Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/bc64ede4-78eb-4056-81e0-5a953a42ee96.roa
File:                     bc64ede4-78eb-4056-81e0-5a953a42ee96.roa (raw, json)
Hash identifier:          UE0OV5j4+64XQdAkoTcdhJ/bc2naZs1r2UFMmAAYzG4=
Subject key identifier:   A5:72:CF:91:DD:E9:E0:5A:DC:64:6D:AB:F9:E5:DA:57:4A:82:CC:69
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       7F2C8A1D0F00ECAD7F8B4F61E554B8AA6D6BFBF5
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/bc64ede4-78eb-4056-81e0-5a953a42ee96.roa
Signing time:             Mon 06 Oct 2025 17:13:02 +0000
ROA not before:           Mon 06 Oct 2025 17:13:02 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2605:9cc0:612::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:2c:8a:1d:0f:00:ec:ad:7f:8b:4f:61:e5:54:b8:aa:6d:6b:fb:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Oct  6 17:13:02 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=5d0c694aded4b6a9749500b1edebabb46247e12b99282dfa4e3898cd75ca39ba, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:45:ba:3c:b3:83:d0:bf:48:9e:3a:81:99:f2:
                    4c:56:ca:6f:6a:fb:09:b2:0a:83:2e:0b:eb:2c:ad:
                    81:79:84:a4:7d:a1:2e:89:ac:bf:08:c3:04:43:c7:
                    b3:fa:60:ed:17:39:e1:ed:5d:5a:bd:92:15:a9:09:
                    14:97:ac:82:f7:08:fc:d0:9d:b1:b3:97:07:2c:fb:
                    f1:9f:a0:c7:bb:6f:71:cc:58:70:cc:62:f3:9e:90:
                    d3:da:09:b0:87:13:a2:07:32:1a:80:3d:bf:2c:cc:
                    d2:59:09:74:85:28:74:4d:09:5d:92:1b:cf:70:ae:
                    a0:e1:fa:90:3b:af:54:2d:13:1d:d3:63:7f:0f:88:
                    55:1d:2b:1b:bb:8a:34:1a:57:9d:ca:cf:5b:f5:a6:
                    55:2f:51:1e:ee:ef:40:fd:ba:83:2c:72:5d:d4:b0:
                    9c:e6:0c:c6:e9:8e:51:4f:7d:e9:72:e3:ca:af:e8:
                    6a:90:ec:04:9e:52:3c:05:9f:12:9f:41:19:55:21:
                    d4:9a:11:0e:5e:2f:ee:ff:96:19:23:31:9b:26:c8:
                    ad:29:86:65:e0:3b:ba:c0:cc:93:ad:14:00:6d:6d:
                    f1:e0:e1:ac:c4:da:e7:58:58:d9:70:4c:6d:a8:10:
                    1c:84:ea:32:d6:f9:fd:43:d0:50:27:58:bc:87:02:
                    3b:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:72:CF:91:DD:E9:E0:5A:DC:64:6D:AB:F9:E5:DA:57:4A:82:CC:69
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/bc64ede4-78eb-4056-81e0-5a953a42ee96.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:612::/48

    Signature Algorithm: sha256WithRSAEncryption
         51:29:b9:f5:92:63:10:05:b2:87:8a:ef:4f:13:6b:e4:c2:67:
         c7:7a:c7:b6:3f:34:ed:30:ab:03:e1:95:2f:36:97:3b:33:15:
         82:72:f3:66:dc:0f:da:ba:f1:98:c0:53:a1:c5:c8:a3:05:a4:
         41:f3:3e:b3:21:18:0e:3b:ca:04:88:9c:95:80:85:44:3c:b7:
         4d:63:90:e5:1d:b6:ca:12:77:1b:a1:45:30:42:09:ca:3a:69:
         52:7e:c7:dd:bd:8c:58:b4:ec:fe:d9:86:f9:a5:f5:1c:f7:e9:
         49:98:05:02:d2:8f:fe:c3:1e:31:73:1f:02:d0:6d:26:8a:56:
         e2:2d:8e:25:37:14:a4:06:19:9e:7f:1b:8e:61:29:6c:4c:28:
         64:38:46:b8:a8:d7:f2:a1:7b:8a:6f:df:6f:bd:d9:5c:c0:ba:
         96:56:4a:20:4e:6c:04:53:6c:d3:94:d7:1d:fe:04:c0:fa:c7:
         25:02:a2:00:cb:c9:b6:6b:13:28:9f:24:a5:81:4e:74:92:80:
         a3:90:19:b2:80:2f:de:53:c5:ff:1a:c2:54:01:6d:52:04:7a:
         db:de:6c:9e:4b:49:cd:bf:77:8b:38:29:21:f7:c2:a5:31:b0:
         cd:77:47:c2:06:18:9c:50:5a:f3:a7:a9:b9:26:a6:1f:6a:73:
         da:c2:a2:61
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUfyyKHQ8A7K1/i09h5VS4qm1r+/UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUxMDA2MTcxMzAyWhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZDBjNjk0YWRlZDRiNmE5NzQ5NTAwYjFlZGViYWJiNDYy
NDdlMTJiOTkyODJkZmE0ZTM4OThjZDc1Y2EzOWJhMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2Rbo8s4PQv0ieOoGZ8kxWym9q+wmyCoMuC+ssrYF5hKR9
oS6JrL8IwwRDx7P6YO0XOeHtXVq9khWpCRSXrIL3CPzQnbGzlwcs+/GfoMe7b3HM
WHDMYvOekNPaCbCHE6IHMhqAPb8szNJZCXSFKHRNCV2SG89wrqDh+pA7r1QtEx3T
Y38PiFUdKxu7ijQaV53Kz1v1plUvUR7u70D9uoMscl3UsJzmDMbpjlFPfely48qv
6GqQ7ASeUjwFnxKfQRlVIdSaEQ5eL+7/lhkjMZsmyK0phmXgO7rAzJOtFABtbfHg
4azE2udYWNlwTG2oEByE6jLW+f1D0FAnWLyHAjujAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUpXLPkd3p4FrcZG2r+eXaV0qCzGkwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2JjNjRlZGU0LTc4ZWItNDA1Ni04MWUwLTVhOTUzYTQyZWU5Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABhIwDQYJKoZIhvcNAQELBQADggEBAFEpufWSYxAFsoeK708Ta+TC
Z8d6x7Y/NO0wqwPhlS82lzszFYJy82bcD9q68ZjAU6HFyKMFpEHzPrMhGA47ygSI
nJWAhUQ8t01jkOUdtsoSdxuhRTBCCco6aVJ+x929jFi07P7Zhvml9Rz36UmYBQLS
j/7DHjFzHwLQbSaKVuItjiU3FKQGGZ5/G45hKWxMKGQ4Rrio1/Khe4pv32+92VzA
upZWSiBObARTbNOU1x3+BMD6xyUCogDLybZrEyifJKWBTnSSgKOQGbKAL95Txf8a
wlQBbVIEetvebJ5LSc2/d4s4KSH3wqUxsM13R8IGGJxQWvOnqbkmph9qc9rComE=
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:31:09 2025 by rpki-client