Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/0934543e-90db-4ba0-9848-455452e0c367.roa
File:                     0934543e-90db-4ba0-9848-455452e0c367.roa (raw, json)
Hash identifier:          36ldRGg7g/KYPnWQn8Q/ddNF/JN7TnUSu8je1+58B2s=
Subject key identifier:   64:47:81:AD:EA:35:4A:AF:77:07:B3:09:57:69:FB:13:B2:4B:7C:E6
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       41891A2DD90CE68E13A89B67779E618F47B34018
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/0934543e-90db-4ba0-9848-455452e0c367.roa
Signing time:             Mon 21 Jul 2025 16:10:17 +0000
ROA not before:           Mon 21 Jul 2025 16:10:17 +0000
ROA not after:            Mon 25 Aug 2025 23:59:59 +0000
asID:                     21664
IP address blocks:        2605:9cc0:c02::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 25 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:89:1a:2d:d9:0c:e6:8e:13:a8:9b:67:77:9e:61:8f:47:b3:40:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jul 21 16:10:17 2025 GMT
            Not After : Aug 25 23:59:59 2025 GMT
        Subject: serialNumber=b06c65452fb74d37b34ceddc31f83bb18b9fadddb4c61a0eefae2164cb3e7e52, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:9e:34:ff:62:44:9e:2e:93:b9:1e:5e:b4:7d:
                    7c:e0:14:27:06:0e:b0:d3:f2:4d:3b:1c:43:cf:91:
                    f6:1c:6a:69:cf:3a:7b:8e:64:a0:68:8c:34:55:66:
                    fc:61:03:88:18:28:f2:9d:0a:df:47:e7:30:9f:a3:
                    98:6a:cc:dc:f3:10:15:72:db:8d:00:03:52:30:19:
                    7f:63:e2:f3:93:60:81:a4:74:69:9f:d5:45:d0:4f:
                    4d:5e:f8:42:49:1f:e0:00:7f:29:8d:77:fd:e3:4b:
                    54:1d:f1:18:5e:8d:4b:ad:8f:6e:83:20:9f:27:06:
                    2d:d7:aa:53:b7:a6:27:48:e0:56:c5:3b:3a:c8:ca:
                    e8:37:c6:d6:b6:29:9c:4e:e0:2b:8f:45:f7:6a:d8:
                    82:8e:8c:51:07:cf:2d:34:88:be:16:0d:50:74:b8:
                    4d:b4:f3:6c:1c:57:8f:df:93:95:be:30:4b:c8:9e:
                    1f:fa:82:c2:5c:aa:b5:65:30:47:fe:49:8c:cc:3d:
                    5f:49:67:ad:5e:a4:71:16:b6:b2:54:a9:d6:33:ef:
                    e9:f0:9a:e8:0e:6a:a9:bc:3b:20:8a:e1:e4:ba:82:
                    24:b0:4b:23:07:96:e3:02:0a:e6:71:50:d6:16:3a:
                    c6:79:11:d7:e2:91:28:ad:6b:87:ea:2a:ea:28:7d:
                    44:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:47:81:AD:EA:35:4A:AF:77:07:B3:09:57:69:FB:13:B2:4B:7C:E6
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/0934543e-90db-4ba0-9848-455452e0c367.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c02::/48

    Signature Algorithm: sha256WithRSAEncryption
         44:27:c7:4c:10:6a:c7:d3:41:9b:5d:c7:5e:9a:da:ba:5c:99:
         8e:83:da:56:e6:8f:da:67:44:83:b0:c7:7f:b8:3f:c4:c1:ef:
         3f:22:41:2d:2c:0b:66:fe:82:07:79:dc:e4:e4:4f:43:cb:dd:
         5a:3b:b9:13:37:ca:9c:ac:a1:0e:24:b3:fd:3f:9c:73:6e:c5:
         46:a4:6b:cb:d2:e5:9d:41:5e:c8:c4:1a:71:e4:d4:0a:cd:e9:
         ca:1d:9a:d5:25:23:be:d8:ce:90:53:64:fb:0b:ce:d0:7f:28:
         e0:ba:09:df:e6:d2:6b:84:98:40:fd:40:ca:64:42:9b:0b:b4:
         62:31:2f:14:76:d7:57:b0:2e:b9:8e:d5:3f:aa:72:26:49:d2:
         d4:27:6e:ad:49:a4:3e:da:fd:64:5b:9c:44:be:c6:6b:ef:9e:
         49:9f:4f:32:57:15:16:c2:56:3b:ae:2a:ba:47:09:eb:1c:dc:
         c5:31:e6:e3:70:96:6d:7e:0d:7c:54:65:c1:fb:95:b8:8a:ae:
         49:7b:e2:7b:b8:ff:fa:e5:63:a7:a2:59:28:67:53:df:6c:61:
         3a:a4:3e:87:10:9d:89:98:6f:ab:60:d5:14:71:5c:2a:a6:42:
         71:e4:53:3d:22:17:39:c2:3a:1d:64:30:f7:16:ee:ed:38:83:
         64:77:eb:70
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUQYkaLdkM5o4TqJtnd55hj0ezQBgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNzIxMTYxMDE3WhcNMjUwODI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BiMDZjNjU0NTJmYjc0ZDM3YjM0Y2VkZGMzMWY4M2JiMThi
OWZhZGRkYjRjNjFhMGVlZmFlMjE2NGNiM2U3ZTUyMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCSnjT/YkSeLpO5Hl60fXzgFCcGDrDT8k07HEPPkfYcamnP
OnuOZKBojDRVZvxhA4gYKPKdCt9H5zCfo5hqzNzzEBVy240AA1IwGX9j4vOTYIGk
dGmf1UXQT01e+EJJH+AAfymNd/3jS1Qd8RhejUutj26DIJ8nBi3XqlO3pidI4FbF
OzrIyug3xta2KZxO4CuPRfdq2IKOjFEHzy00iL4WDVB0uE2082wcV4/fk5W+MEvI
nh/6gsJcqrVlMEf+SYzMPV9JZ61epHEWtrJUqdYz7+nwmugOaqm8OyCK4eS6giSw
SyMHluMCCuZxUNYWOsZ5EdfikSita4fqKuoofUQ9AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUZEeBreo1Sq93B7MJV2n7E7JLfOYwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzA5MzQ1NDNlLTkwZGItNGJhMC05ODQ4LTQ1NTQ1MmUwYzM2Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADAIwDQYJKoZIhvcNAQELBQADggEBAEQnx0wQasfTQZtdx16a2rpc
mY6D2lbmj9pnRIOwx3+4P8TB7z8iQS0sC2b+ggd53OTkT0PL3Vo7uRM3ypysoQ4k
s/0/nHNuxUaka8vS5Z1BXsjEGnHk1ArN6codmtUlI77YzpBTZPsLztB/KOC6Cd/m
0muEmED9QMpkQpsLtGIxLxR211ewLrmO1T+qciZJ0tQnbq1JpD7a/WRbnES+xmvv
nkmfTzJXFRbCVjuuKrpHCesc3MUx5uNwlm1+DXxUZcH7lbiKrkl74nu4//rlY6ei
WShnU99sYTqkPocQnYmYb6tg1RRxXCqmQnHkUz0iFznCOh1kMPcW7u04g2R363A=
-----END CERTIFICATE-----