Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/8e5cac31-33d2-454d-a2b7-6ef85a8d494d.roa
File:                     8e5cac31-33d2-454d-a2b7-6ef85a8d494d.roa (raw, json)
Hash identifier:          85/mHe/5zF+2M+kc4lgFaNBi4Gpjdl0Ug+KlMihvqgU=
Subject key identifier:   A7:F8:BB:D4:1F:65:6B:87:88:54:E9:3E:2E:54:19:18:AF:7C:63:CE
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       251626DF8261B00B61E34A794F9780BAC299329E
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/8e5cac31-33d2-454d-a2b7-6ef85a8d494d.roa
Signing time:             Wed 21 May 2025 00:51:33 +0000
ROA not before:           Wed 21 May 2025 00:51:33 +0000
ROA not after:            Wed 25 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:396::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 07 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:16:26:df:82:61:b0:0b:61:e3:4a:79:4f:97:80:ba:c2:99:32:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: May 21 00:51:33 2025 GMT
            Not After : Jun 25 23:59:59 2025 GMT
        Subject: serialNumber=087c1ed622729431b4a675a5c21abdfbe4a4ceffa0130ac3860f8a521478a994, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:46:5e:d5:8a:1d:5f:66:8a:9f:3b:f0:8c:55:
                    ae:25:47:55:b0:c1:50:88:3a:03:ff:d1:d6:7e:11:
                    a5:65:9f:4f:3c:4c:29:f7:4f:17:ed:04:5a:75:b4:
                    25:ea:01:cc:61:b1:be:8d:80:54:03:db:26:9a:04:
                    e2:ce:7a:19:0b:0c:c7:db:aa:fb:35:c0:7d:cd:39:
                    fb:a8:3b:06:e6:80:6a:2a:1f:d0:91:3c:99:aa:b5:
                    36:1b:ec:13:0d:2f:e6:7d:9b:62:88:eb:69:fd:fe:
                    d7:16:7f:e4:4f:cb:ca:d3:cb:1d:14:bf:d7:c2:a7:
                    1c:8b:0a:46:c6:30:85:49:61:10:7d:93:f9:dd:8b:
                    4e:b8:a0:b1:88:76:4d:e4:fe:79:74:ef:52:b5:a3:
                    ae:1b:39:47:9a:e5:67:dc:f9:2f:8f:56:b3:1f:da:
                    7e:b0:2b:37:c9:f6:d7:5e:94:12:df:15:04:97:5e:
                    9c:0d:0e:ab:28:a1:38:f2:50:55:0f:0c:e5:e8:82:
                    d8:47:8e:b8:a4:ae:ce:b9:cb:b5:f5:8b:5a:fc:44:
                    b7:bf:9e:34:fe:aa:46:d7:d3:ca:46:35:c2:d9:c0:
                    f3:82:73:62:6d:3c:33:96:b8:f3:21:16:26:65:1b:
                    e8:9d:4a:dd:1c:52:b7:dd:ca:69:2d:30:87:84:da:
                    e9:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:F8:BB:D4:1F:65:6B:87:88:54:E9:3E:2E:54:19:18:AF:7C:63:CE
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/8e5cac31-33d2-454d-a2b7-6ef85a8d494d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:396::/48

    Signature Algorithm: sha256WithRSAEncryption
         32:60:36:d2:81:0f:4b:13:03:0a:ab:f2:03:5e:ed:a8:26:02:
         47:4b:b9:d5:e1:37:44:70:c7:be:d2:05:ab:4f:30:e4:d0:07:
         d7:87:c5:01:31:02:56:31:95:1b:23:e7:cf:28:4b:59:ab:a0:
         68:ad:ce:87:87:84:fe:00:97:40:8e:64:07:a6:a7:49:a3:9c:
         d4:03:47:81:c6:16:07:c9:21:e2:e7:47:02:31:32:9c:d5:07:
         35:a2:c9:0a:72:f2:73:45:3e:e4:0d:24:1b:53:be:ad:60:6b:
         05:a9:6f:90:7e:1e:f3:39:4a:f3:ec:c7:fb:bd:8f:12:64:e0:
         c0:0b:71:db:bf:a8:f4:6f:1a:0e:fe:c2:84:0d:bc:e7:b1:80:
         ec:98:df:36:92:54:bd:50:7e:3c:01:2d:50:77:dc:9e:f3:84:
         ce:dd:e7:8a:0c:b4:ef:2f:93:29:a2:2e:55:9b:36:d8:f7:6f:
         3c:f7:f8:0f:f5:da:f7:99:e5:ee:21:d5:77:16:91:f4:cb:7c:
         28:f2:10:ec:f5:7f:bf:6c:ae:a7:87:4c:db:45:82:79:0c:43:
         2b:b1:8b:17:8c:ce:e4:18:b3:37:0c:8a:72:ba:fc:aa:04:d2:
         9a:f1:77:ea:b7:f9:23:02:77:be:1a:18:c8:5f:b9:41:d0:61:
         99:b1:c5:6e
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUJRYm34JhsAth40p5T5eAusKZMp4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNTIxMDA1MTMzWhcNMjUwNjI1MjM1OTU5
WjB6MUkwRwYDVQQFE0AwODdjMWVkNjIyNzI5NDMxYjRhNjc1YTVjMjFhYmRmYmU0
YTRjZWZmYTAxMzBhYzM4NjBmOGE1MjE0NzhhOTk0MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLRl7Vih1fZoqfO/CMVa4lR1WwwVCIOgP/0dZ+EaVln088
TCn3TxftBFp1tCXqAcxhsb6NgFQD2yaaBOLOehkLDMfbqvs1wH3NOfuoOwbmgGoq
H9CRPJmqtTYb7BMNL+Z9m2KI62n9/tcWf+RPy8rTyx0Uv9fCpxyLCkbGMIVJYRB9
k/ndi064oLGIdk3k/nl071K1o64bOUea5Wfc+S+PVrMf2n6wKzfJ9tdelBLfFQSX
XpwNDqsooTjyUFUPDOXogthHjrikrs65y7X1i1r8RLe/njT+qkbX08pGNcLZwPOC
c2JtPDOWuPMhFiZlG+idSt0cUrfdymktMIeE2umxAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUp/i71B9la4eIVOk+LlQZGK98Y84wHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzhlNWNhYzMxLTMzZDItNDU0ZC1hMmI3LTZlZjg1YThkNDk0ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzAA5YwDQYJKoZIhvcNAQELBQADggEBADJgNtKBD0sTAwqr8gNe7agm
AkdLudXhN0Rwx77SBatPMOTQB9eHxQExAlYxlRsj588oS1mroGitzoeHhP4Al0CO
ZAemp0mjnNQDR4HGFgfJIeLnRwIxMpzVBzWiyQpy8nNFPuQNJBtTvq1gawWpb5B+
HvM5SvPsx/u9jxJk4MALcdu/qPRvGg7+woQNvOexgOyY3zaSVL1QfjwBLVB33J7z
hM7d54oMtO8vkymiLlWbNtj3bzz3+A/12veZ5e4h1XcWkfTLfCjyEOz1f79srqeH
TNtFgnkMQyuxixeMzuQYszcMinK6/KoE0prxd+q3+SMCd74aGMhfuUHQYZmxxW4=
-----END CERTIFICATE-----
Generated at Fri Jun 6 03:51:27 2025 by rpki-client