Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/fdfce505-d22a-40b9-a253-7b77b0f9f1c2.roa
File:                     fdfce505-d22a-40b9-a253-7b77b0f9f1c2.roa (raw, json)
Hash identifier:          VkBizmy8qWwuVlL94BZPdK33R65Coa0Y7SmIW6utyS0=
Subject key identifier:   54:F2:D7:86:33:04:3C:A6:7D:98:16:CC:17:C3:35:52:28:46:91:C4
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       7CC564929DD5732229333BD1E61B4EBC4EFBBE24
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/fdfce505-d22a-40b9-a253-7b77b0f9f1c2.roa
Signing time:             Mon 06 Oct 2025 17:12:45 +0000
ROA not before:           Mon 06 Oct 2025 17:12:45 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:c04::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:c5:64:92:9d:d5:73:22:29:33:3b:d1:e6:1b:4e:bc:4e:fb:be:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Oct  6 17:12:45 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=0cc9fa8c0dbda18332fa7cd2816a91dd15c331a8d902060311c8748371dddc4c, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:f6:98:31:11:0d:e9:0c:9e:b8:c6:94:8c:b2:
                    86:23:b6:dd:91:31:2b:5a:5e:a3:46:fa:a6:f6:cc:
                    cb:c7:3e:ea:5d:9d:c9:40:ec:95:04:a1:45:a3:10:
                    e6:a5:5c:d9:d5:58:12:96:05:07:76:2d:77:47:00:
                    af:68:df:ac:b2:92:85:ca:b1:7c:a3:25:68:4f:2d:
                    65:db:df:0b:4e:bf:bd:58:2c:c6:db:18:cc:4d:f6:
                    f2:9a:bc:ed:52:f5:73:e0:1b:19:58:6e:36:75:b7:
                    2d:31:1f:82:b3:d2:12:1c:84:2e:25:b9:36:93:fd:
                    d8:d4:c6:40:a2:3c:7a:91:9d:12:62:53:94:6a:01:
                    a2:80:13:01:54:b4:db:9e:e3:1d:86:70:12:7e:d5:
                    bb:41:81:33:36:ec:f5:80:9f:f3:ab:11:0b:a8:3c:
                    8d:ec:33:3f:cf:e3:34:79:78:db:1f:cb:a0:ee:46:
                    39:c6:d0:42:02:0d:b1:9d:97:67:88:3e:49:f1:6a:
                    03:43:da:9d:d4:f3:10:95:1f:84:33:f8:c0:41:1f:
                    12:40:02:19:96:cb:6c:55:7d:b7:ab:f2:79:46:6d:
                    e9:a7:1a:d7:73:84:73:0d:dc:2d:18:01:0b:69:77:
                    e2:37:81:48:85:3d:60:d2:eb:af:03:7d:64:36:f2:
                    2e:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:F2:D7:86:33:04:3C:A6:7D:98:16:CC:17:C3:35:52:28:46:91:C4
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/fdfce505-d22a-40b9-a253-7b77b0f9f1c2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c04::/48

    Signature Algorithm: sha256WithRSAEncryption
         18:23:6f:af:2a:df:8e:c9:70:20:48:78:de:91:c1:47:05:65:
         04:e1:71:2a:35:22:69:df:10:e3:f6:e1:7d:d2:38:c2:34:bc:
         90:e8:5a:bd:20:f9:b0:c4:ce:0e:77:27:e0:60:30:4b:fa:2b:
         57:d1:1e:e8:4b:1e:05:91:b6:2c:04:ad:1f:c1:46:6b:4c:d4:
         29:25:88:46:7e:4d:6d:57:a3:bd:52:80:1e:52:c9:8a:80:99:
         64:8a:d5:c7:6c:e8:d5:50:31:7d:d3:1d:6a:13:e3:f3:38:61:
         1c:03:f3:74:dd:6f:b6:4b:42:a2:96:de:fa:06:bb:3c:49:b8:
         6a:39:4d:fc:61:38:11:13:36:3b:96:11:78:3c:6f:e5:0d:6f:
         9b:04:f1:b5:2a:7c:ce:30:6b:71:79:04:10:0d:b8:0d:62:fc:
         f7:a7:fc:de:69:f6:ce:7e:34:c4:7d:0e:14:a8:46:84:45:aa:
         27:2e:09:33:f6:41:7b:e7:85:ad:9e:11:1c:71:55:53:98:ff:
         b2:3d:16:71:43:22:6d:f8:96:2c:fb:ed:5d:d2:ba:03:ab:d1:
         08:4a:e8:ae:6b:0c:13:de:9c:bb:bb:6e:c3:4e:34:61:a6:91:
         3d:50:98:52:72:6f:8a:4e:dd:3a:9c:cf:3f:8b:4a:67:ac:b9:
         ec:c3:7f:f8
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUfMVkkp3VcyIpMzvR5htOvE77viQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUxMDA2MTcxMjQ1WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AwY2M5ZmE4YzBkYmRhMTgzMzJmYTdjZDI4MTZhOTFkZDE1
YzMzMWE4ZDkwMjA2MDMxMWM4NzQ4MzcxZGRkYzRjMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDd9pgxEQ3pDJ64xpSMsoYjtt2RMStaXqNG+qb2zMvHPupd
nclA7JUEoUWjEOalXNnVWBKWBQd2LXdHAK9o36yykoXKsXyjJWhPLWXb3wtOv71Y
LMbbGMxN9vKavO1S9XPgGxlYbjZ1ty0xH4Kz0hIchC4luTaT/djUxkCiPHqRnRJi
U5RqAaKAEwFUtNue4x2GcBJ+1btBgTM27PWAn/OrEQuoPI3sMz/P4zR5eNsfy6Du
RjnG0EICDbGdl2eIPknxagND2p3U8xCVH4Qz+MBBHxJAAhmWy2xVfber8nlGbemn
GtdzhHMN3C0YAQtpd+I3gUiFPWDS668DfWQ28i7fAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUVPLXhjMEPKZ9mBbMF8M1UihGkcQwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2ZkZmNlNTA1LWQyMmEtNDBiOS1hMjUzLTdiNzdiMGY5ZjFjMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADAQwDQYJKoZIhvcNAQELBQADggEBABgjb68q347JcCBIeN6RwUcF
ZQThcSo1ImnfEOP24X3SOMI0vJDoWr0g+bDEzg53J+BgMEv6K1fRHuhLHgWRtiwE
rR/BRmtM1CkliEZ+TW1Xo71SgB5SyYqAmWSK1cds6NVQMX3THWoT4/M4YRwD83Td
b7ZLQqKW3voGuzxJuGo5TfxhOBETNjuWEXg8b+UNb5sE8bUqfM4wa3F5BBANuA1i
/Pen/N5p9s5+NMR9DhSoRoRFqicuCTP2QXvnha2eERxxVVOY/7I9FnFDIm34liz7
7V3SugOr0QhK6K5rDBPenLu7bsNONGGmkT1QmFJyb4pO3Tqczz+LSmesuezDf/g=
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:54:07 2025 by rpki-client