Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/66f01be3-62cc-4bca-94fa-a48a5f45f2ff.roa
File:                     66f01be3-62cc-4bca-94fa-a48a5f45f2ff.roa (raw, json)
Hash identifier:          RH6TFAWD2gLiTOjS2RygQ4qDX+r/hjnATpPNu8S4+E8=
Subject key identifier:   B0:57:7E:6A:77:84:31:30:EE:17:C1:46:F5:CA:50:49:E7:9A:9C:E8
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       7593319385670E8FACD4FD4FD2BAF8304122D7EB
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/66f01be3-62cc-4bca-94fa-a48a5f45f2ff.roa
Signing time:             Fri 26 Sep 2025 17:51:39 +0000
ROA not before:           Fri 26 Sep 2025 17:51:39 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2605:9cc0:310::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:93:31:93:85:67:0e:8f:ac:d4:fd:4f:d2:ba:f8:30:41:22:d7:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Sep 26 17:51:39 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=47426728f96fb58540c662c3873e6c20ca242b5fbbbcd503975f8dc6b6363a0e, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:01:c2:82:41:a1:9d:12:65:4b:f4:56:71:70:
                    cf:06:d2:76:ad:3f:fe:9b:6e:61:59:35:5c:37:61:
                    97:9f:59:b5:3b:24:25:94:76:37:7b:b0:3a:3b:36:
                    b8:d7:f7:2f:7f:75:ac:0c:5f:c5:b7:0c:c5:d7:15:
                    3d:d9:c6:06:43:a5:d3:f6:5c:52:39:a7:ad:a3:7e:
                    32:67:00:4d:67:f0:cd:48:0c:d7:2c:89:8c:78:3f:
                    76:6e:ff:94:e3:65:05:e2:62:d8:45:6a:6d:05:91:
                    8e:78:fc:37:67:1f:8a:06:39:99:4d:7a:bd:d9:28:
                    51:a3:30:8c:42:78:fd:d2:a9:a4:71:28:d3:06:3b:
                    3e:26:b9:d4:0a:4b:34:d4:c6:a3:98:1c:d1:b8:dc:
                    f0:c4:2a:24:53:c9:76:ff:18:22:d2:af:93:ac:b6:
                    43:e6:36:49:4d:85:a7:26:61:6e:ea:17:79:8f:73:
                    f8:a7:b8:29:ad:f7:50:94:4a:56:0c:e4:de:9e:61:
                    e0:94:cf:f0:e8:a8:ad:ae:35:5c:6c:22:98:b9:31:
                    ac:83:35:68:02:f3:e0:11:22:3c:6c:25:88:72:22:
                    81:15:5c:a6:7a:37:81:e5:c4:5a:97:a2:33:5e:71:
                    8f:39:41:19:1d:d0:c0:3f:2e:73:36:1d:2e:ed:25:
                    a2:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:57:7E:6A:77:84:31:30:EE:17:C1:46:F5:CA:50:49:E7:9A:9C:E8
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/66f01be3-62cc-4bca-94fa-a48a5f45f2ff.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:310::/48

    Signature Algorithm: sha256WithRSAEncryption
         51:7b:c2:ba:61:88:97:d0:8e:8a:16:9f:fb:9c:cb:3f:38:42:
         a8:c0:22:e2:9e:e4:b0:75:d5:c4:4f:55:c8:0d:ca:1a:74:3d:
         f0:4a:c7:64:21:d3:46:57:fb:df:c0:b2:8e:98:2f:3b:00:94:
         18:08:11:38:7b:c1:28:32:f7:0d:8d:2f:52:f6:fc:9c:7b:e7:
         8e:f0:79:4d:2c:3f:e4:3e:18:a8:50:d9:24:60:56:d2:fa:79:
         8c:ee:f1:23:3c:29:ad:a8:ab:c1:18:7e:6b:a6:78:5a:7e:16:
         16:2b:a1:e6:54:fc:85:42:b7:57:a1:a6:4f:bf:5c:fd:dc:b1:
         46:5b:61:0a:7d:87:3f:41:6b:a1:07:a2:93:a5:a0:a1:43:90:
         63:b2:42:67:1d:b5:82:ec:51:f8:ec:5d:26:51:4b:f4:c1:9e:
         8a:e0:64:ef:58:e2:49:f8:58:6b:6c:48:20:c8:01:07:3b:b4:
         3d:56:74:48:ef:6b:92:bc:b3:39:e4:3e:ad:06:4e:b2:e0:23:
         3d:30:ad:c6:ac:f8:fc:d9:e5:ff:a0:fa:5e:10:d0:30:75:0a:
         48:a7:f1:7d:4c:e5:de:7b:f6:b2:28:f8:2e:d2:f7:26:e4:be:
         29:12:39:1d:55:62:2b:ff:9a:b4:5e:fd:5e:fa:4e:1c:a8:d3:
         24:53:30:9d
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUdZMxk4VnDo+s1P1P0rr4MEEi1+swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwOTI2MTc1MTM5WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A0NzQyNjcyOGY5NmZiNTg1NDBjNjYyYzM4NzNlNmMyMGNh
MjQyYjVmYmJiY2Q1MDM5NzVmOGRjNmI2MzYzYTBlMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpAcKCQaGdEmVL9FZxcM8G0natP/6bbmFZNVw3YZefWbU7
JCWUdjd7sDo7NrjX9y9/dawMX8W3DMXXFT3ZxgZDpdP2XFI5p62jfjJnAE1n8M1I
DNcsiYx4P3Zu/5TjZQXiYthFam0FkY54/DdnH4oGOZlNer3ZKFGjMIxCeP3SqaRx
KNMGOz4mudQKSzTUxqOYHNG43PDEKiRTyXb/GCLSr5OstkPmNklNhacmYW7qF3mP
c/inuCmt91CUSlYM5N6eYeCUz/DoqK2uNVxsIpi5MayDNWgC8+ARIjxsJYhyIoEV
XKZ6N4HlxFqXojNecY85QRkd0MA/LnM2HS7tJaKlAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUsFd+aneEMTDuF8FG9cpQSeeanOgwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzY2ZjAxYmUzLTYyY2MtNGJjYS05NGZhLWE0OGE1ZjQ1ZjJmZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzAAxAwDQYJKoZIhvcNAQELBQADggEBAFF7wrphiJfQjooWn/ucyz84
QqjAIuKe5LB11cRPVcgNyhp0PfBKx2Qh00ZX+9/Aso6YLzsAlBgIETh7wSgy9w2N
L1L2/Jx7547weU0sP+Q+GKhQ2SRgVtL6eYzu8SM8Ka2oq8EYfmumeFp+FhYroeZU
/IVCt1ehpk+/XP3csUZbYQp9hz9Ba6EHopOloKFDkGOyQmcdtYLsUfjsXSZRS/TB
norgZO9Y4kn4WGtsSCDIAQc7tD1WdEjva5K8sznkPq0GTrLgIz0wrcas+PzZ5f+g
+l4Q0DB1Ckin8X1M5d579rIo+C7S9ybkvikSOR1VYiv/mrRe/V76Thyo0yRTMJ0=
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:53:49 2025 by rpki-client