Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/ef9566d5-9096-4d00-ac93-f3df448013d9.roa
File:                     ef9566d5-9096-4d00-ac93-f3df448013d9.roa (raw, json)
Hash identifier:          aUqOAn85HpJr/XVizdpMfULjU9JUQX0Y3sOAUWbtrK4=
Subject key identifier:   3C:04:AB:36:D8:58:8D:08:3C:F8:B0:AE:C3:37:88:1D:43:A4:24:6B
Certificate issuer:       /CN=5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64
Certificate serial:       1D2D76DA52509884FEF71512B82D2F0CD19BD4F2
Authority key identifier: FE:22:E0:F7:22:CC:4F:06:0C:58:5A:12:6F:E6:A2:65:00:36:5E:48
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/ef9566d5-9096-4d00-ac93-f3df448013d9.roa
Signing time:             Tue 05 Aug 2025 15:10:04 +0000
ROA not before:           Tue 05 Aug 2025 15:10:04 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2620:107:3002::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/GCPJMZh-nJw38EAgqrq_m03_m2Q.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/GCPJMZh-nJw38EAgqrq_m03_m2Q.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/42b2991f-22c7-42f7-8cf5-4f3138859732.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/42b2991f-22c7-42f7-8cf5-4f3138859732.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:2d:76:da:52:50:98:84:fe:f7:15:12:b8:2d:2f:0c:d1:9b:d4:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64
        Validity
            Not Before: Aug  5 15:10:04 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=9b923054112d2aad37093068c055730c458126bc0515a3af982c33ff8f5401e2, CN=71c3876e-b944-4600-92c7-cec33d89523f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:7a:62:4a:e2:61:56:f1:ae:a9:ee:a2:f6:3d:
                    7c:5c:be:32:28:6d:07:5d:29:24:71:bf:8a:40:4b:
                    6d:ef:82:35:5c:b3:1c:bc:a1:4d:d6:ab:6e:bd:cc:
                    66:17:7a:1a:20:94:3e:89:b2:12:ae:85:31:01:fe:
                    c5:bc:ab:d3:dc:d8:7c:96:91:15:29:43:20:c8:7b:
                    c0:bf:44:01:39:cf:18:55:25:0b:86:33:db:72:d9:
                    a2:1a:45:c1:9c:db:cc:94:a9:1a:12:91:77:d0:d3:
                    04:f4:33:3d:d7:c4:fa:06:b5:75:5c:76:fb:40:1e:
                    2b:e2:73:9c:6b:54:b7:94:8a:f6:43:6a:a5:ac:05:
                    e0:5d:a8:b9:3b:b7:c9:d7:6d:d3:29:c3:57:51:06:
                    0f:df:67:fa:68:c5:0c:f4:7e:7b:34:e8:7f:99:f0:
                    9e:03:07:9a:77:d7:2b:7d:d5:2a:7f:de:d1:62:5f:
                    c6:36:cc:34:5e:98:bc:32:ef:e7:88:96:c7:8c:76:
                    52:b1:aa:18:84:8e:24:f0:dd:a0:34:d3:90:7b:06:
                    47:e5:cf:4a:24:67:c0:e6:e5:6a:a5:83:06:cc:83:
                    9d:e5:ea:02:ca:18:ae:57:bd:f2:24:98:d8:fd:b7:
                    7c:53:c6:db:1c:34:f2:18:2e:9b:03:86:5a:de:a1:
                    50:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:04:AB:36:D8:58:8D:08:3C:F8:B0:AE:C3:37:88:1D:43:A4:24:6B
            X509v3 Authority Key Identifier:
                keyid:FE:22:E0:F7:22:CC:4F:06:0C:58:5A:12:6F:E6:A2:65:00:36:5E:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/ef9566d5-9096-4d00-ac93-f3df448013d9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/GCPJMZh-nJw38EAgqrq_m03_m2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:107:3002::/48

    Signature Algorithm: sha256WithRSAEncryption
         9f:76:01:2f:16:5b:20:3e:5f:65:a5:12:a2:b3:e5:8e:13:7d:
         41:03:bb:60:3e:cb:cd:2b:03:a1:88:4f:0f:4e:d6:50:ed:bf:
         1b:91:5b:1b:5d:e6:4d:53:b8:fc:d7:24:a0:1a:48:9d:5c:1c:
         35:45:df:d5:ed:a9:52:2d:2d:ed:ad:8c:dd:60:96:22:0b:94:
         3d:02:c8:17:25:79:3b:93:90:2d:99:e4:37:db:f3:f9:da:da:
         e4:c8:a6:50:40:17:9c:41:de:2a:ad:53:92:ca:4c:50:71:e5:
         97:f9:40:b4:5f:1d:36:93:9e:00:46:2a:2c:41:6a:65:15:57:
         d1:d2:9e:36:bc:97:63:89:0d:1d:cc:fe:d5:a3:5b:6c:61:d9:
         17:28:90:0c:1f:43:e1:9f:4c:af:97:ec:f7:4a:a0:81:2f:c9:
         e6:f5:20:b6:28:96:3f:00:6a:1b:87:50:6b:5e:a6:ba:8e:fb:
         62:8a:cb:7c:b1:0c:cf:79:53:c2:a6:88:e8:49:f8:cb:ea:39:
         49:3d:2b:40:c4:b0:82:1d:72:c3:80:50:98:e1:66:0c:42:a3:
         e0:fb:22:e2:45:d1:72:fb:5b:ac:f0:e2:54:8d:1a:14:b0:16:
         06:e3:c4:19:8c:bf:7a:c5:2a:68:8b:04:d4:04:fc:b9:bb:21:
         2b:08:9b:84
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUHS122lJQmIT+9xUSuC0vDNGb1PIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNWQ4MDM4MDVlMjE4MjNjOTMxOTg3ZTljOWMzN2YwNDAy
MGFhYmFiZjliNGRmZjliNjQwHhcNMjUwODA1MTUxMDA0WhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A5YjkyMzA1NDExMmQyYWFkMzcwOTMwNjhjMDU1NzMwYzQ1
ODEyNmJjMDUxNWEzYWY5ODJjMzNmZjhmNTQwMWUyMS0wKwYDVQQDEyQ3MWMzODc2
ZS1iOTQ0LTQ2MDAtOTJjNy1jZWMzM2Q4OTUyM2YwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCKemJK4mFW8a6p7qL2PXxcvjIobQddKSRxv4pAS23vgjVc
sxy8oU3Wq269zGYXehoglD6JshKuhTEB/sW8q9Pc2HyWkRUpQyDIe8C/RAE5zxhV
JQuGM9ty2aIaRcGc28yUqRoSkXfQ0wT0Mz3XxPoGtXVcdvtAHivic5xrVLeUivZD
aqWsBeBdqLk7t8nXbdMpw1dRBg/fZ/poxQz0fns06H+Z8J4DB5p31yt91Sp/3tFi
X8Y2zDRemLwy7+eIlseMdlKxqhiEjiTw3aA005B7Bkflz0okZ8Dm5WqlgwbMg53l
6gLKGK5XvfIkmNj9t3xTxtscNPIYLpsDhlreoVCfAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUPASrNthYjQg8+LCuwzeIHUOkJGswHwYDVR0jBBgwFoAU/iLg9yLMTwYM
WFoSb+aiZQA2XkgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi80MmIyOTkxZi0y
MmM3LTQyZjctOGNmNS00ZjMxMzg4NTk3MzIvNWQ4MDM4MDVlMjE4MjNjOTMxOTg3
ZTljOWMzN2YwNDAyMGFhYmFiZjliNGRmZjliNjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYTg0MTgyM2MtYTEwZC00NzdjLWJmZGYtNDA4
NmYwYjE1OTRjL2VmOTU2NmQ1LTkwOTYtNGQwMC1hYzkzLWYzZGY0NDgwMTNkOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2E4NDE4MjNjLWExMGQtNDc3Yy1iZmRm
LTQwODZmMGIxNTk0Yy9HQ1BKTVpoLW5KdzM4RUFncXJxX20wM19tMlEuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmIAEHMAIwDQYJKoZIhvcNAQELBQADggEBAJ92AS8WWyA+X2WlEqKz5Y4T
fUEDu2A+y80rA6GITw9O1lDtvxuRWxtd5k1TuPzXJKAaSJ1cHDVF39XtqVItLe2t
jN1gliILlD0CyBcleTuTkC2Z5Dfb8/na2uTIplBAF5xB3iqtU5LKTFBx5Zf5QLRf
HTaTngBGKixBamUVV9HSnja8l2OJDR3M/tWjW2xh2RcokAwfQ+GfTK+X7PdKoIEv
yeb1ILYolj8AahuHUGteprqO+2KKy3yxDM95U8KmiOhJ+MvqOUk9K0DEsIIdcsOA
UJjhZgxCo+D7IuJF0XL7W6zw4lSNGhSwFgbjxBmMv3rFKmiLBNQE/Lm7ISsIm4Q=
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:10:08 2025 by rpki-client