Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/90d62abd-55d6-4d53-9bfb-b5e20bc6d802.roa
File:                     90d62abd-55d6-4d53-9bfb-b5e20bc6d802.roa (raw, json)
Hash identifier:          ILPEPILG7CQqySHPatrM/PcfwN1E6vOzapS1iOX1liY=
Subject key identifier:   10:83:28:44:88:78:0B:98:A2:B7:25:A8:1D:D9:57:FD:D8:5D:99:8C
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       57C8BB3BD0DDB0E1A6C10A4D870ADB0BEC9EC5A6
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/90d62abd-55d6-4d53-9bfb-b5e20bc6d802.roa
Signing time:             Mon 17 Mar 2025 15:20:17 +0000
ROA not before:           Mon 17 Mar 2025 15:20:17 +0000
ROA not after:            Mon 21 Apr 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:9cc0:612::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 06 Apr 2025 01:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:c8:bb:3b:d0:dd:b0:e1:a6:c1:0a:4d:87:0a:db:0b:ec:9e:c5:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Mar 17 15:20:17 2025 GMT
            Not After : Apr 21 23:59:59 2025 GMT
        Subject: CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:bd:81:c3:e5:0f:0d:ab:78:7c:46:ce:23:02:
                    ea:5f:b0:bb:02:6e:e0:4a:36:df:62:52:34:cc:b6:
                    e6:36:0f:1c:2a:fe:0e:86:3b:54:a3:8a:4b:aa:10:
                    71:29:d5:d6:cb:0e:90:43:fd:29:9a:ec:3b:73:a0:
                    78:95:7a:11:60:ae:dd:cf:68:81:a0:36:79:48:8b:
                    9f:83:34:9c:f5:d1:88:85:dd:a3:f2:69:38:31:d4:
                    48:29:df:36:c7:64:f4:ca:17:5d:2c:8e:7e:59:78:
                    1e:a1:42:7b:a4:f5:58:00:86:b0:8a:4e:7c:fc:00:
                    e1:93:18:a4:71:3e:48:51:54:e4:2b:c7:ed:ec:64:
                    da:2b:a4:c8:b6:51:66:45:01:b5:ed:e1:28:2b:07:
                    ea:08:e4:0f:67:1b:66:36:f3:fd:0e:18:34:f8:12:
                    89:c5:c2:86:af:8d:64:82:6f:f3:bb:42:70:ef:e7:
                    26:11:a2:8e:65:33:56:ba:92:32:75:e2:7f:92:98:
                    2b:5f:be:23:d6:2a:f6:c4:0d:dd:06:a6:21:fb:20:
                    be:76:dc:53:2c:b7:fb:27:b9:39:64:c1:0d:7e:e3:
                    fe:47:f6:bb:ab:e6:39:57:e1:bf:f4:99:e3:7f:ba:
                    e0:3c:f7:b1:ae:c1:08:84:65:2d:77:01:a7:62:96:
                    5d:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:83:28:44:88:78:0B:98:A2:B7:25:A8:1D:D9:57:FD:D8:5D:99:8C
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/90d62abd-55d6-4d53-9bfb-b5e20bc6d802.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:612::/48

    Signature Algorithm: sha256WithRSAEncryption
         7e:7f:bd:47:c2:13:71:c9:be:10:46:a3:8c:cf:fc:3f:03:64:
         65:df:cd:44:40:6e:f9:06:89:f8:48:b7:a6:a0:dd:79:45:dc:
         4c:e4:19:51:b4:0c:5f:e8:28:c9:7e:92:52:64:b5:fa:d0:4b:
         e7:f6:00:e5:0a:d7:49:8c:ed:19:d6:58:06:ef:f6:27:45:5c:
         67:65:b5:76:01:c6:6a:af:b2:cf:08:aa:ff:02:e4:2a:af:66:
         f2:69:c8:42:f3:ee:c1:33:ee:cd:b3:44:b8:02:f0:27:10:40:
         1b:ba:0d:8f:03:f0:5c:b1:32:95:5e:ac:a9:51:9e:02:f9:6e:
         0c:a7:52:25:20:6e:25:d6:c4:9d:92:4c:dc:cd:57:ef:43:53:
         19:74:eb:90:c8:70:2a:38:c1:94:d3:5b:05:48:de:9e:03:b3:
         11:e2:e3:c0:ae:da:c3:89:c6:53:38:4f:58:26:62:0f:a1:f1:
         e1:c1:1b:f7:b0:2b:bd:8c:2b:20:6a:92:2e:31:45:ab:ef:d6:
         ac:0b:28:11:92:fc:a3:fd:ed:04:ee:8e:54:51:f4:d3:9e:47:
         65:82:31:a9:69:75:23:37:0f:2f:17:f2:38:6a:ba:01:8c:ad:
         79:26:af:fd:73:e5:4a:c6:66:3d:b8:4a:48:94:bc:20:73:b3:
         30:62:fa:5e
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUV8i7O9DdsOGmwQpNhwrbC+yexaYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMzE3MTUyMDE3WhcNMjUwNDIxMjM1OTU5
WjB6MUkwRwYDVQQFE0A1M2RjMDNkMTkzNWNiNjhhYWE1ZmFkNjRlYTU4Nzk5NjM1
MjgwZGFjZjU1MThiNDA4NGRmY2E1ODc2M2Q4NzdlMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDpvYHD5Q8Nq3h8Rs4jAupfsLsCbuBKNt9iUjTMtuY2Dxwq
/g6GO1SjikuqEHEp1dbLDpBD/Sma7DtzoHiVehFgrt3PaIGgNnlIi5+DNJz10YiF
3aPyaTgx1Egp3zbHZPTKF10sjn5ZeB6hQnuk9VgAhrCKTnz8AOGTGKRxPkhRVOQr
x+3sZNorpMi2UWZFAbXt4SgrB+oI5A9nG2Y28/0OGDT4EonFwoavjWSCb/O7QnDv
5yYRoo5lM1a6kjJ14n+SmCtfviPWKvbEDd0GpiH7IL523FMst/snuTlkwQ1+4/5H
9rur5jlX4b/0meN/uuA897GuwQiEZS13Aadill3xAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUEIMoRIh4C5iityWoHdlX/dhdmYwwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzkwZDYyYWJkLTU1ZDYtNGQ1My05YmZiLWI1ZTIwYmM2ZDgwMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABhIwDQYJKoZIhvcNAQELBQADggEBAH5/vUfCE3HJvhBGo4zP/D8D
ZGXfzURAbvkGifhIt6ag3XlF3EzkGVG0DF/oKMl+klJktfrQS+f2AOUK10mM7RnW
WAbv9idFXGdltXYBxmqvss8Iqv8C5CqvZvJpyELz7sEz7s2zRLgC8CcQQBu6DY8D
8FyxMpVerKlRngL5bgynUiUgbiXWxJ2STNzNV+9DUxl065DIcCo4wZTTWwVI3p4D
sxHi48Cu2sOJxlM4T1gmYg+h8eHBG/ewK72MKyBqki4xRavv1qwLKBGS/KP97QTu
jlRR9NOeR2WCMalpdSM3Dy8X8jhqugGMrXkmr/1z5UrGZj24SkiUvCBzszBi+l4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:35:56 2025 by rpki-client