Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/555f0c83-1ce7-45af-b439-b2fab6a08187.roa
File:                     555f0c83-1ce7-45af-b439-b2fab6a08187.roa (raw, json)
Hash identifier:          gQEgSN+ocWSBbICcThYQscRfpWXake2msD1twUSTfu4=
Subject key identifier:   38:1B:B4:5B:71:AE:D7:2C:F8:F4:F3:BB:BF:45:55:71:7B:58:4D:27
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       52B381AE1737F027FF02F446A44C0195DB3007C8
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/555f0c83-1ce7-45af-b439-b2fab6a08187.roa
Signing time:             Mon 06 Oct 2025 17:13:53 +0000
ROA not before:           Mon 06 Oct 2025 17:13:53 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2605:9cc0:c0e::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 01:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:b3:81:ae:17:37:f0:27:ff:02:f4:46:a4:4c:01:95:db:30:07:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Oct  6 17:13:53 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=9d9131632a74dac643d7b8b31b2968ee5ffe1496ae326af2ef9a9380f800fba0, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:28:f7:d3:0b:8e:67:6d:71:1e:12:78:da:4c:
                    80:b8:e8:ec:7a:4d:20:1f:9c:f7:8a:31:eb:c5:ab:
                    56:d2:13:42:dd:63:ef:65:a6:48:e5:68:93:30:c0:
                    33:3f:26:e2:7c:9d:4f:6a:ec:02:b7:34:85:26:bb:
                    37:7a:2d:a3:67:ce:d0:52:a0:a7:19:2b:d9:6d:15:
                    dc:4b:e7:5c:8d:c6:79:fb:6f:b4:bc:4b:5a:31:ee:
                    ef:df:8f:41:d1:98:f2:cd:a5:83:82:3f:7d:a8:07:
                    12:d7:28:ef:75:63:46:f2:b5:ce:ef:99:39:12:5d:
                    fe:21:cf:9f:bd:6c:9a:fd:ea:2a:6b:41:4a:c0:5a:
                    63:31:47:0c:54:7a:e5:39:f4:e8:96:eb:2e:24:71:
                    eb:5a:cf:f5:9a:3a:71:94:47:af:13:3c:17:27:1e:
                    d8:cc:5f:17:c7:ed:51:07:7b:5b:39:d8:e5:2f:8e:
                    cb:ad:27:4a:38:71:76:8d:55:4a:ee:32:ac:eb:af:
                    fa:55:e7:6d:6a:f7:72:10:51:de:72:54:cf:a2:e5:
                    6c:68:4b:1a:8c:1f:ff:ef:a2:d6:83:df:5d:b9:6f:
                    11:b9:65:95:94:e3:3b:03:24:79:ff:91:0a:fa:5d:
                    b0:2f:15:d5:14:2f:b0:20:cf:4d:b6:a7:a8:b5:4c:
                    96:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:1B:B4:5B:71:AE:D7:2C:F8:F4:F3:BB:BF:45:55:71:7B:58:4D:27
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/555f0c83-1ce7-45af-b439-b2fab6a08187.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c0e::/48

    Signature Algorithm: sha256WithRSAEncryption
         79:f7:da:7e:44:18:64:18:d0:b8:e6:70:7c:9b:b0:ff:4b:c3:
         fd:d0:d6:d8:d3:e6:32:20:6b:d2:3a:b2:7a:71:af:bd:c8:f2:
         59:42:1b:f9:5f:ce:f0:94:c3:fb:bf:0e:04:b9:54:71:27:62:
         fc:bf:b2:a6:d9:b1:16:2d:1d:a0:02:2e:24:cb:c1:c6:73:8e:
         ca:93:8b:25:65:3c:99:3a:62:76:c0:e2:b1:0d:1a:ed:b3:60:
         a0:84:d3:5b:8e:aa:53:ef:1d:67:e3:41:d9:17:a1:7f:41:a9:
         60:3b:45:0c:99:2a:76:ae:a3:23:68:65:9a:02:cc:b3:63:e7:
         bf:1b:5b:32:b2:54:58:3c:73:b7:12:01:4a:77:1c:d2:c1:fa:
         f8:30:94:d3:d8:8b:69:13:a4:d6:1d:63:ca:9b:c0:f9:2a:ec:
         25:2b:8e:66:e0:d3:91:16:0e:43:0d:cc:d2:02:0e:27:f5:6d:
         c8:de:9d:5d:67:aa:05:cd:71:c8:ab:43:e8:c0:f3:fe:ea:fa:
         16:34:b8:8b:8f:51:29:ea:76:42:10:39:4a:3b:db:37:c5:44:
         c5:35:2d:80:4d:94:08:6b:ee:2d:30:35:12:3a:c4:ce:de:7c:
         81:6f:15:0d:16:fd:d3:34:28:9a:7f:3e:a9:d0:cb:30:3b:cf:
         e1:20:3c:09
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUUrOBrhc38Cf/AvRGpEwBldswB8gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUxMDA2MTcxMzUzWhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZDkxMzE2MzJhNzRkYWM2NDNkN2I4YjMxYjI5NjhlZTVm
ZmUxNDk2YWUzMjZhZjJlZjlhOTM4MGY4MDBmYmEwMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDdKPfTC45nbXEeEnjaTIC46Ox6TSAfnPeKMevFq1bSE0Ld
Y+9lpkjlaJMwwDM/JuJ8nU9q7AK3NIUmuzd6LaNnztBSoKcZK9ltFdxL51yNxnn7
b7S8S1ox7u/fj0HRmPLNpYOCP32oBxLXKO91Y0bytc7vmTkSXf4hz5+9bJr96ipr
QUrAWmMxRwxUeuU59OiW6y4kcetaz/WaOnGUR68TPBcnHtjMXxfH7VEHe1s52OUv
jsutJ0o4cXaNVUruMqzrr/pV521q93IQUd5yVM+i5WxoSxqMH//votaD3125bxG5
ZZWU4zsDJHn/kQr6XbAvFdUUL7Agz022p6i1TJaXAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUOBu0W3Gu1yz49PO7v0VVcXtYTScwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzU1NWYwYzgzLTFjZTctNDVhZi1iNDM5LWIyZmFiNmEwODE4Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADA4wDQYJKoZIhvcNAQELBQADggEBAHn32n5EGGQY0LjmcHybsP9L
w/3Q1tjT5jIga9I6snpxr73I8llCG/lfzvCUw/u/DgS5VHEnYvy/sqbZsRYtHaAC
LiTLwcZzjsqTiyVlPJk6YnbA4rENGu2zYKCE01uOqlPvHWfjQdkXoX9BqWA7RQyZ
KnauoyNoZZoCzLNj578bWzKyVFg8c7cSAUp3HNLB+vgwlNPYi2kTpNYdY8qbwPkq
7CUrjmbg05EWDkMNzNICDif1bcjenV1nqgXNccirQ+jA8/7q+hY0uIuPUSnqdkIQ
OUo72zfFRMU1LYBNlAhr7i0wNRI6xM7efIFvFQ0W/dM0KJp/PqnQyzA7z+EgPAk=
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:42:28 2025 by rpki-client