Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/fc2e9df4-0643-4bfc-b528-6948594de8d8.roa
File:                     fc2e9df4-0643-4bfc-b528-6948594de8d8.roa (raw, json)
Hash identifier:          3MfTZXnet5BsAlyt4JgGI9p/CZbxL4QBAUXO9xBTAuM=
Subject key identifier:   B3:97:97:09:1D:3A:54:9C:8E:3A:7B:F1:D2:CC:65:C4:65:7B:B4:9F
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       713CEFDA4F4B787BCFAAC43B1A36543266F91774
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/fc2e9df4-0643-4bfc-b528-6948594de8d8.roa
Signing time:             Fri 10 Oct 2025 17:04:48 +0000
ROA not before:           Fri 10 Oct 2025 17:04:48 +0000
ROA not after:            Fri 14 Nov 2025 23:59:59 +0000
asID:                     21664
IP address blocks:        173.82.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:3c:ef:da:4f:4b:78:7b:cf:aa:c4:3b:1a:36:54:32:66:f9:17:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Oct 10 17:04:48 2025 GMT
            Not After : Nov 14 23:59:59 2025 GMT
        Subject: serialNumber=84f2c73c1edf2c218553756a17f6383583838894f37c44f01e63ecec4e34089e, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:b0:d0:ef:13:60:22:5f:86:5d:92:ea:76:4f:
                    67:53:c7:0a:08:16:bc:9b:2d:e1:43:88:7d:e1:bf:
                    94:8c:58:a3:8d:e2:30:08:b4:7e:63:24:19:a4:bf:
                    b2:20:38:75:92:a6:86:56:38:d1:1d:c4:07:f0:94:
                    81:93:20:57:11:e3:21:b3:70:05:32:49:09:6e:0d:
                    a3:93:0d:11:db:01:1f:51:28:77:69:32:ca:69:d1:
                    65:69:5d:d5:6f:00:c9:ac:23:b8:ee:47:ef:24:2e:
                    ea:af:30:86:0a:e5:01:1a:70:13:a4:b6:85:1f:ef:
                    b7:2c:47:60:f9:00:d6:0d:44:0a:10:cd:4f:4e:0e:
                    fd:0f:a4:8b:97:4c:d2:d5:74:af:71:6c:20:b8:b1:
                    df:d7:01:c5:02:37:bc:2a:f1:43:19:57:3a:16:9e:
                    d4:98:4e:fa:d0:eb:42:50:a7:b3:83:3e:20:5f:83:
                    b0:8a:25:1e:1f:ac:0d:d0:3f:ca:60:4c:1d:a0:41:
                    72:4c:5b:ff:a9:f6:c7:c3:15:a3:b4:92:e3:24:9e:
                    0b:59:96:7a:ef:d3:44:75:54:20:4f:ff:e9:39:d1:
                    db:c1:22:04:ec:29:d1:11:84:98:8b:71:23:a3:e4:
                    25:39:31:81:2f:9a:ed:bb:5d:5d:5e:40:e2:27:b3:
                    2e:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:97:97:09:1D:3A:54:9C:8E:3A:7B:F1:D2:CC:65:C4:65:7B:B4:9F
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/fc2e9df4-0643-4bfc-b528-6948594de8d8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.82.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         58:dc:b5:6b:5e:5e:2c:8e:8f:73:7f:b1:4d:11:56:71:18:56:
         b3:93:e7:96:05:02:d0:26:30:fb:6a:37:b8:06:c8:06:c1:df:
         cc:cb:ff:e5:3b:a8:a0:99:a2:1f:ff:7e:ce:29:12:17:f9:43:
         95:6e:2a:cc:ef:95:45:84:c0:62:e8:2c:b3:b0:00:b5:5d:7a:
         f1:e4:e4:ef:f3:88:cb:d3:9e:24:1f:04:e6:eb:f7:cd:41:48:
         5b:f5:fa:f9:b8:18:17:21:a1:c8:2f:e3:07:62:cf:8f:cc:f7:
         0e:36:55:c0:c5:d8:29:93:6d:2b:24:fa:c0:72:c2:7b:fd:0c:
         be:a5:0a:af:bf:82:6f:b2:5d:db:61:1f:a6:4b:0d:3b:ee:12:
         e1:70:ae:30:5e:7d:73:7c:d4:ca:31:08:39:bd:3f:ac:57:47:
         22:05:63:94:23:fc:47:c6:20:39:60:2a:e5:e8:2d:e7:a4:e5:
         c0:2a:a1:d8:dd:41:a3:80:38:1e:83:97:11:0e:4b:af:69:cb:
         49:39:14:ed:22:7e:4d:a4:cf:db:98:85:05:40:9d:3d:2c:24:
         5c:cb:3d:6b:82:72:fa:f7:3a:6b:3e:3a:90:0d:00:c9:33:75:
         a3:3a:f4:ea:ef:21:12:dc:f0:06:05:b9:d4:47:24:e8:63:b0:
         e1:17:5b:c4
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUcTzv2k9LeHvPqsQ7GjZUMmb5F3QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUxMDEwMTcwNDQ4WhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NGYyYzczYzFlZGYyYzIxODU1Mzc1NmExN2Y2MzgzNTgz
ODM4ODk0ZjM3YzQ0ZjAxZTYzZWNlYzRlMzQwODllMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvsNDvE2AiX4Zdkup2T2dTxwoIFrybLeFDiH3hv5SMWKON
4jAItH5jJBmkv7IgOHWSpoZWONEdxAfwlIGTIFcR4yGzcAUySQluDaOTDRHbAR9R
KHdpMspp0WVpXdVvAMmsI7juR+8kLuqvMIYK5QEacBOktoUf77csR2D5ANYNRAoQ
zU9ODv0PpIuXTNLVdK9xbCC4sd/XAcUCN7wq8UMZVzoWntSYTvrQ60JQp7ODPiBf
g7CKJR4frA3QP8pgTB2gQXJMW/+p9sfDFaO0kuMkngtZlnrv00R1VCBP/+k50dvB
IgTsKdERhJiLcSOj5CU5MYEvmu27XV1eQOInsy75AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUs5eXCR06VJyOOnvx0sxlxGV7tJ8wHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2ZjMmU5ZGY0LTA2NDMtNGJmYy1iNTI4LTY5NDg1OTRkZThkOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCtUjANBgkqhkiG9w0BAQsFAAOCAQEAWNy1a15eLI6Pc3+xTRFWcRhWs5Pn
lgUC0CYw+2o3uAbIBsHfzMv/5TuooJmiH/9+zikSF/lDlW4qzO+VRYTAYugss7AA
tV168eTk7/OIy9OeJB8E5uv3zUFIW/X6+bgYFyGhyC/jB2LPj8z3DjZVwMXYKZNt
KyT6wHLCe/0MvqUKr7+Cb7Jd22EfpksNO+4S4XCuMF59c3zUyjEIOb0/rFdHIgVj
lCP8R8YgOWAq5egt56TlwCqh2N1Bo4A4HoOXEQ5Lr2nLSTkU7SJ+TaTP25iFBUCd
PSwkXMs9a4Jy+vc6az46kA0AyTN1ozr06u8hEtzwBgW51Eck6GOw4RdbxA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:54:19 2025 by rpki-client