Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/da1fbb90-a595-4798-8d13-e5183edbf500.roa
File:                     da1fbb90-a595-4798-8d13-e5183edbf500.roa (raw, json)
Hash identifier:          f4ryLvjUYOfMzV7Nl8PUq/vn6PyCDuhRMn+3AnIRBm0=
Subject key identifier:   39:57:16:B3:28:E4:27:3F:7E:CA:60:A8:3F:91:76:56:A5:27:84:96
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       0C5E7CA750F6BADA77054CE4710C3991E123D105
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/da1fbb90-a595-4798-8d13-e5183edbf500.roa
Signing time:             Sat 31 May 2025 00:20:39 +0000
ROA not before:           Sat 31 May 2025 00:20:39 +0000
ROA not after:            Sat 05 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:612::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:5e:7c:a7:50:f6:ba:da:77:05:4c:e4:71:0c:39:91:e1:23:d1:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: May 31 00:20:39 2025 GMT
            Not After : Jul  5 23:59:59 2025 GMT
        Subject: serialNumber=894edabd371bac511eec9042f2ab670e4c1a3bccbac6d6486cb2679f89012579, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:f3:e3:13:71:ba:60:a1:77:6c:b4:52:c8:7e:
                    fc:2e:f8:24:3f:03:0a:94:95:ab:fa:78:e9:78:55:
                    14:93:eb:0d:35:46:7c:e3:cf:07:49:76:08:77:ec:
                    75:98:77:e3:75:e4:62:1b:9f:ef:4d:c0:39:64:a5:
                    93:06:3c:ce:57:ee:e6:da:c2:59:e2:ff:9b:72:04:
                    5f:cf:e0:91:74:99:fa:e1:8b:e8:1d:14:9f:c8:76:
                    ee:03:e1:92:da:7a:84:c2:f9:aa:ab:fc:f2:62:6b:
                    f3:c2:73:d1:83:bf:8b:8e:01:1d:68:be:48:80:ce:
                    9a:e4:ce:84:bc:62:cb:6e:6f:cb:ad:f9:ce:fd:cb:
                    16:cd:31:35:73:29:9f:50:a5:d6:fa:19:e7:bf:ff:
                    da:82:e5:88:2c:af:d2:b4:f7:d5:77:6a:c7:ad:cf:
                    c9:3a:b5:15:72:61:66:7a:c4:2a:63:b1:c5:8c:1d:
                    76:10:e5:4b:bc:9a:4d:19:5b:5f:80:9e:79:3f:cb:
                    48:3c:00:5c:ce:be:40:a7:be:27:43:06:bb:43:ed:
                    df:14:e9:bc:4a:25:9a:bb:75:37:29:7c:d2:9f:23:
                    67:70:05:2c:8f:5f:60:72:79:22:7b:d0:46:d6:6b:
                    05:95:b4:02:42:eb:6c:b2:27:d5:d7:c0:db:21:b6:
                    f8:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:57:16:B3:28:E4:27:3F:7E:CA:60:A8:3F:91:76:56:A5:27:84:96
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/da1fbb90-a595-4798-8d13-e5183edbf500.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:612::/48

    Signature Algorithm: sha256WithRSAEncryption
         70:0d:22:46:b1:ca:b9:82:5b:88:8d:e1:6b:93:53:81:6f:c7:
         c3:9c:ca:f0:13:f2:91:20:0f:c1:23:d2:82:44:e2:10:f5:38:
         fb:23:c8:ea:8a:44:28:c2:67:b8:ad:74:da:f3:96:dd:5c:91:
         ac:c6:c6:48:2f:06:b2:05:c2:16:63:72:e0:8c:f1:bc:6f:de:
         b9:84:a4:50:42:c0:51:7b:f4:04:ce:74:e4:2a:94:9f:89:74:
         75:87:91:09:45:39:07:9c:bf:43:9c:9c:05:a5:c3:74:9d:b5:
         0c:d4:dd:bd:cc:13:c8:d5:7d:ff:3d:26:1b:2a:62:2d:4d:7e:
         06:2a:89:4f:3d:63:09:6d:97:03:cb:37:5e:22:10:ac:5f:0e:
         55:23:2e:16:ca:1d:b5:5b:41:27:0d:8c:46:87:a0:3c:6c:b2:
         87:9e:88:01:73:56:18:96:a5:b6:f7:66:23:aa:1d:50:fe:c3:
         44:5d:ba:29:57:69:4f:44:86:f5:82:bd:d7:b6:57:db:df:e1:
         48:e2:24:ae:09:2c:d2:da:6b:f0:f6:aa:ea:5f:d6:32:a5:a6:
         ef:27:b8:d1:28:97:2b:c8:dd:54:44:e9:bb:30:99:d9:f5:c8:
         10:e4:63:6d:2a:a7:12:89:1a:d1:aa:ef:3f:11:38:61:b9:31:
         d2:f8:55:80
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUDF58p1D2utp3BUzkcQw5keEj0QUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNTMxMDAyMDM5WhcNMjUwNzA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A4OTRlZGFiZDM3MWJhYzUxMWVlYzkwNDJmMmFiNjcwZTRj
MWEzYmNjYmFjNmQ2NDg2Y2IyNjc5Zjg5MDEyNTc5MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCk8+MTcbpgoXdstFLIfvwu+CQ/AwqUlav6eOl4VRST6w01
RnzjzwdJdgh37HWYd+N15GIbn+9NwDlkpZMGPM5X7ubawlni/5tyBF/P4JF0mfrh
i+gdFJ/Idu4D4ZLaeoTC+aqr/PJia/PCc9GDv4uOAR1ovkiAzprkzoS8Ystub8ut
+c79yxbNMTVzKZ9Qpdb6Gee//9qC5Ygsr9K099V3asetz8k6tRVyYWZ6xCpjscWM
HXYQ5Uu8mk0ZW1+Annk/y0g8AFzOvkCnvidDBrtD7d8U6bxKJZq7dTcpfNKfI2dw
BSyPX2ByeSJ70EbWawWVtAJC62yyJ9XXwNshtvgvAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUOVcWsyjkJz9+ymCoP5F2VqUnhJYwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2RhMWZiYjkwLWE1OTUtNDc5OC04ZDEzLWU1MTgzZWRiZjUwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABhIwDQYJKoZIhvcNAQELBQADggEBAHANIkaxyrmCW4iN4WuTU4Fv
x8OcyvAT8pEgD8Ej0oJE4hD1OPsjyOqKRCjCZ7itdNrzlt1ckazGxkgvBrIFwhZj
cuCM8bxv3rmEpFBCwFF79ATOdOQqlJ+JdHWHkQlFOQecv0OcnAWlw3SdtQzU3b3M
E8jVff89JhsqYi1NfgYqiU89YwltlwPLN14iEKxfDlUjLhbKHbVbQScNjEaHoDxs
soeeiAFzVhiWpbb3ZiOqHVD+w0RduilXaU9EhvWCvde2V9vf4UjiJK4JLNLaa/D2
qupf1jKlpu8nuNEolyvI3VRE6bswmdn1yBDkY20qpxKJGtGq7z8ROGG5MdL4VYA=
-----END CERTIFICATE-----
Generated at Fri Jun 6 18:19:21 2025 by rpki-client