Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/8e5cac31-33d2-454d-a2b7-6ef85a8d494d.roa
File:                     8e5cac31-33d2-454d-a2b7-6ef85a8d494d.roa (raw, json)
Hash identifier:          L2jpwJL1RA+I/maNRsvTHcdJr7KedNdogMp66Gcpq4Y=
Subject key identifier:   FB:3F:6F:D5:E7:C4:09:BC:96:40:7A:D8:BC:CB:D8:84:5B:04:06:07
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       7878377105FCCF027B6BB211972D1AAE7373206A
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/8e5cac31-33d2-454d-a2b7-6ef85a8d494d.roa
Signing time:             Sat 15 Nov 2025 04:30:51 +0000
ROA not before:           Sat 15 Nov 2025 04:30:51 +0000
ROA not after:            Sat 20 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:396::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 19 Nov 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:78:37:71:05:fc:cf:02:7b:6b:b2:11:97:2d:1a:ae:73:73:20:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Nov 15 04:30:51 2025 GMT
            Not After : Dec 20 23:59:59 2025 GMT
        Subject: serialNumber=f3f9e2342361ea41d7575bfe815a69c039e32605c857a5f4939f3d146c7d5c49, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:e3:00:4e:01:a3:e6:7c:71:61:0a:3f:d2:ba:
                    5a:c9:c9:30:17:6a:b1:e4:25:1f:ca:79:0a:1b:49:
                    35:6e:b2:88:fd:ba:8e:c3:4f:49:ba:be:49:44:83:
                    8e:da:f1:62:c9:cc:26:19:f1:50:bc:b5:53:a5:a2:
                    1d:8b:52:98:5d:c2:d8:79:6c:fc:f9:12:45:38:54:
                    66:a1:c6:0d:7d:72:f9:5a:7d:64:d2:8e:b8:d7:aa:
                    22:84:b9:6b:c3:0e:3e:85:0c:a9:ea:45:b1:7a:8a:
                    75:9d:23:d6:4e:1e:46:32:38:4f:a1:2a:15:7b:66:
                    6f:6b:77:95:1f:74:bb:96:1e:1b:18:38:38:9b:d4:
                    f4:76:8d:3a:de:32:1b:25:99:82:30:09:cc:ec:73:
                    74:3e:a2:44:aa:d7:e5:4d:06:62:c8:28:d7:05:b3:
                    ec:b1:c6:db:33:21:28:dd:48:12:59:eb:ff:71:47:
                    57:9e:a8:47:95:c1:03:7b:9c:17:7d:b3:23:47:86:
                    92:4c:42:8d:56:a2:70:ca:4f:9a:1a:9d:00:74:e8:
                    7f:3a:f0:38:24:28:20:49:0a:dd:5c:b8:cb:a5:ad:
                    d8:2d:8b:bd:35:4d:81:1a:79:87:40:d9:f4:f0:2f:
                    e2:36:37:17:9c:0f:8e:e5:7a:be:ab:ff:f9:4d:8c:
                    03:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:3F:6F:D5:E7:C4:09:BC:96:40:7A:D8:BC:CB:D8:84:5B:04:06:07
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/8e5cac31-33d2-454d-a2b7-6ef85a8d494d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:396::/48

    Signature Algorithm: sha256WithRSAEncryption
         49:6e:75:0b:d0:d7:b5:ec:84:94:4a:dc:5e:30:4f:bd:77:6b:
         ee:21:1b:b5:47:f5:e6:71:00:68:ce:d6:d7:1b:94:2e:08:81:
         8e:e0:22:f8:2d:58:9c:b1:01:00:d3:f1:94:18:e8:35:ff:58:
         e6:57:c0:37:11:b0:a4:8b:7f:de:78:96:de:fc:02:48:b9:6b:
         5b:7e:7a:52:00:a7:3c:d7:49:93:d3:1e:be:b5:5f:4e:4a:03:
         c9:e7:21:97:93:6b:26:17:14:30:0b:7e:c0:95:d6:25:93:29:
         90:4e:e8:8f:1a:2a:e3:e7:d6:63:80:c6:8a:37:12:ef:6c:76:
         a7:28:60:1f:38:90:de:78:37:a3:4e:88:9b:c5:ae:c2:e1:aa:
         0d:8b:24:27:7c:f2:a3:11:6a:ed:ce:b2:2d:80:ea:f0:01:9f:
         79:1d:36:31:c2:3b:d8:b1:0f:1c:19:30:cc:aa:12:f6:a7:3b:
         57:b7:df:43:be:7a:a9:f8:40:d2:33:28:eb:bc:ec:d1:d8:62:
         8b:e0:83:cc:d1:37:01:83:71:7b:f7:22:42:5d:27:99:46:de:
         11:9f:5f:dc:f8:1f:49:6f:94:a6:4b:72:3b:57:d5:da:10:35:
         e5:c1:ae:30:5d:a6:61:13:bd:08:fb:22:9e:51:b1:a6:74:1c:
         e8:c8:5c:1a
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUeHg3cQX8zwJ7a7IRly0arnNzIGowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUxMTE1MDQzMDUxWhcNMjUxMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BmM2Y5ZTIzNDIzNjFlYTQxZDc1NzViZmU4MTVhNjljMDM5
ZTMyNjA1Yzg1N2E1ZjQ5MzlmM2QxNDZjN2Q1YzQ5MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCr4wBOAaPmfHFhCj/SulrJyTAXarHkJR/KeQobSTVusoj9
uo7DT0m6vklEg47a8WLJzCYZ8VC8tVOloh2LUphdwth5bPz5EkU4VGahxg19cvla
fWTSjrjXqiKEuWvDDj6FDKnqRbF6inWdI9ZOHkYyOE+hKhV7Zm9rd5UfdLuWHhsY
ODib1PR2jTreMhslmYIwCczsc3Q+okSq1+VNBmLIKNcFs+yxxtszISjdSBJZ6/9x
R1eeqEeVwQN7nBd9syNHhpJMQo1WonDKT5oanQB06H868DgkKCBJCt1cuMulrdgt
i701TYEaeYdA2fTwL+I2NxecD47ler6r//lNjAOxAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU+z9v1efECbyWQHrYvMvYhFsEBgcwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzhlNWNhYzMxLTMzZDItNDU0ZC1hMmI3LTZlZjg1YThkNDk0ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzAA5YwDQYJKoZIhvcNAQELBQADggEBAEludQvQ17XshJRK3F4wT713
a+4hG7VH9eZxAGjO1tcblC4IgY7gIvgtWJyxAQDT8ZQY6DX/WOZXwDcRsKSLf954
lt78Aki5a1t+elIApzzXSZPTHr61X05KA8nnIZeTayYXFDALfsCV1iWTKZBO6I8a
KuPn1mOAxoo3Eu9sdqcoYB84kN54N6NOiJvFrsLhqg2LJCd88qMRau3Osi2A6vAB
n3kdNjHCO9ixDxwZMMyqEvanO1e330O+eqn4QNIzKOu87NHYYovgg8zRNwGDcXv3
IkJdJ5lG3hGfX9z4H0lvlKZLcjtX1doQNeXBrjBdpmETvQj7Ip5RsaZ0HOjIXBo=
-----END CERTIFICATE-----