Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/f0f08d8e-64f4-4e2b-8f33-26427783e662.roa
File:                     f0f08d8e-64f4-4e2b-8f33-26427783e662.roa (raw, json)
Hash identifier:          UjX5+dFEuJuN99h9/yjD4Bxl8w8iiwcrySM/VhJRQRU=
Subject key identifier:   CE:CC:20:87:A2:2B:A7:83:84:3F:27:8B:64:6F:1F:41:A0:72:FD:21
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       1952C1D628A666250DDAD95F72C7460866E64919
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/f0f08d8e-64f4-4e2b-8f33-26427783e662.roa
Signing time:             Fri 26 Sep 2025 17:52:18 +0000
ROA not before:           Fri 26 Sep 2025 17:52:18 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:54a::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 22 Oct 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:52:c1:d6:28:a6:66:25:0d:da:d9:5f:72:c7:46:08:66:e6:49:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Sep 26 17:52:18 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=157e001a180193b0015623fa471e6d6e79b72a215ca135d7370858139b4b5187, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:c0:9b:ee:66:e8:35:01:73:71:9e:d4:42:2b:
                    3a:ab:0a:1f:24:28:a3:ae:3d:d5:cd:71:e5:07:c7:
                    48:e6:b7:50:35:54:16:14:98:91:f8:3f:51:00:8e:
                    68:54:ae:13:57:2e:67:d9:e6:71:cf:4d:f9:2a:03:
                    3f:5f:a6:12:25:b8:74:dd:eb:d3:12:54:c0:63:cc:
                    25:36:23:f3:20:fc:32:5e:88:68:16:84:3d:37:42:
                    41:47:14:3b:32:4e:18:6d:72:f9:13:1f:96:7a:97:
                    f4:e5:76:6e:8c:db:dc:64:6c:dc:0d:9b:8f:0b:62:
                    f4:d4:92:04:1b:95:c9:d3:95:ca:8d:da:db:40:7c:
                    cd:88:ef:02:e8:37:2d:ef:f6:db:d9:ea:b6:c0:81:
                    19:2f:80:55:15:14:98:44:3d:9b:72:e9:10:37:bb:
                    9f:0d:98:6e:b5:b0:db:6f:31:69:63:07:8a:bc:18:
                    46:fc:0e:28:fb:48:99:d9:20:81:c2:a0:f0:8c:64:
                    e3:f3:79:fb:06:fc:88:86:71:41:9d:f3:25:db:87:
                    07:10:18:59:63:0e:81:bb:ec:6b:41:2f:a0:ac:12:
                    03:48:f4:4a:d4:df:5d:5a:50:3b:9c:28:ce:8b:47:
                    52:64:fe:4b:b8:be:65:d5:72:cd:f4:b1:05:63:7e:
                    d4:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:CC:20:87:A2:2B:A7:83:84:3F:27:8B:64:6F:1F:41:A0:72:FD:21
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/f0f08d8e-64f4-4e2b-8f33-26427783e662.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:54a::/48

    Signature Algorithm: sha256WithRSAEncryption
         1b:c7:7f:a8:03:f7:a3:a8:bb:b4:2f:62:6e:a7:87:6a:0c:a5:
         ec:0b:cb:64:35:3c:e2:89:ab:bd:cf:8c:15:a1:f9:4d:c6:3d:
         96:46:78:13:5c:07:4d:1a:ed:58:78:58:b2:b3:98:10:16:f9:
         40:16:46:a1:3e:84:2a:94:fe:67:15:32:f5:76:cf:ca:f8:b1:
         b5:75:58:ff:99:f4:c8:b5:a7:2f:ee:9d:35:82:42:f3:7f:e0:
         04:73:e2:fc:d5:c4:3e:63:23:63:c1:36:34:8c:22:05:a4:61:
         3f:e7:a3:76:87:42:21:8b:17:b0:f6:23:91:a6:a8:e0:72:ee:
         a5:81:80:7b:05:69:e6:95:76:e1:60:bd:2a:56:73:bf:45:e4:
         3b:21:db:09:f4:60:c7:95:fe:9a:63:68:c0:d9:60:fd:0c:50:
         91:46:7f:f4:72:36:af:77:6c:61:32:f3:5b:9f:63:9d:7b:88:
         64:2c:a0:17:7a:7d:42:bf:24:be:14:0e:88:ac:11:c8:d6:7e:
         96:e6:6b:7d:c3:74:cb:ad:9f:45:3c:23:49:c0:6b:59:1c:57:
         c2:c7:cc:71:2f:2d:a4:08:98:85:50:21:eb:d9:79:4a:00:6e:
         e4:b5:76:ea:35:1e:21:2a:a7:97:ee:c5:54:5a:4c:f2:71:bb:
         fd:33:15:dc
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUGVLB1iimZiUN2tlfcsdGCGbmSRkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwOTI2MTc1MjE4WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AxNTdlMDAxYTE4MDE5M2IwMDE1NjIzZmE0NzFlNmQ2ZTc5
YjcyYTIxNWNhMTM1ZDczNzA4NTgxMzliNGI1MTg3MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDUwJvuZug1AXNxntRCKzqrCh8kKKOuPdXNceUHx0jmt1A1
VBYUmJH4P1EAjmhUrhNXLmfZ5nHPTfkqAz9fphIluHTd69MSVMBjzCU2I/Mg/DJe
iGgWhD03QkFHFDsyThhtcvkTH5Z6l/Tldm6M29xkbNwNm48LYvTUkgQblcnTlcqN
2ttAfM2I7wLoNy3v9tvZ6rbAgRkvgFUVFJhEPZty6RA3u58NmG61sNtvMWljB4q8
GEb8Dij7SJnZIIHCoPCMZOPzefsG/IiGcUGd8yXbhwcQGFljDoG77GtBL6CsEgNI
9ErU311aUDucKM6LR1Jk/ku4vmXVcs30sQVjftQDAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUzswgh6Irp4OEPyeLZG8fQaBy/SEwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2YwZjA4ZDhlLTY0ZjQtNGUyYi04ZjMzLTI2NDI3NzgzZTY2Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABUowDQYJKoZIhvcNAQELBQADggEBABvHf6gD96Oou7QvYm6nh2oM
pewLy2Q1POKJq73PjBWh+U3GPZZGeBNcB00a7Vh4WLKzmBAW+UAWRqE+hCqU/mcV
MvV2z8r4sbV1WP+Z9Mi1py/unTWCQvN/4ARz4vzVxD5jI2PBNjSMIgWkYT/no3aH
QiGLF7D2I5GmqOBy7qWBgHsFaeaVduFgvSpWc79F5Dsh2wn0YMeV/ppjaMDZYP0M
UJFGf/RyNq93bGEy81ufY517iGQsoBd6fUK/JL4UDoisEcjWfpbma33DdMutn0U8
I0nAa1kcV8LHzHEvLaQImIVQIevZeUoAbuS1duo1HiEqp5fuxVRaTPJxu/0zFdw=
-----END CERTIFICATE-----