Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/c1d65d19-791f-4c71-bddb-e0812650e853.roa
File:                     c1d65d19-791f-4c71-bddb-e0812650e853.roa (raw, json)
Hash identifier:          Yex8vdVftSLAndVdvkdF2VD5yx/BmIwT9HOMIAC2C3Q=
Subject key identifier:   B2:63:4B:3F:B9:B7:43:75:DF:72:79:65:09:B6:07:AE:4B:2D:77:33
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       7758B1E64CE8EFBD79DA317EBC41A048CE29813E
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/c1d65d19-791f-4c71-bddb-e0812650e853.roa
Signing time:             Mon 06 Oct 2025 17:20:44 +0000
ROA not before:           Mon 06 Oct 2025 17:20:44 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:c20::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:58:b1:e6:4c:e8:ef:bd:79:da:31:7e:bc:41:a0:48:ce:29:81:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Oct  6 17:20:44 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=2201103568be77167421c5090cb6f34f4f1f68d33d6370d33be4068eaf3a55b2, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:be:0b:71:cf:0b:e0:73:f0:67:60:19:61:6e:
                    2b:3b:76:65:e4:cc:9f:80:ec:46:86:ab:92:4b:cb:
                    ec:25:87:8a:7c:82:41:fa:81:5b:f6:90:80:f2:48:
                    7d:8b:5a:eb:91:33:62:78:c5:3c:b1:f9:9e:62:70:
                    fb:84:bf:9f:b0:60:b9:c6:50:42:5e:cb:03:fd:cc:
                    15:c2:e3:81:30:1a:a7:0e:0a:db:e1:da:e4:8d:54:
                    60:1e:3e:77:14:59:1b:64:6e:39:93:e8:d3:eb:06:
                    70:dc:a7:01:59:de:26:c3:f0:3a:da:bb:97:d3:60:
                    1a:48:27:d3:82:7c:d1:04:8b:c9:f0:1e:90:2b:1e:
                    87:d5:ff:98:73:f4:c1:92:f9:ae:c5:10:f3:37:b3:
                    43:ba:08:11:3a:ea:4a:71:de:d5:44:bc:a9:75:db:
                    4e:73:c5:e6:83:41:40:e2:f5:e5:9c:75:e1:c8:4c:
                    d3:0e:a0:c0:f5:96:60:d9:7b:26:61:11:e1:e5:f7:
                    58:82:00:ab:42:01:9e:a3:08:38:9f:c9:eb:73:cf:
                    2f:aa:01:66:78:38:02:7c:6c:99:77:58:5d:52:23:
                    54:ae:f9:9b:8b:88:39:68:e6:21:85:88:82:57:58:
                    d8:a1:71:52:b4:fc:9a:22:d1:67:2e:45:b9:bb:12:
                    0d:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:63:4B:3F:B9:B7:43:75:DF:72:79:65:09:B6:07:AE:4B:2D:77:33
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/c1d65d19-791f-4c71-bddb-e0812650e853.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c20::/48

    Signature Algorithm: sha256WithRSAEncryption
         2b:8b:0c:36:d6:42:a5:12:c1:25:4a:56:83:f8:1a:a1:c5:3f:
         13:cf:c4:a7:52:d4:92:41:ce:af:4b:c8:bd:6f:37:73:d3:3c:
         0f:87:91:c6:f7:79:90:86:65:1e:69:6f:ef:a0:f6:e6:a7:69:
         80:8b:ca:c4:ee:27:49:25:22:cb:28:05:d5:4d:f0:9b:e6:cf:
         94:0d:72:7e:f8:71:2e:a5:8a:17:2b:5b:76:65:be:24:be:54:
         43:a3:09:03:1c:87:11:e0:01:12:22:92:22:d7:3b:30:fa:22:
         78:5d:f8:b9:56:aa:46:10:17:40:2f:87:93:68:6f:5e:00:c7:
         76:ae:2e:6f:a0:64:28:02:c2:1f:67:2e:d9:03:1e:11:b6:c7:
         5b:a3:6b:66:8d:20:80:0f:77:b9:1d:a5:e9:70:bf:df:7c:24:
         22:88:90:31:45:d3:c8:9d:d5:81:a2:cf:eb:9a:4b:db:a4:42:
         0e:83:c4:72:b4:64:d3:1f:84:95:98:a5:db:67:a8:ec:96:ac:
         63:27:db:61:f2:e2:c7:90:a6:1a:63:6b:d7:00:30:66:1f:82:
         77:25:ec:6f:80:05:d6:4a:1f:5b:a6:6a:cb:ee:38:43:33:17:
         5a:ee:97:00:68:70:78:7b:da:6f:71:5c:3c:25:a8:ef:f7:1c:
         51:55:8a:59
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUd1ix5kzo77152jF+vEGgSM4pgT4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUxMDA2MTcyMDQ0WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMjAxMTAzNTY4YmU3NzE2NzQyMWM1MDkwY2I2ZjM0ZjRm
MWY2OGQzM2Q2MzcwZDMzYmU0MDY4ZWFmM2E1NWIyMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdvgtxzwvgc/BnYBlhbis7dmXkzJ+A7EaGq5JLy+wlh4p8
gkH6gVv2kIDySH2LWuuRM2J4xTyx+Z5icPuEv5+wYLnGUEJeywP9zBXC44EwGqcO
Ctvh2uSNVGAePncUWRtkbjmT6NPrBnDcpwFZ3ibD8Drau5fTYBpIJ9OCfNEEi8nw
HpArHofV/5hz9MGS+a7FEPM3s0O6CBE66kpx3tVEvKl1205zxeaDQUDi9eWcdeHI
TNMOoMD1lmDZeyZhEeHl91iCAKtCAZ6jCDifyetzzy+qAWZ4OAJ8bJl3WF1SI1Su
+ZuLiDlo5iGFiIJXWNihcVK0/Joi0WcuRbm7Eg3BAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUsmNLP7m3Q3XfcnllCbYHrkstdzMwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2MxZDY1ZDE5LTc5MWYtNGM3MS1iZGRiLWUwODEyNjUwZTg1My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADCAwDQYJKoZIhvcNAQELBQADggEBACuLDDbWQqUSwSVKVoP4GqHF
PxPPxKdS1JJBzq9LyL1vN3PTPA+Hkcb3eZCGZR5pb++g9uanaYCLysTuJ0klIsso
BdVN8Jvmz5QNcn74cS6lihcrW3ZlviS+VEOjCQMchxHgARIikiLXOzD6Inhd+LlW
qkYQF0Avh5Nob14Ax3auLm+gZCgCwh9nLtkDHhG2x1uja2aNIIAPd7kdpelwv998
JCKIkDFF08id1YGiz+uaS9ukQg6DxHK0ZNMfhJWYpdtnqOyWrGMn22Hy4seQphpj
a9cAMGYfgncl7G+ABdZKH1umasvuOEMzF1rulwBocHh72m9xXDwlqO/3HFFVilk=
-----END CERTIFICATE-----