Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/b07256c3-b97b-471b-a0c0-0d299c636138.roa
File:                     b07256c3-b97b-471b-a0c0-0d299c636138.roa (raw, json)
Hash identifier:          KhehgvzG6a7u00yILa3uipXds6N76LbCSCQY7C+C+zA=
Subject key identifier:   91:2A:06:1F:68:33:BA:6E:2A:1A:1C:B7:D1:C1:6C:05:15:5B:5E:08
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       48EDF03844D8A1235B14F983F31BA070D7398D37
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/b07256c3-b97b-471b-a0c0-0d299c636138.roa
Signing time:             Mon 06 Oct 2025 17:13:20 +0000
ROA not before:           Mon 06 Oct 2025 17:13:20 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     21664
IP address blocks:        2605:9cc0:c08::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:ed:f0:38:44:d8:a1:23:5b:14:f9:83:f3:1b:a0:70:d7:39:8d:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Oct  6 17:13:20 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=de6fae0abe073bb9a33b13d6a0aa17a17df46f621d29888b1a7846f4790a0bb1, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:58:b7:e3:36:f4:3d:65:8c:7b:53:44:00:56:
                    0e:f0:38:f4:bd:72:f2:64:7f:f5:22:29:a5:a1:99:
                    98:97:31:63:d5:18:bd:24:aa:31:dd:78:66:80:b7:
                    2a:53:cd:41:0e:e7:da:1c:50:78:81:ef:89:de:b9:
                    4e:ca:19:11:99:38:5a:24:2f:49:a4:37:48:33:28:
                    84:64:33:b7:e6:c5:48:8c:d4:01:8f:46:72:12:b3:
                    a6:10:6c:e6:e5:fe:0f:81:33:88:99:c8:0e:7b:79:
                    3b:f5:29:af:e3:a9:65:6a:f2:8d:77:4e:0e:ef:a9:
                    79:d6:bd:da:6e:75:3f:6e:ae:c1:21:54:78:45:c4:
                    3c:3c:7d:4d:bd:4f:1f:a7:e7:89:29:68:9b:37:d7:
                    dd:4b:3a:b0:6f:cf:a0:e4:63:b9:81:0c:5a:4a:b0:
                    23:86:0b:72:45:df:d1:2f:c7:2f:88:7e:fd:66:8f:
                    88:5e:6c:c8:e1:47:b8:47:0c:08:fd:86:f5:ec:21:
                    f2:c5:51:e2:dd:2b:96:b9:2c:ab:82:35:20:07:f8:
                    d5:f3:46:1b:4d:c3:54:0a:76:f4:be:99:eb:cf:33:
                    99:a9:9c:14:d2:65:59:9f:f4:5d:76:16:22:bd:00:
                    f9:77:5b:6f:1d:51:75:a8:8f:63:78:11:22:3a:41:
                    81:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:2A:06:1F:68:33:BA:6E:2A:1A:1C:B7:D1:C1:6C:05:15:5B:5E:08
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/b07256c3-b97b-471b-a0c0-0d299c636138.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c08::/48

    Signature Algorithm: sha256WithRSAEncryption
         51:99:fd:6d:c0:22:34:2d:28:63:06:36:cb:0a:e3:f8:8d:ad:
         42:1a:7b:63:43:d6:72:1d:8b:70:62:56:3c:48:73:5d:d9:24:
         b2:3d:04:3c:1b:b2:1b:96:5f:66:57:76:bf:c5:dc:46:4b:ac:
         46:73:39:7b:7c:99:43:0c:58:65:a6:4f:b4:15:a6:95:7b:71:
         32:b4:c0:cb:27:b9:20:1c:67:1b:27:5c:fb:f5:37:45:90:5b:
         cf:34:97:04:a5:c6:1e:b5:a6:39:e8:24:87:a0:df:46:a6:b4:
         76:ed:21:2a:d3:a7:f9:75:05:c7:00:de:21:dc:8d:e2:de:b5:
         ef:45:21:b6:41:e8:0f:53:58:68:09:07:1c:fc:bf:8a:c1:1a:
         54:25:05:c4:79:c1:29:6d:5e:00:03:a9:52:8e:9f:df:9c:3f:
         e3:e5:12:4c:0b:cf:b4:96:1a:8c:e0:bf:60:e3:5c:4f:5a:dc:
         39:06:71:a1:dd:a0:b7:5f:9c:6c:fc:c1:b0:b9:36:0b:ff:21:
         b5:8f:23:4d:fd:6f:56:92:5c:d8:ea:cd:0f:32:71:e1:db:2c:
         f0:36:dc:62:c6:46:2c:e5:43:46:fe:9c:25:d6:90:a8:20:44:
         58:1c:12:03:77:90:df:51:11:fe:d6:b3:de:02:bf:b2:dc:e5:
         b9:c2:d6:d2
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUSO3wOETYoSNbFPmD8xugcNc5jTcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUxMDA2MTcxMzIwWhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkZTZmYWUwYWJlMDczYmI5YTMzYjEzZDZhMGFhMTdhMTdk
ZjQ2ZjYyMWQyOTg4OGIxYTc4NDZmNDc5MGEwYmIxMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCRWLfjNvQ9ZYx7U0QAVg7wOPS9cvJkf/UiKaWhmZiXMWPV
GL0kqjHdeGaAtypTzUEO59ocUHiB74neuU7KGRGZOFokL0mkN0gzKIRkM7fmxUiM
1AGPRnISs6YQbObl/g+BM4iZyA57eTv1Ka/jqWVq8o13Tg7vqXnWvdpudT9ursEh
VHhFxDw8fU29Tx+n54kpaJs3191LOrBvz6DkY7mBDFpKsCOGC3JF39Evxy+Ifv1m
j4hebMjhR7hHDAj9hvXsIfLFUeLdK5a5LKuCNSAH+NXzRhtNw1QKdvS+mevPM5mp
nBTSZVmf9F12FiK9APl3W28dUXWoj2N4ESI6QYE3AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUkSoGH2gzum4qGhy30cFsBRVbXggwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2IwNzI1NmMzLWI5N2ItNDcxYi1hMGMwLTBkMjk5YzYzNjEzOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADAgwDQYJKoZIhvcNAQELBQADggEBAFGZ/W3AIjQtKGMGNssK4/iN
rUIae2ND1nIdi3BiVjxIc13ZJLI9BDwbshuWX2ZXdr/F3EZLrEZzOXt8mUMMWGWm
T7QVppV7cTK0wMsnuSAcZxsnXPv1N0WQW880lwSlxh61pjnoJIeg30amtHbtISrT
p/l1BccA3iHcjeLete9FIbZB6A9TWGgJBxz8v4rBGlQlBcR5wSltXgADqVKOn9+c
P+PlEkwLz7SWGozgv2DjXE9a3DkGcaHdoLdfnGz8wbC5Ngv/IbWPI039b1aSXNjq
zQ8yceHbLPA23GLGRizlQ0b+nCXWkKggRFgcEgN3kN9REf7Ws94Cv7Lc5bnC1tI=
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:53:16 2025 by rpki-client