Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/7024778f-df37-4401-8278-42efb73eb5f9.roa
File:                     7024778f-df37-4401-8278-42efb73eb5f9.roa (raw, json)
Hash identifier:          +9XhXOjtbPHe3F/FY7FZwCYKErZmir2GtK0Q+qMcZ54=
Subject key identifier:   2B:1A:FA:39:81:C8:52:6E:86:A4:46:D5:35:40:21:F1:A1:4F:C2:A5
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       4683629BDCC2C48063BE3B5FAE912A37B72C3EE6
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/7024778f-df37-4401-8278-42efb73eb5f9.roa
Signing time:             Fri 15 Aug 2025 15:10:14 +0000
ROA not before:           Fri 15 Aug 2025 15:10:14 +0000
ROA not after:            Fri 19 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:c03::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 21 Aug 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:83:62:9b:dc:c2:c4:80:63:be:3b:5f:ae:91:2a:37:b7:2c:3e:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Aug 15 15:10:14 2025 GMT
            Not After : Sep 19 23:59:59 2025 GMT
        Subject: serialNumber=e76c036cab2be4bcf94424754ce0c8bf8ec838b015c952848a73f86668c847d1, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:7e:c1:54:f5:6a:a0:26:cd:3c:45:1d:c2:9e:
                    64:d0:69:7d:72:35:46:96:a5:42:f6:97:01:ef:5a:
                    fa:70:f4:af:0d:98:af:ba:81:c0:e1:95:55:ea:1e:
                    a4:4e:9a:e0:32:ec:89:5b:17:92:e2:f6:94:37:2b:
                    41:e1:99:09:99:71:44:75:b8:d2:a1:6f:d9:31:cb:
                    34:dd:2d:24:1b:48:f0:01:18:82:60:6b:a1:95:c5:
                    7d:0f:77:d0:55:21:c8:85:57:5d:bc:f7:f0:95:6e:
                    67:6a:75:45:0b:36:99:2b:53:59:c4:2f:8d:45:36:
                    be:77:01:86:2a:7d:67:91:d2:cc:47:44:8a:4b:a6:
                    58:55:2f:24:9d:0d:67:bf:66:41:d3:48:2f:8a:cc:
                    57:4c:37:40:04:25:a4:ea:f9:bd:0e:0b:4e:86:c0:
                    e9:78:f6:bb:de:32:2e:00:fb:e2:20:5c:de:36:1b:
                    f6:8f:e6:c7:a0:bb:86:16:8b:49:dc:20:9b:1b:9b:
                    a4:58:93:c0:61:84:04:b5:63:62:8c:c5:b2:28:f6:
                    38:03:14:ae:35:42:db:78:ce:75:ad:1e:5b:d2:a2:
                    8d:5e:d9:da:53:28:15:4d:c6:8c:0a:a1:20:1b:31:
                    7e:2b:3a:ef:83:ac:97:1f:df:11:1d:d6:d4:7c:1a:
                    ef:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:1A:FA:39:81:C8:52:6E:86:A4:46:D5:35:40:21:F1:A1:4F:C2:A5
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/7024778f-df37-4401-8278-42efb73eb5f9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c03::/48

    Signature Algorithm: sha256WithRSAEncryption
         89:34:2c:c2:e4:6c:0d:e5:1a:d7:df:8a:16:be:63:db:c1:92:
         d3:13:1f:42:01:51:97:57:4b:7c:dc:4e:74:40:0b:38:56:b4:
         9b:d8:e5:a3:14:5a:5f:0f:f6:d6:b6:c5:73:95:09:cf:ba:d9:
         42:d1:b8:12:18:07:a3:70:68:80:aa:4f:7e:52:d8:78:5e:ac:
         46:1d:7f:d7:f6:f4:ef:32:e7:51:ac:2a:93:65:d1:7c:bf:63:
         2d:52:7b:41:77:c3:79:b7:1f:13:db:68:cf:98:15:56:36:3c:
         3d:99:9a:5a:cf:e2:0e:fb:e9:80:23:6e:76:18:3e:f6:d7:b9:
         c5:8c:20:98:c8:88:c9:62:23:7f:39:95:81:1c:ea:02:01:b2:
         be:fc:7e:e9:17:92:63:83:e3:db:c4:01:b0:55:1b:ba:64:16:
         a0:09:18:6b:24:1a:b2:7c:7b:eb:63:04:6a:a0:b0:92:ef:75:
         a6:c8:44:d4:ab:69:b6:b0:77:b0:4a:5b:e5:fc:d2:b9:56:aa:
         31:e8:04:82:dc:7d:68:69:c3:d9:c9:a2:62:cc:41:a8:28:ad:
         21:54:e5:3e:95:fc:72:22:ed:8f:55:a1:66:26:6d:71:ac:96:
         e3:27:ae:d4:37:59:58:a2:9b:6a:30:06:38:20:91:39:de:a9:
         65:23:5b:fb
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIURoNim9zCxIBjvjtfrpEqN7csPuYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwODE1MTUxMDE0WhcNMjUwOTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlNzZjMDM2Y2FiMmJlNGJjZjk0NDI0NzU0Y2UwYzhiZjhl
YzgzOGIwMTVjOTUyODQ4YTczZjg2NjY4Yzg0N2QxMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJfsFU9WqgJs08RR3CnmTQaX1yNUaWpUL2lwHvWvpw9K8N
mK+6gcDhlVXqHqROmuAy7IlbF5Li9pQ3K0HhmQmZcUR1uNKhb9kxyzTdLSQbSPAB
GIJga6GVxX0Pd9BVIciFV1289/CVbmdqdUULNpkrU1nEL41FNr53AYYqfWeR0sxH
RIpLplhVLySdDWe/ZkHTSC+KzFdMN0AEJaTq+b0OC06GwOl49rveMi4A++IgXN42
G/aP5segu4YWi0ncIJsbm6RYk8BhhAS1Y2KMxbIo9jgDFK41Qtt4znWtHlvSoo1e
2dpTKBVNxowKoSAbMX4rOu+DrJcf3xEd1tR8Gu+BAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUKxr6OYHIUm6GpEbVNUAh8aFPwqUwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzcwMjQ3NzhmLWRmMzctNDQwMS04Mjc4LTQyZWZiNzNlYjVmOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADAMwDQYJKoZIhvcNAQELBQADggEBAIk0LMLkbA3lGtffiha+Y9vB
ktMTH0IBUZdXS3zcTnRACzhWtJvY5aMUWl8P9ta2xXOVCc+62ULRuBIYB6NwaICq
T35S2HherEYdf9f29O8y51GsKpNl0Xy/Yy1Se0F3w3m3HxPbaM+YFVY2PD2ZmlrP
4g776YAjbnYYPvbXucWMIJjIiMliI385lYEc6gIBsr78fukXkmOD49vEAbBVG7pk
FqAJGGskGrJ8e+tjBGqgsJLvdabIRNSrabawd7BKW+X80rlWqjHoBILcfWhpw9nJ
omLMQagorSFU5T6V/HIi7Y9VoWYmbXGsluMnrtQ3WViim2owBjggkTneqWUjW/s=
-----END CERTIFICATE-----