Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/f45e2fc4-e171-4aa3-862b-4af57208c9ee.roa
File:                     f45e2fc4-e171-4aa3-862b-4af57208c9ee.roa (raw, json)
Hash identifier:          DfGg/RMXO8dwbwwVV2bRkkylEbtmh87eyQRvgkiY7R0=
Subject key identifier:   94:B9:11:80:07:56:4F:87:EC:E7:E6:18:0A:F6:C0:52:FA:E4:19:E8
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       0388B9F6A47B25C257056583716A1588D8C9E430
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/f45e2fc4-e171-4aa3-862b-4af57208c9ee.roa
Signing time:             Tue 19 May 2026 04:00:33 +0000
ROA not before:           Tue 19 May 2026 04:00:33 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:9cc0:c23::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 13 Jun 2026 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:88:b9:f6:a4:7b:25:c2:57:05:65:83:71:6a:15:88:d8:c9:e4:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: May 19 04:00:33 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=503ecac60a38c7ec07e7d327dfe15ecad13eeccad747878098c93566c07c71c2, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:63:84:32:f3:95:bb:22:ed:b2:94:80:2b:bb:
                    64:b7:08:71:e9:68:97:2d:8e:fa:13:08:2e:cc:a9:
                    70:df:a7:a5:d3:96:03:92:a7:7b:98:9c:fa:32:2c:
                    32:3d:1b:c3:4e:93:7b:53:70:7e:20:c6:1b:95:67:
                    5b:b5:b2:29:6c:a1:16:95:19:26:b0:67:5c:9f:ff:
                    b9:b5:fd:55:fd:6b:49:a1:12:5e:1b:82:68:fc:fb:
                    41:43:67:cb:12:b7:b7:be:1a:77:bb:dd:ca:70:bc:
                    89:7e:13:65:79:0f:c8:bd:d0:a1:cf:0b:6f:e4:f1:
                    a2:90:82:87:ac:2f:e7:89:68:5e:61:51:75:55:a4:
                    02:5a:c8:b7:ba:2a:48:77:9d:2a:51:46:78:d0:99:
                    79:7d:ee:2b:47:60:fa:fc:8f:d1:95:87:6a:a0:ac:
                    c4:dc:a3:26:69:df:f7:da:99:7e:7e:4c:aa:14:75:
                    cd:66:1d:58:54:00:ed:bd:2e:e2:fa:1c:50:bf:2b:
                    d5:c6:f1:93:ef:ed:44:70:46:b2:1e:bc:3b:64:40:
                    75:21:9c:ff:d9:b5:1b:5a:8a:4d:a5:5a:e3:70:a6:
                    c8:da:32:63:97:7c:54:49:48:f1:87:19:92:c9:06:
                    bd:ba:df:9f:2e:9d:b4:5c:cc:03:6d:77:f9:9d:66:
                    b3:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:B9:11:80:07:56:4F:87:EC:E7:E6:18:0A:F6:C0:52:FA:E4:19:E8
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/f45e2fc4-e171-4aa3-862b-4af57208c9ee.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c23::/48

    Signature Algorithm: sha256WithRSAEncryption
         6f:12:6b:a9:4a:93:dd:82:30:33:98:c1:c2:23:dd:60:04:ca:
         88:e5:1b:ce:46:d6:39:77:b2:15:4b:1a:62:3e:d6:d8:5e:d4:
         7f:45:29:2e:47:64:7e:d4:5e:12:4a:bb:5e:54:19:06:45:e7:
         04:d1:b0:2e:48:d9:a4:96:53:36:51:6d:8f:27:92:b6:38:99:
         b1:1a:e4:42:29:63:a6:c6:3c:8b:fe:68:96:8b:c0:cb:8f:b9:
         e3:7b:2a:8c:98:8b:36:34:1a:6c:9d:c3:80:46:b1:13:aa:8c:
         a5:ab:93:0c:3f:10:f8:07:01:14:1f:1a:44:b2:d6:9b:0a:5e:
         d5:e2:51:c0:52:5b:83:70:4a:95:78:2b:ca:ee:20:67:fd:77:
         b8:4b:0f:1f:f7:bb:bc:62:53:83:39:77:de:2e:15:6a:02:b5:
         a2:eb:60:42:4d:a9:54:bf:5a:f5:34:b4:aa:40:6e:36:c0:45:
         a2:13:f7:87:4c:16:be:fb:2b:be:f7:9e:4c:c1:ee:05:17:b7:
         d1:94:5f:b9:9b:34:92:b4:dd:64:8b:21:c5:f0:b5:67:70:b0:
         89:94:00:2b:33:78:4d:f3:a7:e9:b5:e1:d1:eb:67:f9:f4:a6:
         c1:1f:e5:26:a5:7b:23:e6:85:dc:0b:9c:0c:48:33:4b:9c:05:
         f3:08:a0:dc
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUA4i59qR7JcJXBWWDcWoViNjJ5DAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjYwNTE5MDQwMDMzWhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1MDNlY2FjNjBhMzhjN2VjMDdlN2QzMjdkZmUxNWVjYWQx
M2VlY2NhZDc0Nzg3ODA5OGM5MzU2NmMwN2M3MWMyMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbY4Qy85W7Iu2ylIAru2S3CHHpaJctjvoTCC7MqXDfp6XT
lgOSp3uYnPoyLDI9G8NOk3tTcH4gxhuVZ1u1silsoRaVGSawZ1yf/7m1/VX9a0mh
El4bgmj8+0FDZ8sSt7e+Gne73cpwvIl+E2V5D8i90KHPC2/k8aKQgoesL+eJaF5h
UXVVpAJayLe6Kkh3nSpRRnjQmXl97itHYPr8j9GVh2qgrMTcoyZp3/famX5+TKoU
dc1mHVhUAO29LuL6HFC/K9XG8ZPv7URwRrIevDtkQHUhnP/ZtRtaik2lWuNwpsja
MmOXfFRJSPGHGZLJBr26358unbRczANtd/mdZrPLAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUlLkRgAdWT4fs5+YYCvbAUvrkGegwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2Y0NWUyZmM0LWUxNzEtNGFhMy04NjJiLTRhZjU3MjA4YzllZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADCMwDQYJKoZIhvcNAQELBQADggEBAG8Sa6lKk92CMDOYwcIj3WAE
yojlG85G1jl3shVLGmI+1the1H9FKS5HZH7UXhJKu15UGQZF5wTRsC5I2aSWUzZR
bY8nkrY4mbEa5EIpY6bGPIv+aJaLwMuPueN7KoyYizY0Gmydw4BGsROqjKWrkww/
EPgHARQfGkSy1psKXtXiUcBSW4NwSpV4K8ruIGf9d7hLDx/3u7xiU4M5d94uFWoC
taLrYEJNqVS/WvU0tKpAbjbARaIT94dMFr77K773nkzB7gUXt9GUX7mbNJK03WSL
IcXwtWdwsImUACszeE3zp+m14dHrZ/n0psEf5SaleyPmhdwLnAxIM0ucBfMIoNw=
-----END CERTIFICATE-----