Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/8e5cac31-33d2-454d-a2b7-6ef85a8d494d.roa
File:                     8e5cac31-33d2-454d-a2b7-6ef85a8d494d.roa (raw, json)
Hash identifier:          sumIJ1kLaN2kKh7d5AtECBVM1v2K3mgW4o47alRsApU=
Subject key identifier:   F6:6C:D7:1B:47:67:33:0A:B4:4D:4F:BF:C6:56:2F:B5:B8:60:73:84
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       777BECF6885748393D79BC62A46F350A2009D662
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/8e5cac31-33d2-454d-a2b7-6ef85a8d494d.roa
Signing time:             Fri 26 Sep 2025 17:51:48 +0000
ROA not before:           Fri 26 Sep 2025 17:51:48 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:396::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 20 Oct 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:7b:ec:f6:88:57:48:39:3d:79:bc:62:a4:6f:35:0a:20:09:d6:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Sep 26 17:51:48 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=f35e8dc60c90aa3ed44b32f9dfd6664caf28d6423d39ee79b0ab200befd216f6, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:39:c5:c2:a0:25:71:a3:90:fa:26:d0:c0:bc:
                    24:49:ca:cd:80:f0:ca:66:a2:3a:c1:40:f4:0d:55:
                    4e:7a:92:3a:38:d6:ca:a6:9a:4c:a8:04:bf:78:dc:
                    65:b2:b9:7c:9e:18:bd:d3:df:dc:06:cc:96:a0:2c:
                    74:ff:e5:7c:e7:d6:e0:5a:1f:4c:94:af:8e:d7:4f:
                    36:3e:34:f6:f3:03:f5:11:6c:77:e3:a7:5d:b7:ad:
                    eb:13:2d:93:7f:99:ca:06:3f:2a:e8:25:2e:c8:8f:
                    7b:33:88:b0:0a:47:f0:79:f4:2a:18:60:f4:32:49:
                    70:cc:1a:54:20:1e:42:25:a0:4e:97:4a:f2:4c:b7:
                    ea:53:a7:53:78:49:2f:9a:b1:ce:b3:d7:81:4e:eb:
                    56:7f:82:3c:b3:70:44:f1:b9:a5:d7:9c:eb:ec:a9:
                    9d:80:78:78:a9:26:dd:ce:85:c1:ad:4c:d6:d5:08:
                    67:0b:38:b5:3c:73:eb:79:14:a9:17:a5:c5:68:b4:
                    0c:2c:99:60:51:fb:1c:a2:41:79:28:0e:6d:9d:a1:
                    f6:dc:ff:2a:17:f6:80:50:a0:f8:00:88:d3:8a:8b:
                    34:8c:dc:1d:64:e7:2d:40:c9:7a:e1:bc:1f:b1:29:
                    94:7d:9b:85:c2:a9:3e:fd:ae:d5:23:94:c3:4a:41:
                    23:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:6C:D7:1B:47:67:33:0A:B4:4D:4F:BF:C6:56:2F:B5:B8:60:73:84
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/8e5cac31-33d2-454d-a2b7-6ef85a8d494d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:396::/48

    Signature Algorithm: sha256WithRSAEncryption
         77:02:79:05:91:44:45:7f:bd:2f:23:80:0d:18:69:5e:af:04:
         0c:80:6e:f0:37:c9:94:81:b4:13:c1:e7:b0:0d:17:0e:12:ae:
         b8:bd:d0:55:46:17:1c:cd:4e:29:b7:71:d9:7c:8c:e0:1c:75:
         f9:1e:31:71:27:d8:c1:14:ce:59:55:d7:6f:90:ef:b0:0e:2b:
         cb:62:9f:2d:6d:2f:1b:f0:70:16:e0:d2:3a:57:b9:02:f8:c9:
         f1:fe:a1:48:90:9d:16:7a:b0:0d:d5:78:c1:7a:bd:f1:f0:3b:
         a6:c9:4a:70:51:c7:9d:3a:a8:89:37:28:5f:61:4d:7e:d4:b5:
         0b:f6:e9:d3:90:18:e1:60:7f:89:e4:02:73:c8:01:30:e1:d1:
         11:3b:ff:52:c7:76:91:04:6f:94:70:e1:2d:99:42:eb:e5:a4:
         8c:9a:34:df:d3:0c:62:9c:aa:8e:ab:21:36:ca:3a:33:10:55:
         22:4a:00:49:a5:1a:67:6c:15:59:30:db:2b:86:56:d7:7d:d6:
         07:b6:4f:64:6c:98:a3:f7:e2:4a:8f:7e:fe:50:8b:06:44:aa:
         81:68:c4:b1:72:cf:80:10:80:ec:a0:97:ca:87:c6:4a:58:4c:
         18:4d:bd:40:4f:47:ee:6f:50:20:5e:42:6c:d4:a7:70:2b:e5:
         ab:80:16:cc
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUd3vs9ohXSDk9ebxipG81CiAJ1mIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwOTI2MTc1MTQ4WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BmMzVlOGRjNjBjOTBhYTNlZDQ0YjMyZjlkZmQ2NjY0Y2Fm
MjhkNjQyM2QzOWVlNzliMGFiMjAwYmVmZDIxNmY2MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDaOcXCoCVxo5D6JtDAvCRJys2A8MpmojrBQPQNVU56kjo4
1sqmmkyoBL943GWyuXyeGL3T39wGzJagLHT/5Xzn1uBaH0yUr47XTzY+NPbzA/UR
bHfjp123resTLZN/mcoGPyroJS7Ij3sziLAKR/B59CoYYPQySXDMGlQgHkIloE6X
SvJMt+pTp1N4SS+asc6z14FO61Z/gjyzcETxuaXXnOvsqZ2AeHipJt3OhcGtTNbV
CGcLOLU8c+t5FKkXpcVotAwsmWBR+xyiQXkoDm2dofbc/yoX9oBQoPgAiNOKizSM
3B1k5y1AyXrhvB+xKZR9m4XCqT79rtUjlMNKQSMdAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU9mzXG0dnMwq0TU+/xlYvtbhgc4QwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzhlNWNhYzMxLTMzZDItNDU0ZC1hMmI3LTZlZjg1YThkNDk0ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzAA5YwDQYJKoZIhvcNAQELBQADggEBAHcCeQWRREV/vS8jgA0YaV6v
BAyAbvA3yZSBtBPB57ANFw4Srri90FVGFxzNTim3cdl8jOAcdfkeMXEn2MEUzllV
12+Q77AOK8tiny1tLxvwcBbg0jpXuQL4yfH+oUiQnRZ6sA3VeMF6vfHwO6bJSnBR
x506qIk3KF9hTX7UtQv26dOQGOFgf4nkAnPIATDh0RE7/1LHdpEEb5Rw4S2ZQuvl
pIyaNN/TDGKcqo6rITbKOjMQVSJKAEmlGmdsFVkw2yuGVtd91ge2T2RsmKP34kqP
fv5QiwZEqoFoxLFyz4AQgOygl8qHxkpYTBhNvUBPR+5vUCBeQmzUp3Ar5auAFsw=
-----END CERTIFICATE-----
Generated at Sat Oct 18 23:13:31 2025 by rpki-client