Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/0ec55b55-70d8-4c9a-a949-98332400c54c.roa
File:                     0ec55b55-70d8-4c9a-a949-98332400c54c.roa (raw, json)
Hash identifier:          MXZn91K/ZPNgVQNpzLh6VMkP/4CKH3gH74dzu/l+6CI=
Subject key identifier:   A3:17:30:90:A8:E4:39:DA:25:A8:01:12:82:3C:91:99:62:EA:82:8E
Certificate issuer:       /CN=5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64
Certificate serial:       7D09E44508499672010E9F32C58D70CA40376C69
Authority key identifier: FE:22:E0:F7:22:CC:4F:06:0C:58:5A:12:6F:E6:A2:65:00:36:5E:48
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/0ec55b55-70d8-4c9a-a949-98332400c54c.roa
Signing time:             Fri 11 Jul 2025 15:10:04 +0000
ROA not before:           Fri 11 Jul 2025 15:10:04 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2620:107:3000::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/GCPJMZh-nJw38EAgqrq_m03_m2Q.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/GCPJMZh-nJw38EAgqrq_m03_m2Q.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/42b2991f-22c7-42f7-8cf5-4f3138859732.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/42b2991f-22c7-42f7-8cf5-4f3138859732.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:09:e4:45:08:49:96:72:01:0e:9f:32:c5:8d:70:ca:40:37:6c:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64
        Validity
            Not Before: Jul 11 15:10:04 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=8b2348ff6de24e12c8620806112b9c924d04ad7e952ab95a9e25ebd5a092f68c, CN=71c3876e-b944-4600-92c7-cec33d89523f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:eb:4f:57:37:f7:0b:b7:97:a0:53:66:eb:2b:
                    03:6c:f8:c4:4e:fe:4a:ae:4d:48:bc:e1:2d:3e:b0:
                    04:5c:d5:e1:2e:65:6b:fd:82:a2:72:ad:c1:07:5b:
                    81:48:29:8b:25:3b:f0:4b:25:ba:97:3a:60:1b:88:
                    3a:44:d4:00:e9:1b:2c:12:45:87:74:bb:81:61:b8:
                    f6:25:6b:b0:0b:a7:f3:b0:0d:f2:13:c5:03:de:01:
                    f3:c3:9b:7f:e6:2d:8b:91:fa:34:d5:75:26:88:ec:
                    e3:2a:f2:e7:3e:40:39:1b:90:8d:82:1e:d2:d4:f7:
                    29:ad:e5:32:0b:6b:88:f6:fb:0e:34:1c:46:e0:37:
                    f3:c0:3a:db:94:d4:94:3d:2b:8c:9f:c7:af:5c:7a:
                    5f:f0:81:a8:07:aa:74:59:7f:44:e9:1e:cc:21:82:
                    b2:f5:01:51:60:6b:53:74:f6:1d:f1:e0:a6:fe:75:
                    c9:72:0a:52:15:e4:c4:68:80:43:7e:70:7b:d5:d9:
                    16:79:b0:ef:cc:e1:49:ac:4f:b3:b3:e2:bc:1d:34:
                    df:6d:3e:8a:a3:5b:78:4f:d5:2c:b2:a2:68:04:91:
                    8a:fb:8e:79:55:39:be:b3:a5:c5:85:f1:1f:e4:14:
                    fc:6b:47:e7:16:0b:ac:f1:bb:d7:ae:6d:b6:3a:1c:
                    a6:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:17:30:90:A8:E4:39:DA:25:A8:01:12:82:3C:91:99:62:EA:82:8E
            X509v3 Authority Key Identifier:
                keyid:FE:22:E0:F7:22:CC:4F:06:0C:58:5A:12:6F:E6:A2:65:00:36:5E:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/0ec55b55-70d8-4c9a-a949-98332400c54c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/GCPJMZh-nJw38EAgqrq_m03_m2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:107:3000::/48

    Signature Algorithm: sha256WithRSAEncryption
         4a:e2:9c:e7:35:61:99:cd:34:b4:ef:eb:d5:f2:16:10:0d:c4:
         4a:ec:af:75:7e:6f:ba:61:1e:0d:57:d9:6a:26:60:92:c5:45:
         84:ca:ff:f4:bf:2c:7c:c6:65:87:c5:b3:d7:d8:75:23:9e:e8:
         d6:f8:33:f4:40:72:2d:45:49:a9:61:89:00:97:12:27:28:b2:
         3e:e5:b4:a4:6c:26:e4:e8:2c:f3:f4:47:0c:a6:52:b8:06:da:
         91:98:f5:0c:88:6d:19:b5:b6:3a:21:0a:29:eb:64:1d:72:d5:
         69:6f:54:e2:9e:70:9b:2e:c9:a2:84:b9:2c:11:30:ae:c5:d9:
         59:de:bd:8c:bf:12:5d:8a:b3:b3:23:52:75:75:0d:95:0b:52:
         e3:20:12:04:03:d3:ec:b0:03:fa:c5:fc:b8:85:ca:91:67:9a:
         d8:44:92:a4:64:3c:d4:f1:f9:c9:86:74:93:6e:ac:fc:f9:f1:
         19:2b:61:d3:a9:25:d8:02:dc:f5:73:5c:6f:9f:dc:55:c6:16:
         9a:56:a7:7e:fa:c4:bf:5c:66:d3:b2:33:92:a0:f7:47:8e:06:
         4b:ac:78:9d:c3:35:f2:93:08:a8:32:98:61:7e:d1:44:40:7b:
         ff:cd:78:17:4d:a0:74:49:23:47:da:06:a0:c9:73:1a:12:69:
         5e:94:c7:16
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUfQnkRQhJlnIBDp8yxY1wykA3bGkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNWQ4MDM4MDVlMjE4MjNjOTMxOTg3ZTljOWMzN2YwNDAy
MGFhYmFiZjliNGRmZjliNjQwHhcNMjUwNzExMTUxMDA0WhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A4YjIzNDhmZjZkZTI0ZTEyYzg2MjA4MDYxMTJiOWM5MjRk
MDRhZDdlOTUyYWI5NWE5ZTI1ZWJkNWEwOTJmNjhjMS0wKwYDVQQDEyQ3MWMzODc2
ZS1iOTQ0LTQ2MDAtOTJjNy1jZWMzM2Q4OTUyM2YwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8609XN/cLt5egU2brKwNs+MRO/kquTUi84S0+sARc1eEu
ZWv9gqJyrcEHW4FIKYslO/BLJbqXOmAbiDpE1ADpGywSRYd0u4FhuPYla7ALp/Ow
DfITxQPeAfPDm3/mLYuR+jTVdSaI7OMq8uc+QDkbkI2CHtLU9ymt5TILa4j2+w40
HEbgN/PAOtuU1JQ9K4yfx69cel/wgagHqnRZf0TpHswhgrL1AVFga1N09h3x4Kb+
dclyClIV5MRogEN+cHvV2RZ5sO/M4UmsT7Oz4rwdNN9tPoqjW3hP1SyyomgEkYr7
jnlVOb6zpcWF8R/kFPxrR+cWC6zxu9eubbY6HKYhAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUoxcwkKjkOdolqAESgjyRmWLqgo4wHwYDVR0jBBgwFoAU/iLg9yLMTwYM
WFoSb+aiZQA2XkgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi80MmIyOTkxZi0y
MmM3LTQyZjctOGNmNS00ZjMxMzg4NTk3MzIvNWQ4MDM4MDVlMjE4MjNjOTMxOTg3
ZTljOWMzN2YwNDAyMGFhYmFiZjliNGRmZjliNjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYTg0MTgyM2MtYTEwZC00NzdjLWJmZGYtNDA4
NmYwYjE1OTRjLzBlYzU1YjU1LTcwZDgtNGM5YS1hOTQ5LTk4MzMyNDAwYzU0Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2E4NDE4MjNjLWExMGQtNDc3Yy1iZmRm
LTQwODZmMGIxNTk0Yy9HQ1BKTVpoLW5KdzM4RUFncXJxX20wM19tMlEuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmIAEHMAAwDQYJKoZIhvcNAQELBQADggEBAErinOc1YZnNNLTv69XyFhAN
xErsr3V+b7phHg1X2WomYJLFRYTK//S/LHzGZYfFs9fYdSOe6Nb4M/RAci1FSalh
iQCXEicosj7ltKRsJuToLPP0RwymUrgG2pGY9QyIbRm1tjohCinrZB1y1WlvVOKe
cJsuyaKEuSwRMK7F2VnevYy/El2Ks7MjUnV1DZULUuMgEgQD0+ywA/rF/LiFypFn
mthEkqRkPNTx+cmGdJNurPz58RkrYdOpJdgC3PVzXG+f3FXGFppWp376xL9cZtOy
M5Kg90eOBkuseJ3DNfKTCKgymGF+0URAe//NeBdNoHRJI0faBqDJcxoSaV6UxxY=
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:45:25 2025 by rpki-client