Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/04a1d081-ae93-459e-88cf-fe92a8d30013.roa
File:                     04a1d081-ae93-459e-88cf-fe92a8d30013.roa (raw, json)
Hash identifier:          CNgC7LMBqcVM9LjIkbiwRnupD6OiFSZXONAASqnfHGk=
Subject key identifier:   22:D6:42:BC:5B:59:EC:EC:B8:DD:AE:97:A3:25:A4:95:EF:B9:9B:2C
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       14BF60A9E413D939DCABF41E1BC9477CFB9FFB63
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/04a1d081-ae93-459e-88cf-fe92a8d30013.roa
Signing time:             Wed 21 May 2025 00:50:59 +0000
ROA not before:           Wed 21 May 2025 00:50:59 +0000
ROA not after:            Wed 25 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:546::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:bf:60:a9:e4:13:d9:39:dc:ab:f4:1e:1b:c9:47:7c:fb:9f:fb:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: May 21 00:50:59 2025 GMT
            Not After : Jun 25 23:59:59 2025 GMT
        Subject: serialNumber=da5a38ae3208368ed484740516f0d529ba3d89b6a6b41cd9c8a6635b461252d6, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:6d:c6:e4:f3:cb:ad:16:b9:ea:0a:74:10:ee:
                    85:cf:59:04:97:3e:f0:24:66:67:ba:47:86:f9:49:
                    a3:e8:f9:0e:a9:40:fb:09:e1:77:bb:66:da:a0:05:
                    54:d2:80:0e:5a:f2:d8:c5:a4:01:e1:e4:b2:ee:89:
                    5b:bb:01:6f:c3:1a:48:a4:89:4f:09:e0:36:70:ea:
                    6f:32:26:88:7d:30:b1:3a:df:f7:3d:75:da:2a:7e:
                    6a:56:29:12:e2:f2:4b:7d:22:26:05:be:11:8b:87:
                    d8:ce:88:67:79:cd:0d:32:48:71:41:18:5d:1b:b1:
                    81:c0:7a:26:6c:1c:45:95:8f:79:8f:4a:c7:75:bf:
                    1d:a2:6a:a3:87:72:42:cf:f2:f5:5f:9a:a8:c4:70:
                    62:f1:e7:78:83:57:bf:ef:62:f6:08:29:ae:a0:91:
                    a3:1f:49:ff:3c:22:42:e7:92:c0:34:2c:6f:90:fa:
                    da:2c:a1:4b:8e:60:71:bc:e4:74:41:61:4c:1e:81:
                    de:da:fd:76:d1:54:31:de:4d:9f:99:10:c4:1e:34:
                    70:60:de:59:25:65:af:fb:44:27:d1:30:0a:8a:89:
                    53:d3:67:39:7b:4b:fa:53:e5:af:d3:a9:c7:c4:4f:
                    8b:5e:b4:ba:73:59:44:28:a1:7b:18:7a:55:c3:bb:
                    4c:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:D6:42:BC:5B:59:EC:EC:B8:DD:AE:97:A3:25:A4:95:EF:B9:9B:2C
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/04a1d081-ae93-459e-88cf-fe92a8d30013.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:546::/48

    Signature Algorithm: sha256WithRSAEncryption
         80:ec:1e:d0:5e:41:d9:39:39:1b:d7:90:a6:de:2d:35:b5:2a:
         1d:26:9a:18:1a:43:20:91:ba:89:ac:48:a6:f5:a4:75:c0:77:
         7a:bf:e6:fd:4f:02:10:6b:2f:e9:87:74:5b:c2:6e:8b:61:b5:
         13:86:73:91:cb:b6:0b:79:10:f1:46:05:40:cd:fc:14:80:cc:
         a3:fc:53:ec:fe:a7:df:28:ce:c3:fb:66:a7:72:2b:80:46:50:
         f6:9d:cd:a0:f8:3b:84:20:8d:c2:55:04:1e:d4:22:1d:d4:cf:
         dd:47:67:be:34:b5:64:83:f4:41:2c:09:d0:3d:e1:d5:3b:08:
         d0:20:24:85:44:b7:c1:65:36:98:2a:23:b3:9f:e7:13:f3:f8:
         e2:4a:78:db:f4:dc:62:fc:60:41:7c:89:f4:d1:a8:c4:c3:d8:
         bf:1a:f1:25:2b:fb:25:f9:68:08:e1:96:8a:54:d5:86:94:f5:
         80:22:b0:a5:1f:3b:02:06:da:77:e6:b2:ba:98:24:22:c5:8f:
         82:63:bb:72:d3:26:fb:ec:10:97:f9:95:2d:57:36:74:89:be:
         cf:da:39:78:ef:d6:e5:06:3a:fa:04:e5:77:06:53:96:b9:21:
         80:04:f3:20:ae:66:6d:e0:e1:85:b4:c6:a7:92:2b:34:81:6f:
         90:53:4c:7b
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUFL9gqeQT2Tncq/QeG8lHfPuf+2MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNTIxMDA1MDU5WhcNMjUwNjI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BkYTVhMzhhZTMyMDgzNjhlZDQ4NDc0MDUxNmYwZDUyOWJh
M2Q4OWI2YTZiNDFjZDljOGE2NjM1YjQ2MTI1MmQ2MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDqbcbk88utFrnqCnQQ7oXPWQSXPvAkZme6R4b5SaPo+Q6p
QPsJ4Xe7ZtqgBVTSgA5a8tjFpAHh5LLuiVu7AW/DGkikiU8J4DZw6m8yJoh9MLE6
3/c9ddoqfmpWKRLi8kt9IiYFvhGLh9jOiGd5zQ0ySHFBGF0bsYHAeiZsHEWVj3mP
Ssd1vx2iaqOHckLP8vVfmqjEcGLx53iDV7/vYvYIKa6gkaMfSf88IkLnksA0LG+Q
+tosoUuOYHG85HRBYUwegd7a/XbRVDHeTZ+ZEMQeNHBg3lklZa/7RCfRMAqKiVPT
Zzl7S/pT5a/TqcfET4tetLpzWUQooXsYelXDu0wBAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUItZCvFtZ7Oy43a6XoyWkle+5mywwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzA0YTFkMDgxLWFlOTMtNDU5ZS04OGNmLWZlOTJhOGQzMDAxMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABUYwDQYJKoZIhvcNAQELBQADggEBAIDsHtBeQdk5ORvXkKbeLTW1
Kh0mmhgaQyCRuomsSKb1pHXAd3q/5v1PAhBrL+mHdFvCbothtROGc5HLtgt5EPFG
BUDN/BSAzKP8U+z+p98ozsP7ZqdyK4BGUPadzaD4O4QgjcJVBB7UIh3Uz91HZ740
tWSD9EEsCdA94dU7CNAgJIVEt8FlNpgqI7Of5xPz+OJKeNv03GL8YEF8ifTRqMTD
2L8a8SUr+yX5aAjhlopU1YaU9YAisKUfOwIG2nfmsrqYJCLFj4Jju3LTJvvsEJf5
lS1XNnSJvs/aOXjv1uUGOvoE5XcGU5a5IYAE8yCuZm3g4YW0xqeSKzSBb5BTTHs=
-----END CERTIFICATE-----
Generated at Fri Jun 6 17:44:08 2025 by rpki-client