Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/ba6294fd-941c-4316-acc0-e4f732862a4c.roa
File:                     ba6294fd-941c-4316-acc0-e4f732862a4c.roa (raw, json)
Hash identifier:          UMOnHgxuVrnqfANQt73agNZtKVa6lpL5Zk2tEzUikNw=
Subject key identifier:   D1:0C:78:64:C2:B1:E0:6D:3A:EF:58:40:D7:4F:1E:64:4E:26:90:D6
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       4A52C1FFFAE8E14083D03F8BBC251586BD035FD8
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/ba6294fd-941c-4316-acc0-e4f732862a4c.roa
Signing time:             Fri 26 Sep 2025 17:53:36 +0000
ROA not before:           Fri 26 Sep 2025 17:53:36 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2605:9cc0:639::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:52:c1:ff:fa:e8:e1:40:83:d0:3f:8b:bc:25:15:86:bd:03:5f:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Sep 26 17:53:36 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=90b9292f4a8cdfee013a7a420d016e33d3b2c90d1a8284e9d4c706cc35da6b24, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:27:a9:0d:19:d9:b5:9a:a9:e9:78:4c:a8:1d:
                    cb:16:52:a7:c6:55:a2:80:cf:14:ce:07:54:6c:b8:
                    b4:c0:c6:88:68:80:e5:50:c6:23:f1:b5:ef:14:95:
                    11:ad:9e:4c:c5:ba:34:45:32:bf:46:c9:f7:d9:e3:
                    5d:49:a2:01:7c:9a:00:36:b7:67:85:0e:30:ba:27:
                    5c:0d:b3:ea:30:f1:70:1f:a4:50:18:f5:02:f5:44:
                    2f:6a:ab:6c:79:79:e4:38:54:71:22:63:e3:ae:e4:
                    18:ca:dd:76:c8:47:89:1e:22:5c:5b:43:3b:4b:4e:
                    4f:48:3d:55:45:b8:86:0e:ca:4d:d0:35:3a:c4:2c:
                    fd:94:65:3e:ab:3e:5d:23:12:02:67:f6:cd:17:82:
                    ad:d0:d1:66:c6:ca:8f:a2:71:2f:ca:98:6e:41:07:
                    f7:d3:f5:44:ba:32:1e:97:5f:89:a2:74:bd:d5:44:
                    ea:bb:21:d8:e9:18:8a:69:6a:98:77:38:41:3b:2a:
                    98:9f:a6:de:f0:0c:8d:19:06:57:6f:2a:aa:3e:45:
                    ab:a7:fd:4f:63:62:8d:48:05:fa:c8:c4:68:b5:b4:
                    93:17:b0:ad:ed:4d:99:33:c0:49:c6:77:7e:8d:c9:
                    20:6d:c3:10:9a:49:14:3d:a0:c8:7d:36:6d:c3:8a:
                    ae:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:0C:78:64:C2:B1:E0:6D:3A:EF:58:40:D7:4F:1E:64:4E:26:90:D6
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/ba6294fd-941c-4316-acc0-e4f732862a4c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:639::/48

    Signature Algorithm: sha256WithRSAEncryption
         19:e9:01:66:ce:bb:cb:76:e3:f4:d5:3d:40:33:f2:44:a3:26:
         94:07:c1:5b:48:45:07:74:eb:84:3c:ee:d1:41:5c:50:a7:2f:
         96:af:65:f0:87:b2:25:ed:35:1b:b1:46:0e:37:fa:e9:10:ee:
         fc:52:29:76:00:4b:b5:98:88:1d:89:76:d9:c3:e7:f4:fd:fd:
         b6:ba:ea:17:62:fb:8a:c4:2b:a3:a3:a1:7e:81:65:24:2f:d6:
         cc:5d:f2:77:d8:bb:d3:e9:17:21:03:db:68:40:9f:1d:01:32:
         39:d0:6b:83:ec:18:01:ec:c8:4f:7b:73:6d:38:cb:e1:9f:8d:
         2a:1c:85:5d:f1:92:7f:45:95:3d:4c:58:69:6d:22:8b:42:ce:
         80:28:c6:98:b4:e7:0a:a2:1c:bd:cf:13:7e:b3:85:5e:66:dd:
         48:53:bf:d2:aa:0a:50:b2:e2:bb:b5:06:13:a5:77:80:3b:c0:
         25:8a:02:e0:fb:13:07:1f:50:92:18:1b:23:b2:d3:12:c9:c6:
         59:cb:25:fb:f2:4e:a9:f3:15:39:f3:d4:c3:fb:bf:15:ec:bd:
         e9:6a:94:7d:fc:f7:fd:16:fa:ad:5d:54:7a:3b:57:c9:b3:0e:
         1e:53:fd:d1:90:b5:48:16:c1:67:b2:7a:1d:d5:e0:42:27:01:
         4c:4a:da:8a
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUSlLB//ro4UCD0D+LvCUVhr0DX9gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwOTI2MTc1MzM2WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MGI5MjkyZjRhOGNkZmVlMDEzYTdhNDIwZDAxNmUzM2Qz
YjJjOTBkMWE4Mjg0ZTlkNGM3MDZjYzM1ZGE2YjI0MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCYJ6kNGdm1mqnpeEyoHcsWUqfGVaKAzxTOB1RsuLTAxoho
gOVQxiPxte8UlRGtnkzFujRFMr9GyffZ411JogF8mgA2t2eFDjC6J1wNs+ow8XAf
pFAY9QL1RC9qq2x5eeQ4VHEiY+Ou5BjK3XbIR4keIlxbQztLTk9IPVVFuIYOyk3Q
NTrELP2UZT6rPl0jEgJn9s0Xgq3Q0WbGyo+icS/KmG5BB/fT9US6Mh6XX4midL3V
ROq7IdjpGIppaph3OEE7Kpifpt7wDI0ZBldvKqo+Raun/U9jYo1IBfrIxGi1tJMX
sK3tTZkzwEnGd36NySBtwxCaSRQ9oMh9Nm3Diq67AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU0Qx4ZMKx4G0671hA108eZE4mkNYwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2JhNjI5NGZkLTk0MWMtNDMxNi1hY2MwLWU0ZjczMjg2MmE0Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABjkwDQYJKoZIhvcNAQELBQADggEBABnpAWbOu8t24/TVPUAz8kSj
JpQHwVtIRQd064Q87tFBXFCnL5avZfCHsiXtNRuxRg43+ukQ7vxSKXYAS7WYiB2J
dtnD5/T9/ba66hdi+4rEK6OjoX6BZSQv1sxd8nfYu9PpFyED22hAnx0BMjnQa4Ps
GAHsyE97c204y+GfjSochV3xkn9FlT1MWGltIotCzoAoxpi05wqiHL3PE36zhV5m
3UhTv9KqClCy4ru1BhOld4A7wCWKAuD7EwcfUJIYGyOy0xLJxlnLJfvyTqnzFTnz
1MP7vxXsvelqlH389/0W+q1dVHo7V8mzDh5T/dGQtUgWwWeyeh3V4EInAUxK2oo=
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:53:48 2025 by rpki-client