Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/dd6f8923-ba0b-407d-a9e8-8c832583a0dd.roa
File:                     dd6f8923-ba0b-407d-a9e8-8c832583a0dd.roa (raw, json)
Hash identifier:          78yx9eBmJeClf/irRIYkP1EfHvs83dKaeQPHxrgWuYs=
Subject key identifier:   0B:1E:4B:3D:ED:93:07:75:CC:0C:32:7C:49:87:B8:60:EC:D8:B0:08
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       7F115858B19BAE0A9D432193A2CD3F4B532DE0A2
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/dd6f8923-ba0b-407d-a9e8-8c832583a0dd.roa
Signing time:             Tue 21 Oct 2025 12:40:13 +0000
ROA not before:           Tue 21 Oct 2025 12:40:13 +0000
ROA not after:            Tue 25 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:544::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 27 Oct 2025 01:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:11:58:58:b1:9b:ae:0a:9d:43:21:93:a2:cd:3f:4b:53:2d:e0:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Oct 21 12:40:13 2025 GMT
            Not After : Nov 25 23:59:59 2025 GMT
        Subject: serialNumber=bac8afde0e744c94a335218c720ed9f5fe16d970b0b1c16a6492beb712a33743, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:21:6e:09:ad:b8:11:88:18:2f:a7:7d:31:83:
                    43:7d:f2:74:56:77:a0:2a:85:73:06:7f:da:32:06:
                    4d:1b:7b:1f:f2:d9:35:5f:c9:08:62:8e:62:d6:c9:
                    4a:dd:c8:02:f1:6e:88:5f:a6:7f:ec:b4:7f:ed:b1:
                    d2:4b:b0:ef:a5:9d:e1:bf:82:58:2a:14:1b:d0:6e:
                    25:d6:e7:3e:d3:bf:cf:cb:3f:a0:70:e2:35:9d:9a:
                    7e:f9:bb:03:52:b7:2f:2d:dc:2e:1b:56:8b:8b:0d:
                    91:c8:67:23:2c:c5:73:18:2c:9c:6c:c2:b6:25:b4:
                    e5:ca:c9:c2:9c:78:66:83:fc:25:e2:dd:b2:77:b5:
                    8c:ae:e2:89:62:2d:7d:2a:7c:20:3b:86:47:be:2e:
                    b8:93:1f:9b:90:31:d3:51:dd:e7:80:30:24:49:8b:
                    bf:51:51:25:bc:32:68:ab:83:0e:f3:76:21:83:a8:
                    73:54:e6:28:31:1e:fa:19:44:75:42:b1:6b:fa:1d:
                    bf:85:d3:ca:73:42:bf:e1:9c:67:0c:47:2d:d2:7c:
                    23:98:89:ba:90:01:18:e3:fe:0a:2d:bb:e0:95:a6:
                    fa:8b:35:f6:58:56:b4:0e:ed:f4:49:7f:4a:03:a5:
                    93:99:be:d1:39:ef:1f:9a:6b:54:86:3e:da:31:32:
                    c2:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:1E:4B:3D:ED:93:07:75:CC:0C:32:7C:49:87:B8:60:EC:D8:B0:08
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/dd6f8923-ba0b-407d-a9e8-8c832583a0dd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:544::/48

    Signature Algorithm: sha256WithRSAEncryption
         6a:a7:eb:a0:d8:eb:f3:e0:85:43:88:ed:ca:d5:58:17:98:4f:
         b8:af:df:da:ce:a2:28:99:56:48:22:b8:3f:41:04:e9:b2:b3:
         00:f1:d4:7f:a5:bc:a9:e4:6a:eb:a8:3e:3b:cc:f3:a4:78:0c:
         ba:70:85:e8:2e:6c:ac:41:05:e4:1c:44:07:15:96:52:cf:43:
         29:82:25:fa:ad:1b:a4:ce:7d:87:9e:51:2c:e4:a2:ed:1b:03:
         56:76:5f:aa:5b:b9:1f:de:76:e0:53:72:fa:61:a9:93:df:74:
         6d:61:ce:05:b4:f6:dd:86:ba:ce:f0:df:0e:d4:08:e9:2a:6b:
         ce:1e:67:c7:bf:ce:4f:00:ea:79:b4:cf:75:b1:0d:c8:c7:2f:
         d3:2c:10:b8:c8:be:36:8d:5b:5b:cc:64:8c:78:9b:3a:63:0d:
         75:90:7a:2a:ee:2b:96:bb:24:55:5f:d2:47:5f:10:f0:88:5e:
         ab:8e:a0:ce:4a:a5:95:e7:9e:72:da:d3:72:13:ba:37:1f:d9:
         17:e0:f4:59:13:2e:ee:5c:12:94:ca:db:a8:91:42:2b:ec:0e:
         0e:ed:43:c4:98:cb:75:b1:cc:56:35:7f:7c:51:aa:24:08:af:
         2a:dd:1c:4b:b7:aa:92:2e:2f:d8:83:c9:4a:85:47:c4:0d:57:
         bd:87:1f:4e
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUfxFYWLGbrgqdQyGTos0/S1Mt4KIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUxMDIxMTI0MDEzWhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BiYWM4YWZkZTBlNzQ0Yzk0YTMzNTIxOGM3MjBlZDlmNWZl
MTZkOTcwYjBiMWMxNmE2NDkyYmViNzEyYTMzNzQzMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrIW4JrbgRiBgvp30xg0N98nRWd6AqhXMGf9oyBk0bex/y
2TVfyQhijmLWyUrdyALxbohfpn/stH/tsdJLsO+lneG/glgqFBvQbiXW5z7Tv8/L
P6Bw4jWdmn75uwNSty8t3C4bVouLDZHIZyMsxXMYLJxswrYltOXKycKceGaD/CXi
3bJ3tYyu4oliLX0qfCA7hke+LriTH5uQMdNR3eeAMCRJi79RUSW8Mmirgw7zdiGD
qHNU5igxHvoZRHVCsWv6Hb+F08pzQr/hnGcMRy3SfCOYibqQARjj/gotu+CVpvqL
NfZYVrQO7fRJf0oDpZOZvtE57x+aa1SGPtoxMsJrAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUCx5LPe2TB3XMDDJ8SYe4YOzYsAgwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2RkNmY4OTIzLWJhMGItNDA3ZC1hOWU4LThjODMyNTgzYTBkZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABUQwDQYJKoZIhvcNAQELBQADggEBAGqn66DY6/PghUOI7crVWBeY
T7iv39rOoiiZVkgiuD9BBOmyswDx1H+lvKnkauuoPjvM86R4DLpwhegubKxBBeQc
RAcVllLPQymCJfqtG6TOfYeeUSzkou0bA1Z2X6pbuR/eduBTcvphqZPfdG1hzgW0
9t2Gus7w3w7UCOkqa84eZ8e/zk8A6nm0z3WxDcjHL9MsELjIvjaNW1vMZIx4mzpj
DXWQeiruK5a7JFVf0kdfEPCIXquOoM5KpZXnnnLa03ITujcf2Rfg9FkTLu5cEpTK
26iRQivsDg7tQ8SYy3WxzFY1f3xRqiQIryrdHEu3qpIuL9iDyUqFR8QNV72HH04=
-----END CERTIFICATE-----
Generated at Sat Oct 25 23:44:18 2025 by rpki-client