Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/ed3d80c5-fe07-46d3-90ed-6c6eaf8d34d3.roa
File:                     ed3d80c5-fe07-46d3-90ed-6c6eaf8d34d3.roa (raw, json)
Hash identifier:          u95CBYfy2T8CGRicnC57UIEQzMRaduw9CDke/XiRl6s=
Subject key identifier:   FE:EC:03:AF:38:3C:FB:63:F7:0E:50:2C:39:65:C4:FE:9A:38:91:8A
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       692DDC81ECD356B5AC68FBE8C6F90A6FB941F97D
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/ed3d80c5-fe07-46d3-90ed-6c6eaf8d34d3.roa
Signing time:             Tue 21 Oct 2025 12:30:26 +0000
ROA not before:           Tue 21 Oct 2025 12:30:26 +0000
ROA not after:            Tue 25 Nov 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2605:9cc0:b00::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 04 Nov 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:2d:dc:81:ec:d3:56:b5:ac:68:fb:e8:c6:f9:0a:6f:b9:41:f9:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Oct 21 12:30:26 2025 GMT
            Not After : Nov 25 23:59:59 2025 GMT
        Subject: serialNumber=e1ae6f1a37ce342d42845586888b40dc8b6bb5678fd0f3d778bdaf5f0ebe99e4, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:5d:86:62:af:2b:e5:50:1a:28:dd:04:d1:57:
                    f5:39:79:9f:f8:13:3a:72:91:d7:22:65:39:bc:7f:
                    92:3f:84:62:71:28:71:ac:3d:d1:cf:e4:8d:6f:ec:
                    13:a8:e1:ba:43:89:7e:fa:47:66:eb:5f:00:9c:5d:
                    79:29:c5:14:31:7e:b2:5c:3d:6b:eb:18:03:87:28:
                    bc:bd:a8:5f:96:09:fb:44:0f:70:19:67:4d:0e:8c:
                    0d:06:6f:1a:35:39:42:e3:ca:e6:a4:56:2c:67:cc:
                    46:54:d4:3c:25:99:00:bf:07:0a:53:23:ca:3e:8f:
                    77:12:c3:ae:1d:63:c7:f8:8a:58:20:88:ac:cb:71:
                    71:11:fb:78:db:75:cb:3b:79:bf:d6:ec:fa:b7:4b:
                    93:de:99:e1:f1:a3:a7:99:ce:ef:3f:5f:cb:b2:4c:
                    88:d6:29:ee:44:e8:a2:dc:5a:01:2a:c0:b4:b3:e6:
                    df:ba:5e:4f:cc:2c:46:fd:1d:96:b7:b8:27:1d:8c:
                    9f:12:1a:cb:47:38:20:ab:b6:08:3c:72:fa:2d:a9:
                    95:61:9e:b6:b9:9e:a6:ed:37:82:4c:9e:03:44:f6:
                    f9:28:3f:67:67:84:ca:51:c1:0f:f2:28:c4:db:05:
                    c7:6b:20:16:40:8e:51:a8:12:0a:1b:c8:da:b8:ff:
                    a8:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:EC:03:AF:38:3C:FB:63:F7:0E:50:2C:39:65:C4:FE:9A:38:91:8A
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/ed3d80c5-fe07-46d3-90ed-6c6eaf8d34d3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:b00::/40

    Signature Algorithm: sha256WithRSAEncryption
         19:ed:8c:6f:44:91:9b:fd:26:b8:34:5e:74:2f:fe:90:5f:34:
         aa:e1:5b:31:2b:26:4f:58:ce:58:c6:e7:94:bf:10:d7:73:64:
         39:d1:f7:e5:fd:50:ac:14:e9:9a:3f:80:a6:72:d1:92:b3:7c:
         03:0e:de:89:ae:7c:be:d7:59:47:d4:5c:15:57:27:80:f6:5a:
         6d:f0:85:c3:c6:13:44:64:b1:90:18:d9:8b:4f:26:13:05:6c:
         9f:59:e6:80:04:ba:e4:f5:c5:df:9d:6f:0e:ef:03:47:8f:26:
         7a:92:8b:86:e6:6d:7b:06:46:25:54:ee:32:1b:59:f7:26:a2:
         29:2f:dc:62:aa:a7:4f:e1:99:01:41:eb:ac:af:f1:ab:5c:ef:
         af:29:d8:2c:48:33:4e:12:c8:0f:e1:5b:0d:7d:8e:a5:d7:d3:
         53:fe:a2:29:b6:bb:9b:2c:a6:70:55:2b:df:da:4e:a8:1e:74:
         d1:6a:21:6a:35:53:dc:0f:3b:ea:0b:fb:ca:c9:6f:88:6a:0b:
         d3:ac:96:cb:16:ef:b8:24:0e:58:35:d6:1e:0e:70:dc:94:b4:
         70:c7:a8:92:1e:0f:93:e6:eb:f5:37:27:fa:9b:6f:c7:ad:a9:
         da:42:71:7a:50:f7:81:e9:16:8f:7f:f5:c9:79:40:cd:f3:e3:
         ec:c1:28:a2
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUaS3cgezTVrWsaPvoxvkKb7lB+X0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUxMDIxMTIzMDI2WhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BlMWFlNmYxYTM3Y2UzNDJkNDI4NDU1ODY4ODhiNDBkYzhi
NmJiNTY3OGZkMGYzZDc3OGJkYWY1ZjBlYmU5OWU0MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFXYZiryvlUBoo3QTRV/U5eZ/4EzpykdciZTm8f5I/hGJx
KHGsPdHP5I1v7BOo4bpDiX76R2brXwCcXXkpxRQxfrJcPWvrGAOHKLy9qF+WCftE
D3AZZ00OjA0Gbxo1OULjyuakVixnzEZU1DwlmQC/BwpTI8o+j3cSw64dY8f4ilgg
iKzLcXER+3jbdcs7eb/W7Pq3S5PemeHxo6eZzu8/X8uyTIjWKe5E6KLcWgEqwLSz
5t+6Xk/MLEb9HZa3uCcdjJ8SGstHOCCrtgg8cvotqZVhnra5nqbtN4JMngNE9vko
P2dnhMpRwQ/yKMTbBcdrIBZAjlGoEgobyNq4/6hdAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU/uwDrzg8+2P3DlAsOWXE/po4kYowHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2VkM2Q4MGM1LWZlMDctNDZkMy05MGVkLTZjNmVhZjhkMzRkMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmBZzACzANBgkqhkiG9w0BAQsFAAOCAQEAGe2Mb0SRm/0muDRedC/+kF80
quFbMSsmT1jOWMbnlL8Q13NkOdH35f1QrBTpmj+ApnLRkrN8Aw7eia58vtdZR9Rc
FVcngPZabfCFw8YTRGSxkBjZi08mEwVsn1nmgAS65PXF351vDu8DR48mepKLhuZt
ewZGJVTuMhtZ9yaiKS/cYqqnT+GZAUHrrK/xq1zvrynYLEgzThLID+FbDX2OpdfT
U/6iKba7myymcFUr39pOqB500WohajVT3A876gv7yslviGoL06yWyxbvuCQOWDXW
Hg5w3JS0cMeokh4Pk+br9Tcn+ptvx62p2kJxelD3gekWj3/1yXlAzfPj7MEoog==
-----END CERTIFICATE-----