Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/6e3d6051-8b5c-4d8d-b08f-3791b86fb94b.roa
File:                     6e3d6051-8b5c-4d8d-b08f-3791b86fb94b.roa (raw, json)
Hash identifier:          F/x9gwyRhz5Efn2fgzchLg9os6BfZdoBEQ3SnmR9CdA=
Subject key identifier:   24:00:6B:20:3D:03:35:47:9F:3C:B4:D6:AB:C6:D3:80:A4:35:CE:A8
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       5A7882221702FA265EE8D79B827E24292D90558E
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/6e3d6051-8b5c-4d8d-b08f-3791b86fb94b.roa
Signing time:             Fri 26 Sep 2025 17:53:28 +0000
ROA not before:           Fri 26 Sep 2025 17:53:28 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:629::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:78:82:22:17:02:fa:26:5e:e8:d7:9b:82:7e:24:29:2d:90:55:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Sep 26 17:53:28 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=ea0fb09b4a24e8870a9ec43e466626b0a4d2599a2f47502ab1261c1b1e8e6477, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:b0:08:52:2f:ca:24:25:6c:5b:b9:47:66:e1:
                    48:7f:e7:96:0c:23:f7:94:99:02:90:7b:97:64:d4:
                    e6:69:79:b7:82:44:96:0e:60:1a:95:35:f6:11:76:
                    31:d8:3e:2e:ae:88:76:1b:4f:7d:ff:7c:c1:3d:d4:
                    83:62:16:96:69:20:a5:b2:f4:f8:79:54:93:e9:e0:
                    6c:a1:65:00:60:e9:e8:9f:91:e0:3e:a2:2c:30:47:
                    d5:a6:cc:c8:ec:e3:02:b7:96:79:73:38:d1:d4:31:
                    03:35:83:ee:e2:0f:40:f0:ca:92:e5:66:60:21:8b:
                    84:a6:ea:91:89:28:83:bd:1e:e6:70:c8:6d:bc:aa:
                    9c:6d:b1:1c:ea:1f:22:d9:03:34:06:e5:22:c9:af:
                    56:c1:4f:af:46:1d:13:94:ef:79:08:2a:e6:d1:dc:
                    a8:12:d4:bd:a4:9c:4c:4f:ba:47:29:03:cd:6a:fc:
                    cc:cc:c5:68:9e:82:a5:a1:e5:9f:3f:e0:8b:f7:50:
                    de:6f:4c:ec:78:44:b3:8d:9f:03:33:ff:3e:28:f8:
                    02:d9:90:d7:2e:ee:42:99:36:a6:0a:af:7f:9c:57:
                    df:bc:6e:9c:15:c1:26:d7:09:7f:6e:f9:f9:ea:ee:
                    c5:0a:d8:dc:9f:07:7e:0d:cb:67:51:57:b1:b7:4e:
                    75:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:00:6B:20:3D:03:35:47:9F:3C:B4:D6:AB:C6:D3:80:A4:35:CE:A8
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/6e3d6051-8b5c-4d8d-b08f-3791b86fb94b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:629::/48

    Signature Algorithm: sha256WithRSAEncryption
         32:c3:35:45:0d:bb:e9:56:8a:ec:d9:2d:99:04:4b:3c:79:e0:
         14:c8:30:fc:38:c3:05:95:6e:45:86:fa:2f:7a:d4:bd:73:e0:
         c8:37:5a:63:36:ff:c5:b6:d9:2d:15:5c:48:b0:6f:08:e6:05:
         50:ce:b9:57:9e:0b:df:de:04:b9:2e:8b:0b:a5:d0:4e:ce:1f:
         fb:92:5e:56:2e:15:3a:b7:cd:d7:8a:1b:fc:f0:1f:14:c4:a3:
         bd:fb:08:22:cd:fd:eb:3e:3b:6d:c0:a2:00:c4:ec:c1:99:a0:
         9e:50:f3:f5:41:30:2f:76:7a:f0:cf:8a:01:30:31:3d:5c:9a:
         df:01:56:a8:88:ed:d1:86:3e:82:03:8b:ea:25:c9:f2:9f:37:
         26:d4:f0:ef:df:9b:33:34:06:6a:c1:82:4f:59:e4:56:f1:7d:
         e3:e2:48:f9:80:c4:06:29:51:32:92:cb:ca:3b:09:3c:c4:13:
         19:d1:b2:20:4b:8e:01:67:17:c6:be:ab:45:d2:e4:33:88:16:
         93:75:05:6f:fe:4e:06:1a:1d:ff:06:27:07:46:64:f8:8c:8d:
         ce:19:03:e7:25:aa:cb:4f:f6:f8:6d:5d:ac:37:44:4d:9f:1b:
         a8:12:4e:51:a3:a8:3b:c5:5d:11:0e:af:e6:e9:ab:5f:16:63:
         a6:11:a4:68
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUWniCIhcC+iZe6Nebgn4kKS2QVY4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwOTI2MTc1MzI4WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BlYTBmYjA5YjRhMjRlODg3MGE5ZWM0M2U0NjY2MjZiMGE0
ZDI1OTlhMmY0NzUwMmFiMTI2MWMxYjFlOGU2NDc3MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0sAhSL8okJWxbuUdm4Uh/55YMI/eUmQKQe5dk1OZpebeC
RJYOYBqVNfYRdjHYPi6uiHYbT33/fME91INiFpZpIKWy9Ph5VJPp4GyhZQBg6eif
keA+oiwwR9WmzMjs4wK3lnlzONHUMQM1g+7iD0DwypLlZmAhi4Sm6pGJKIO9HuZw
yG28qpxtsRzqHyLZAzQG5SLJr1bBT69GHROU73kIKubR3KgS1L2knExPukcpA81q
/MzMxWiegqWh5Z8/4Iv3UN5vTOx4RLONnwMz/z4o+ALZkNcu7kKZNqYKr3+cV9+8
bpwVwSbXCX9u+fnq7sUK2NyfB34Ny2dRV7G3TnVjAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUJABrID0DNUefPLTWq8bTgKQ1zqgwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzZlM2Q2MDUxLThiNWMtNGQ4ZC1iMDhmLTM3OTFiODZmYjk0Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABikwDQYJKoZIhvcNAQELBQADggEBADLDNUUNu+lWiuzZLZkESzx5
4BTIMPw4wwWVbkWG+i961L1z4Mg3WmM2/8W22S0VXEiwbwjmBVDOuVeeC9/eBLku
iwul0E7OH/uSXlYuFTq3zdeKG/zwHxTEo737CCLN/es+O23AogDE7MGZoJ5Q8/VB
MC92evDPigEwMT1cmt8BVqiI7dGGPoIDi+olyfKfNybU8O/fmzM0BmrBgk9Z5Fbx
fePiSPmAxAYpUTKSy8o7CTzEExnRsiBLjgFnF8a+q0XS5DOIFpN1BW/+TgYaHf8G
JwdGZPiMjc4ZA+clqstP9vhtXaw3RE2fG6gSTlGjqDvFXREOr+bpq18WY6YRpGg=
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:53:19 2025 by rpki-client