Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/2592ade6-505a-4e24-928b-9a1e71b309ae.roa
File:                     2592ade6-505a-4e24-928b-9a1e71b309ae.roa (raw, json)
Hash identifier:          op2SzqLc46naTqu8XcKLDEAdNvvH35hKx32Dg/skh/A=
Subject key identifier:   60:06:77:6B:F6:BE:C0:70:40:15:3D:15:44:B6:C2:99:6B:52:02:76
Certificate issuer:       /CN=6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267
Certificate serial:       1C66ED4846425EEA5940B8513833E2D3EA7A4912
Authority key identifier: 6D:CA:65:D0:71:4D:7E:F2:56:90:BC:09:13:D3:54:DB:AC:89:2A:5E
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/2592ade6-505a-4e24-928b-9a1e71b309ae.roa
Signing time:             Fri 26 Sep 2025 18:00:03 +0000
ROA not before:           Fri 26 Sep 2025 18:00:03 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2605:c940::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/5d7wm5lPjPYLrYyQKcAGV3ULImc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/5d7wm5lPjPYLrYyQKcAGV3ULImc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/7276b2fa-548d-4970-8314-8d73945c34d8.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/7276b2fa-548d-4970-8314-8d73945c34d8.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/746e0111-fafb-430f-b778-d204cfcd99a8.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/746e0111-fafb-430f-b778-d204cfcd99a8.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 23 Oct 2025 06:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:66:ed:48:46:42:5e:ea:59:40:b8:51:38:33:e2:d3:ea:7a:49:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267
        Validity
            Not Before: Sep 26 18:00:03 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=1345535a781cfb441cc2d96aea4b3fbbbf094b4ac83272c01eca763392f4286d, CN=15f1683a-c0c2-4266-9a96-ecf9eba3239c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:7b:fc:5d:de:e0:bb:53:f2:f1:d9:a9:34:74:
                    e8:70:11:9b:86:2d:9b:72:36:89:22:c2:13:7e:78:
                    15:19:c5:40:40:95:4f:bc:27:0c:de:b0:a2:cc:76:
                    f4:0e:d8:1c:0e:31:33:19:4d:18:d2:2f:5b:fa:45:
                    63:51:6c:fe:ac:d7:70:3b:3f:90:1e:c2:c4:5d:e3:
                    18:f9:5f:57:1f:16:2b:6b:32:2c:ec:a2:00:a4:da:
                    ad:58:05:a0:53:03:59:37:72:14:ef:a7:a2:e9:75:
                    df:1a:12:91:e0:42:75:6a:17:b9:91:6b:1b:7d:40:
                    2c:e5:d8:85:ae:56:de:21:68:81:c7:28:b5:27:11:
                    1a:9c:4a:4b:f6:d7:fc:c0:f3:75:22:36:85:07:95:
                    c6:4f:59:1b:13:64:af:e1:ae:f0:fc:21:68:d2:08:
                    c2:fe:d5:7e:37:86:23:d0:ec:fe:6d:c9:75:8b:e3:
                    ae:b5:5b:cc:98:9d:03:66:39:dd:f8:1a:e3:1a:3d:
                    4c:a8:b8:4b:cf:1d:82:04:a8:fa:14:94:71:fb:05:
                    c7:a7:58:3b:fe:d3:c5:e7:93:49:e2:ac:04:f4:26:
                    98:ed:21:f1:ca:61:a9:d8:02:d8:c2:74:11:f8:0d:
                    f3:eb:41:58:33:b9:ea:a4:bc:ed:30:c5:9e:e5:d2:
                    a9:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:06:77:6B:F6:BE:C0:70:40:15:3D:15:44:B6:C2:99:6B:52:02:76
            X509v3 Authority Key Identifier:
                keyid:6D:CA:65:D0:71:4D:7E:F2:56:90:BC:09:13:D3:54:DB:AC:89:2A:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/2592ade6-505a-4e24-928b-9a1e71b309ae.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/5d7wm5lPjPYLrYyQKcAGV3ULImc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:c940::/32

    Signature Algorithm: sha256WithRSAEncryption
         00:79:58:36:60:49:fb:bd:11:05:d6:63:e8:16:f1:c5:f4:ff:
         e6:62:46:70:e7:d4:44:b4:db:7f:8f:36:9e:ec:4c:1a:b5:e9:
         45:78:ba:fd:31:d2:5e:71:dd:56:8b:f4:84:1e:db:8d:8d:c0:
         58:75:89:8d:22:12:4b:14:ee:4d:a4:2a:3b:b3:5c:1d:d1:69:
         bc:7e:7c:91:e1:65:96:c3:cd:e4:99:8a:e6:d2:1c:a6:9f:6a:
         40:d9:41:a3:75:54:97:dc:9c:38:21:1d:b5:d0:da:2c:46:1b:
         73:bb:21:70:97:d7:cc:08:ff:33:dc:5e:61:ba:ba:4a:fb:ab:
         e6:11:df:96:5c:7a:bd:4a:61:1c:8d:d4:d8:56:7c:52:51:6f:
         29:65:6e:43:b6:17:a3:c8:38:42:09:e8:66:04:08:c3:00:2d:
         51:9e:ba:dd:bc:0c:82:96:78:81:7b:00:a6:8d:e3:a2:bf:9c:
         fc:ba:d7:2a:fa:6a:8d:7b:73:ed:44:96:b4:56:76:29:ec:ef:
         ba:14:19:25:a0:65:6f:5f:24:2b:49:2c:31:62:40:fe:1f:fc:
         c2:73:fc:c1:b6:5e:90:61:87:92:b0:fc:1e:ab:08:02:86:96:
         77:af:2f:20:68:88:01:d4:d9:0e:85:ee:07:cf:95:76:1e:17:
         82:d9:32:86
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUHGbtSEZCXupZQLhRODPi0+p6SRIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmY5Yjk4NWIwZmU1ZGVmMDliOTk0ZjhjZjYwYmFkOGM5
MDI5YzAwNjU3NzUwYjIyNjcwHhcNMjUwOTI2MTgwMDAzWhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AxMzQ1NTM1YTc4MWNmYjQ0MWNjMmQ5NmFlYTRiM2ZiYmJm
MDk0YjRhYzgzMjcyYzAxZWNhNzYzMzkyZjQyODZkMS0wKwYDVQQDEyQxNWYxNjgz
YS1jMGMyLTQyNjYtOWE5Ni1lY2Y5ZWJhMzIzOWMwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCje/xd3uC7U/Lx2ak0dOhwEZuGLZtyNokiwhN+eBUZxUBA
lU+8JwzesKLMdvQO2BwOMTMZTRjSL1v6RWNRbP6s13A7P5AewsRd4xj5X1cfFitr
MizsogCk2q1YBaBTA1k3chTvp6Lpdd8aEpHgQnVqF7mRaxt9QCzl2IWuVt4haIHH
KLUnERqcSkv21/zA83UiNoUHlcZPWRsTZK/hrvD8IWjSCML+1X43hiPQ7P5tyXWL
4661W8yYnQNmOd34GuMaPUyouEvPHYIEqPoUlHH7BcenWDv+08Xnk0nirAT0Jpjt
IfHKYanYAtjCdBH4DfPrQVgzueqkvO0wxZ7l0ql3AgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQUYAZ3a/a+wHBAFT0VRLbCmWtSAnYwHwYDVR0jBBgwFoAUbcpl0HFNfvJW
kLwJE9NU26yJKl4wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC83Mjc2YjJmYS01
NDhkLTQ5NzAtODMxNC04ZDczOTQ1YzM0ZDgvNmY5Yjk4NWIwZmU1ZGVmMDliOTk0
ZjhjZjYwYmFkOGM5MDI5YzAwNjU3NzUwYjIyNjcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjNmNmI2ODgtY2ZmNC00MDJmLTk3ZDUtMDJm
NmYxODg2YjdlLzI1OTJhZGU2LTUwNWEtNGUyNC05MjhiLTlhMWU3MWIzMDlhZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2IzZjZiNjg4LWNmZjQtNDAyZi05N2Q1
LTAyZjZmMTg4NmI3ZS81ZDd3bTVsUGpQWUxyWXlRS2NBR1YzVUxJbWMuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAmBclAMA0GCSqGSIb3DQEBCwUAA4IBAQAAeVg2YEn7vREF1mPoFvHF9P/m
YkZw59REtNt/jzae7EwatelFeLr9MdJecd1Wi/SEHtuNjcBYdYmNIhJLFO5NpCo7
s1wd0Wm8fnyR4WWWw83kmYrm0hymn2pA2UGjdVSX3Jw4IR210NosRhtzuyFwl9fM
CP8z3F5hurpK+6vmEd+WXHq9SmEcjdTYVnxSUW8pZW5DthejyDhCCehmBAjDAC1R
nrrdvAyClniBewCmjeOiv5z8utcq+mqNe3PtRJa0VnYp7O+6FBkloGVvXyQrSSwx
YkD+H/zCc/zBtl6QYYeSsPweqwgChpZ3ry8gaIgB1NkOhe4Hz5V2HheC2TKG
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:10:16 2025 by rpki-client