkMjc2ZTZj
OGRiNjZmNjBlNTA0M2ViMDkwMzExNTg4ZGExMDQ3MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCszauzKb+k34BGfV4iRzIbYjoDg0CxBenEZH9OecVJ65Cy
4oB3pn/MoavXjiTWiUiIbWhdvk5I6fmBantRB7AI7sk7NTELo+Rlakn5b+UB69KT
iw4a76970XyCsjbYrcjBRUiPf0dwH+J3ekBkHM0D1sFQVfM1XgqKksEy5POg3Lbo
Nh5+0YyUkc2oL2+wtaOT1sNWEjH2O/gQODXUQkuADKGdukulgInEMV38U7o9/m6L
QJxdMjXp3y3s0ljTjBXMjOgK8Ke7AsEo9Q//SaMhosgMesAPEKnAjnTcXPzG8Rn1
q3KyO8COZVVmmRUufCth0z6IXIWubNUK04RO79YZAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUqvh2tdoXcaxaR7SZ17R2HVbp9+0wHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzNmOWVhYzcxLTc0ZWItNDFkNi05MDlhLWExODgwMjRkOGQ1Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADBYwDQYJKoZIhvcNAQELBQADggEBAE/aO3GP84g/VJxSN7ihpP/x
hUmllLJufMwT2zUjibskpAnagdiwCgkqrQ3RtKf9JhGIKK2ThK+efo792rHx/Q2H
NYZiPJlfEluVyZpTD4dEI4yIRrJ2ezn2VRp4YRAzQO0rNBImmXxrFD4qpaL0hd+M
zvBIwsvMazGjhl7uxBXJ1SN6IvEWeSUkUxlTNzvRpa8ZPr0Gfx04KjAWkoajPITT
4hdNW/Z7R6MpO193cXggGfhB8ledSNh3pPmCz39vEqr9ek5C5DBxGsN2FFh7jhT3
zLM1BdD/vxgr1RBWYwqI8JNt7OVD9hrwlq+D8IJjwIaL3u4awypSAXAYLy645sg=
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:20:37 2025 by rpki-client