Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/f749250a-8f6c-4466-9acd-c17dd0042f12.roa
File:                     f749250a-8f6c-4466-9acd-c17dd0042f12.roa (raw, json)
Hash identifier:          1KrK1vct3EntPdANNgtY5PFQZ50vUOZlSeh7I+Fv6kU=
Subject key identifier:   2E:2F:2C:DE:32:43:FB:1E:C3:EB:EC:B5:C3:07:7C:D1:B7:07:B6:55
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       47850B5B62245467E994E0E825C96B71CAE1FE31
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/f749250a-8f6c-4466-9acd-c17dd0042f12.roa
Signing time:             Thu 17 Jul 2025 17:28:18 +0000
ROA not before:           Thu 17 Jul 2025 17:28:18 +0000
ROA not after:            Thu 21 Aug 2025 23:59:59 +0000
asID:                     21664
IP address blocks:        2605:9cc0:d00::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:85:0b:5b:62:24:54:67:e9:94:e0:e8:25:c9:6b:71:ca:e1:fe:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jul 17 17:28:18 2025 GMT
            Not After : Aug 21 23:59:59 2025 GMT
        Subject: serialNumber=10982e69c69e665394c4741ef894fcdc4d929d2a18d11d8bc4ac0b2d89a776b4, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:e1:af:08:e0:74:65:69:fc:04:49:b5:52:c6:
                    80:fa:63:82:ce:fb:43:16:84:ba:d9:46:47:3b:e8:
                    0f:af:b9:c4:a3:4d:13:20:14:90:44:75:26:0d:c9:
                    81:70:60:e7:01:e1:70:e8:e0:94:d7:07:c6:2b:8c:
                    28:1c:64:3b:a7:d6:84:86:55:37:21:d3:b7:53:e6:
                    41:f1:2f:75:6f:d4:76:af:49:f9:0f:a2:3e:d1:f5:
                    06:28:f2:35:65:90:a7:73:c1:f2:62:d7:2b:7f:72:
                    d5:d5:00:4e:f1:09:b2:ae:a8:34:59:5d:a9:13:e1:
                    01:99:0b:0b:06:c7:67:31:ea:67:0c:98:7d:f5:12:
                    44:7b:0c:2b:c3:ca:bd:fe:a4:6e:95:df:5b:30:b9:
                    99:03:67:03:96:08:a2:5c:f8:69:e9:53:90:5f:61:
                    61:4b:81:2f:5c:14:e3:91:2a:91:5b:ed:ba:d6:df:
                    94:cc:e5:69:97:8a:0f:85:e9:04:06:3d:49:78:b7:
                    08:0c:4a:7e:c6:7f:be:d5:2f:5d:cd:8e:c7:eb:69:
                    b2:95:0f:f3:3b:eb:78:21:61:50:89:1d:e1:00:97:
                    ba:76:0f:96:9f:10:38:26:c0:e9:f1:75:32:39:22:
                    b0:b2:fc:72:82:16:89:8d:dd:22:5e:99:ab:d4:7a:
                    91:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:2F:2C:DE:32:43:FB:1E:C3:EB:EC:B5:C3:07:7C:D1:B7:07:B6:55
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/f749250a-8f6c-4466-9acd-c17dd0042f12.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:d00::/40

    Signature Algorithm: sha256WithRSAEncryption
         07:4e:75:88:63:cb:dd:24:44:7d:e5:0c:02:3d:4f:32:0e:83:
         23:14:72:32:69:1b:8a:f6:92:ea:73:0d:75:06:b4:7a:7f:c9:
         11:4e:50:4d:f5:06:68:4a:9e:36:a7:57:4a:dc:8d:77:05:1c:
         48:27:0b:7d:56:c1:a9:c6:3a:f1:75:46:59:e9:68:42:22:86:
         97:8e:49:2d:7e:33:2a:55:c2:dd:39:07:ba:fe:24:44:86:3d:
         03:7e:78:86:10:f2:cb:65:fd:2a:e7:1d:fd:19:ed:09:62:4b:
         00:39:f0:4c:7c:1c:94:16:dc:8f:74:57:a9:b1:06:39:1c:7b:
         22:8d:b9:c3:fa:99:10:db:9d:96:1a:bc:b0:31:3d:74:fb:2c:
         79:74:97:e2:ae:9a:d0:9b:2c:65:c9:d2:8b:23:10:24:53:0c:
         f7:4a:83:92:89:50:b0:e9:a2:24:cd:a7:38:f9:e1:c4:7c:7d:
         03:55:71:15:eb:29:40:91:a9:d3:e1:cc:41:3e:ba:f1:97:a4:
         b6:4a:b4:a0:56:ac:c5:7a:bd:a5:9b:0f:90:fa:de:4b:60:84:
         86:7c:c4:cb:84:d0:0f:85:39:4b:0c:5d:64:c8:0a:7b:99:fb:
         8f:93:11:b1:5e:5b:32:09:23:ae:88:fc:59:be:f2:f9:32:cf:
         46:fb:3a:2e
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUR4ULW2IkVGfplODoJclrccrh/jEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNzE3MTcyODE4WhcNMjUwODIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AxMDk4MmU2OWM2OWU2NjUzOTRjNDc0MWVmODk0ZmNkYzRk
OTI5ZDJhMThkMTFkOGJjNGFjMGIyZDg5YTc3NmI0MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCU4a8I4HRlafwESbVSxoD6Y4LO+0MWhLrZRkc76A+vucSj
TRMgFJBEdSYNyYFwYOcB4XDo4JTXB8YrjCgcZDun1oSGVTch07dT5kHxL3Vv1Hav
SfkPoj7R9QYo8jVlkKdzwfJi1yt/ctXVAE7xCbKuqDRZXakT4QGZCwsGx2cx6mcM
mH31EkR7DCvDyr3+pG6V31swuZkDZwOWCKJc+GnpU5BfYWFLgS9cFOORKpFb7brW
35TM5WmXig+F6QQGPUl4twgMSn7Gf77VL13NjsfrabKVD/M763ghYVCJHeEAl7p2
D5afEDgmwOnxdTI5IrCy/HKCFomN3SJemavUepHRAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQULi8s3jJD+x7D6+y1wwd80bcHtlUwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2Y3NDkyNTBhLThmNmMtNDQ2Ni05YWNkLWMxN2RkMDA0MmYxMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmBZzADTANBgkqhkiG9w0BAQsFAAOCAQEAB051iGPL3SREfeUMAj1PMg6D
IxRyMmkbivaS6nMNdQa0en/JEU5QTfUGaEqeNqdXStyNdwUcSCcLfVbBqcY68XVG
WeloQiKGl45JLX4zKlXC3TkHuv4kRIY9A354hhDyy2X9Kucd/RntCWJLADnwTHwc
lBbcj3RXqbEGORx7Io25w/qZENudlhq8sDE9dPsseXSX4q6a0JssZcnSiyMQJFMM
90qDkolQsOmiJM2nOPnhxHx9A1VxFespQJGp0+HMQT668Zektkq0oFasxXq9pZsP
kPreS2CEhnzEy4TQD4U5SwxdZMgKe5n7j5MRsV5bMgkjroj8Wb7y+TLPRvs6Lg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:32:50 2025 by rpki-client