Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/ff229562-e0c9-44bf-a77e-2ec96437b59b.roa
File:                     ff229562-e0c9-44bf-a77e-2ec96437b59b.roa (raw, json)
Hash identifier:          HrqmpfZBd6rKT02tPw1MStY7PTJmxe9S40PmAyLuzv0=
Subject key identifier:   E0:52:3D:46:02:D8:28:D8:EA:E2:53:9D:C9:2B:6D:2E:75:6A:CD:AF
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       61E7EB4062E599150B80D454EB913ADB95B9F2AA
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/ff229562-e0c9-44bf-a77e-2ec96437b59b.roa
Signing time:             Mon 06 Oct 2025 17:12:40 +0000
ROA not before:           Mon 06 Oct 2025 17:12:40 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     21664
IP address blocks:        2605:9cc0:c01::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:e7:eb:40:62:e5:99:15:0b:80:d4:54:eb:91:3a:db:95:b9:f2:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Oct  6 17:12:40 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=323659c70b3ffa6c41404c8340aab7a14014757a07eb8e8111973d294c33eb4b, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:0a:c2:b4:06:30:87:aa:d8:e1:7b:c7:1a:15:
                    20:94:78:92:e4:81:0d:bf:a3:d4:62:30:63:85:6a:
                    8c:5d:7d:54:30:22:5b:d7:d8:6c:61:84:f1:bb:2c:
                    26:fc:a5:f7:ae:e5:f4:8a:1b:a0:3e:9a:1e:bd:5e:
                    7a:36:e3:3c:72:62:cf:c9:f0:a3:d5:ab:32:0f:d7:
                    81:92:2a:35:6e:df:64:04:a2:bd:d1:4f:2b:4c:ac:
                    05:42:79:53:53:b8:65:54:96:d7:c1:3d:f3:bc:9a:
                    73:9f:c2:05:92:c9:f9:ad:08:d3:d3:17:fe:b3:c2:
                    29:82:44:99:e4:34:af:ab:81:65:85:6a:60:f6:8c:
                    86:ce:fb:05:b3:bc:82:6f:96:56:65:af:f9:b4:da:
                    6f:78:bd:ba:ab:d4:39:f3:4a:42:d2:09:31:8e:36:
                    02:a2:c0:15:49:76:d1:14:49:00:8c:34:a6:2f:bf:
                    37:86:33:11:88:d4:04:62:c0:39:3b:7a:e7:cb:ee:
                    b0:f0:c8:62:09:df:99:18:66:a0:c9:d6:2d:ab:0a:
                    36:ce:55:4a:a1:77:22:fa:1e:03:83:9a:d8:d3:8e:
                    2e:ae:a9:60:8e:e2:05:d4:f9:98:8c:57:8a:12:0e:
                    44:64:9d:0c:a4:ed:71:84:24:8d:7d:01:76:e6:ec:
                    b6:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:52:3D:46:02:D8:28:D8:EA:E2:53:9D:C9:2B:6D:2E:75:6A:CD:AF
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/ff229562-e0c9-44bf-a77e-2ec96437b59b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c01::/48

    Signature Algorithm: sha256WithRSAEncryption
         79:39:bf:55:a0:d2:1c:11:cf:5a:9d:0e:46:8f:2c:c8:3d:7f:
         b7:52:f3:25:16:bd:73:e3:5b:ce:1c:0a:40:d6:fc:47:a1:dc:
         54:ee:a0:27:31:6d:58:1b:70:7c:76:51:a3:b2:54:39:9f:f1:
         d4:06:13:58:36:9b:51:41:5d:12:95:99:a4:4d:24:22:78:05:
         c3:7d:45:64:fb:c9:48:ae:90:27:8c:8e:7a:01:ba:3e:e3:f5:
         d2:52:42:8c:91:e8:cd:5a:f6:a1:5d:82:cc:c9:9b:10:17:83:
         08:af:85:4b:09:15:d7:f4:24:78:4f:c0:26:c3:d2:e3:4c:71:
         79:76:76:15:48:81:f8:37:c3:66:28:01:4a:68:83:fd:86:84:
         03:9d:8f:39:c1:93:2c:60:5d:6d:ed:6a:77:d0:d7:df:b1:85:
         1a:51:78:90:df:a1:ec:de:e8:46:55:54:ba:58:27:e1:07:4b:
         90:1e:03:6f:3a:7b:cc:2f:ab:41:08:06:17:b8:61:cb:64:1d:
         b6:4a:53:ef:51:12:85:9a:bb:0d:90:21:c9:03:f5:01:e3:f1:
         b4:b1:cb:04:45:f2:57:e7:3d:26:43:bd:c1:79:17:08:8a:30:
         58:5f:e5:94:c4:8d:8a:4e:52:52:54:fc:95:50:7c:0b:cc:1d:
         5e:56:45:02
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUYefrQGLlmRULgNRU65E625W58qowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUxMDA2MTcxMjQwWhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AzMjM2NTljNzBiM2ZmYTZjNDE0MDRjODM0MGFhYjdhMTQw
MTQ3NTdhMDdlYjhlODExMTk3M2QyOTRjMzNlYjRiMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0CsK0BjCHqtjhe8caFSCUeJLkgQ2/o9RiMGOFaoxdfVQw
IlvX2GxhhPG7LCb8pfeu5fSKG6A+mh69Xno24zxyYs/J8KPVqzIP14GSKjVu32QE
or3RTytMrAVCeVNTuGVUltfBPfO8mnOfwgWSyfmtCNPTF/6zwimCRJnkNK+rgWWF
amD2jIbO+wWzvIJvllZlr/m02m94vbqr1DnzSkLSCTGONgKiwBVJdtEUSQCMNKYv
vzeGMxGI1ARiwDk7eufL7rDwyGIJ35kYZqDJ1i2rCjbOVUqhdyL6HgODmtjTji6u
qWCO4gXU+ZiMV4oSDkRknQyk7XGEJI19AXbm7Lb/AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU4FI9RgLYKNjq4lOdySttLnVqza8wHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2ZmMjI5NTYyLWUwYzktNDRiZi1hNzdlLTJlYzk2NDM3YjU5Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADAEwDQYJKoZIhvcNAQELBQADggEBAHk5v1Wg0hwRz1qdDkaPLMg9
f7dS8yUWvXPjW84cCkDW/Eeh3FTuoCcxbVgbcHx2UaOyVDmf8dQGE1g2m1FBXRKV
maRNJCJ4BcN9RWT7yUiukCeMjnoBuj7j9dJSQoyR6M1a9qFdgszJmxAXgwivhUsJ
Fdf0JHhPwCbD0uNMcXl2dhVIgfg3w2YoAUpog/2GhAOdjznBkyxgXW3tanfQ19+x
hRpReJDfoeze6EZVVLpYJ+EHS5AeA286e8wvq0EIBhe4YctkHbZKU+9REoWauw2Q
IckD9QHj8bSxywRF8lfnPSZDvcF5FwiKMFhf5ZTEjYpOUlJU/JVQfAvMHV5WRQI=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:56:09 2025 by rpki-client