Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/2592ade6-505a-4e24-928b-9a1e71b309ae.roa
File:                     2592ade6-505a-4e24-928b-9a1e71b309ae.roa (raw, json)
Hash identifier:          fJ0mdp/dnX4me52j0CjmjzU1MfvNgNWxXMLTNG91PbU=
Subject key identifier:   5D:1A:EC:94:F9:7F:CF:EB:59:9A:57:8B:59:00:9F:3B:74:9A:4F:D2
Certificate issuer:       /CN=6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267
Certificate serial:       4D4EBD4A2D76810CBE64FCA75206D35A97C003B0
Authority key identifier: 6D:CA:65:D0:71:4D:7E:F2:56:90:BC:09:13:D3:54:DB:AC:89:2A:5E
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/2592ade6-505a-4e24-928b-9a1e71b309ae.roa
Signing time:             Tue 21 Oct 2025 00:20:29 +0000
ROA not before:           Tue 21 Oct 2025 00:20:29 +0000
ROA not after:            Tue 25 Nov 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2605:c940::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/5d7wm5lPjPYLrYyQKcAGV3ULImc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/5d7wm5lPjPYLrYyQKcAGV3ULImc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/7276b2fa-548d-4970-8314-8d73945c34d8.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/7276b2fa-548d-4970-8314-8d73945c34d8.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/746e0111-fafb-430f-b778-d204cfcd99a8.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/746e0111-fafb-430f-b778-d204cfcd99a8.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 23 Oct 2025 06:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:4e:bd:4a:2d:76:81:0c:be:64:fc:a7:52:06:d3:5a:97:c0:03:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267
        Validity
            Not Before: Oct 21 00:20:29 2025 GMT
            Not After : Nov 25 23:59:59 2025 GMT
        Subject: serialNumber=b494220602c3c1689792139b63fa8f8fc5dc2940c407a76f04c054aacb20cdde, CN=15f1683a-c0c2-4266-9a96-ecf9eba3239c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:b7:f0:11:49:de:d7:d6:a0:94:e2:e6:6e:0f:
                    53:10:b4:b1:88:b8:18:a7:e5:25:8b:f1:5c:9e:77:
                    6c:1d:b2:dd:38:53:bf:da:f0:aa:cb:26:0e:0c:ea:
                    11:a8:1e:0d:e6:20:25:5f:59:e5:4d:93:d9:e9:66:
                    b0:52:d1:d6:62:46:60:ab:42:79:00:38:af:34:5a:
                    7d:78:6d:37:aa:d4:b0:a4:40:b8:64:f5:38:ad:6f:
                    d3:18:29:a0:f7:a1:c4:5a:df:9a:6f:8f:fe:6b:15:
                    5f:cb:d4:2e:f9:a1:ff:43:91:77:12:b0:7a:45:1f:
                    92:7b:8e:a0:46:54:06:e6:0b:47:88:f1:96:72:41:
                    91:5e:d7:57:49:25:ff:af:93:9d:17:d9:92:d3:3f:
                    92:62:82:e0:2e:5f:e8:8e:77:91:f8:2c:d8:f5:ec:
                    7d:d3:3e:ea:b5:3d:3f:94:fd:20:fd:cd:55:64:b7:
                    5c:63:a2:97:99:a1:dd:e3:3e:12:d1:eb:23:52:b4:
                    2f:f9:d3:ba:45:1d:3e:86:47:9f:e8:7f:dd:2c:5b:
                    60:69:c6:1a:50:21:fd:a9:98:0e:b6:4c:81:60:62:
                    08:f3:3a:4d:c6:c7:aa:4b:d8:b6:51:2a:4c:c5:45:
                    4b:c4:8e:73:8c:8b:60:1e:82:2c:94:56:d1:e2:d6:
                    79:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:1A:EC:94:F9:7F:CF:EB:59:9A:57:8B:59:00:9F:3B:74:9A:4F:D2
            X509v3 Authority Key Identifier:
                keyid:6D:CA:65:D0:71:4D:7E:F2:56:90:BC:09:13:D3:54:DB:AC:89:2A:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/2592ade6-505a-4e24-928b-9a1e71b309ae.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/5d7wm5lPjPYLrYyQKcAGV3ULImc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:c940::/32

    Signature Algorithm: sha256WithRSAEncryption
         31:0c:07:2d:d6:54:44:44:78:3e:dd:c8:4a:aa:be:c3:0f:20:
         af:a4:ce:76:08:9c:a3:df:4d:1f:5d:19:50:82:8f:41:20:58:
         c8:5c:ef:b7:be:d5:80:a8:0b:5e:cb:64:51:95:a2:6c:88:8d:
         f9:ff:ff:7b:4a:5e:5b:b8:f6:2f:1f:c5:aa:7c:d8:23:f0:ab:
         6b:bd:f8:26:4c:bc:ad:22:52:67:eb:67:4d:43:0d:49:5f:63:
         62:fb:01:5c:e2:e1:f6:24:c5:2e:f1:22:bf:21:21:6b:af:91:
         33:32:77:ba:cb:c2:45:9f:dc:03:3c:cb:34:52:f2:ed:e3:c0:
         bc:9d:e6:5c:65:f4:5b:c8:ef:93:89:c1:88:a8:b8:ba:59:d7:
         b1:21:79:4a:8d:41:35:e3:79:4a:9c:a3:90:fe:83:6f:36:38:
         e4:a6:76:02:2c:b5:91:d3:73:16:5d:04:d9:d1:8f:2a:9c:cd:
         27:f7:0d:48:fb:ec:bd:41:f2:39:2c:b2:b3:c4:f5:eb:fc:a7:
         c9:36:22:09:21:d7:8c:cf:df:c1:ce:38:57:b7:e7:1a:33:e6:
         24:39:e3:06:45:b3:e9:95:56:8c:20:4e:f6:8b:df:b0:4b:81:
         18:04:d2:9a:9f:fd:0b:a0:a8:3f:a4:38:dd:a9:09:75:1e:c9:
         49:79:65:f7
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUTU69Si12gQy+ZPynUgbTWpfAA7AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmY5Yjk4NWIwZmU1ZGVmMDliOTk0ZjhjZjYwYmFkOGM5
MDI5YzAwNjU3NzUwYjIyNjcwHhcNMjUxMDIxMDAyMDI5WhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNDk0MjIwNjAyYzNjMTY4OTc5MjEzOWI2M2ZhOGY4ZmM1
ZGMyOTQwYzQwN2E3NmYwNGMwNTRhYWNiMjBjZGRlMS0wKwYDVQQDEyQxNWYxNjgz
YS1jMGMyLTQyNjYtOWE5Ni1lY2Y5ZWJhMzIzOWMwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0t/ARSd7X1qCU4uZuD1MQtLGIuBin5SWL8Vyed2wdst04
U7/a8KrLJg4M6hGoHg3mICVfWeVNk9npZrBS0dZiRmCrQnkAOK80Wn14bTeq1LCk
QLhk9Titb9MYKaD3ocRa35pvj/5rFV/L1C75of9DkXcSsHpFH5J7jqBGVAbmC0eI
8ZZyQZFe11dJJf+vk50X2ZLTP5JiguAuX+iOd5H4LNj17H3TPuq1PT+U/SD9zVVk
t1xjopeZod3jPhLR6yNStC/507pFHT6GR5/of90sW2BpxhpQIf2pmA62TIFgYgjz
Ok3Gx6pL2LZRKkzFRUvEjnOMi2AegiyUVtHi1nm/AgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQUXRrslPl/z+tZmleLWQCfO3SaT9IwHwYDVR0jBBgwFoAUbcpl0HFNfvJW
kLwJE9NU26yJKl4wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC83Mjc2YjJmYS01
NDhkLTQ5NzAtODMxNC04ZDczOTQ1YzM0ZDgvNmY5Yjk4NWIwZmU1ZGVmMDliOTk0
ZjhjZjYwYmFkOGM5MDI5YzAwNjU3NzUwYjIyNjcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjNmNmI2ODgtY2ZmNC00MDJmLTk3ZDUtMDJm
NmYxODg2YjdlLzI1OTJhZGU2LTUwNWEtNGUyNC05MjhiLTlhMWU3MWIzMDlhZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2IzZjZiNjg4LWNmZjQtNDAyZi05N2Q1
LTAyZjZmMTg4NmI3ZS81ZDd3bTVsUGpQWUxyWXlRS2NBR1YzVUxJbWMuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAmBclAMA0GCSqGSIb3DQEBCwUAA4IBAQAxDAct1lRERHg+3chKqr7DDyCv
pM52CJyj300fXRlQgo9BIFjIXO+3vtWAqAtey2RRlaJsiI35//97Sl5buPYvH8Wq
fNgj8KtrvfgmTLytIlJn62dNQw1JX2Ni+wFc4uH2JMUu8SK/ISFrr5EzMne6y8JF
n9wDPMs0UvLt48C8neZcZfRbyO+TicGIqLi6WdexIXlKjUE143lKnKOQ/oNvNjjk
pnYCLLWR03MWXQTZ0Y8qnM0n9w1I++y9QfI5LLKzxPXr/KfJNiIJIdeMz9/BzjhX
t+caM+YkOeMGRbPplVaMIE72i9+wS4EYBNKan/0LoKg/pDjdqQl1HslJeWX3
-----END CERTIFICATE-----
Generated at Tue Oct 21 03:05:41 2025 by rpki-client