Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/0c492edd-c347-4b97-a816-01566f9d097b.roa
File:                     0c492edd-c347-4b97-a816-01566f9d097b.roa (raw, json)
Hash identifier:          ISeKro7jPcGtytEXbYcTHH/8m8LjEww7HblgqLGhfTM=
Subject key identifier:   4C:4E:81:46:69:35:0C:84:D2:DD:7A:61:6B:95:9C:00:68:AF:83:33
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       63D9DE55429F66207333A52F37C368F34BA1F69D
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/0c492edd-c347-4b97-a816-01566f9d097b.roa
Signing time:             Fri 06 Jun 2025 00:20:13 +0000
ROA not before:           Fri 06 Jun 2025 00:20:13 +0000
ROA not after:            Fri 11 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2606:f40:8000::/39 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 07:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:d9:de:55:42:9f:66:20:73:33:a5:2f:37:c3:68:f3:4b:a1:f6:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: Jun  6 00:20:13 2025 GMT
            Not After : Jul 11 23:59:59 2025 GMT
        Subject: serialNumber=4e3caca3980c51dcbfb029e97d95a256f82b36f2d4da810999c4f4e94b82dd33, CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:0d:0c:99:aa:c4:5e:ba:14:6f:bb:dc:b2:0a:
                    cc:93:e8:89:6b:dd:47:75:ea:99:2d:6e:ba:02:9b:
                    cf:c8:4e:bb:da:76:c6:66:12:35:32:ed:19:91:d8:
                    75:40:81:04:0e:c0:22:65:a2:62:bf:88:05:45:dd:
                    e6:a8:e5:17:a4:69:fc:f4:01:91:04:07:28:0b:61:
                    4c:12:36:09:b8:9b:c2:2e:9f:6b:97:44:bb:5c:f6:
                    13:02:ca:32:6f:c5:48:4b:b8:a3:a7:da:a6:e4:0e:
                    7a:05:47:45:31:1a:63:01:9b:43:e0:af:46:bd:ed:
                    0b:26:7f:4d:25:9b:3c:cf:9f:0a:b4:bb:fe:1f:a6:
                    18:76:f6:e4:45:72:9f:cb:33:7d:88:26:79:4e:c4:
                    49:9a:99:ff:36:5f:46:d0:29:85:5d:bf:4d:73:e1:
                    71:d2:b7:60:f6:31:ef:ec:f3:d1:f6:59:68:4c:72:
                    b5:46:bb:81:eb:26:39:84:f6:3f:fe:5d:b6:78:29:
                    51:35:47:cc:f1:31:3b:b7:c6:89:70:8b:5f:8e:fb:
                    77:15:8b:b0:1d:a1:10:6c:61:72:ce:28:22:e3:46:
                    1a:b2:e9:40:85:1e:42:13:1f:b7:6b:72:48:43:1e:
                    a7:4a:ce:a6:87:aa:8c:a9:c6:fd:6d:bc:c0:49:bf:
                    f6:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:4E:81:46:69:35:0C:84:D2:DD:7A:61:6B:95:9C:00:68:AF:83:33
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/0c492edd-c347-4b97-a816-01566f9d097b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         12:b8:5c:09:41:62:6d:8a:ab:34:83:85:65:00:32:7e:19:c3:
         9d:06:5a:3d:1e:07:38:b1:13:e5:2a:0e:6f:5b:ab:ca:b7:3f:
         96:39:50:4d:62:a6:8b:28:02:f5:c1:60:f1:41:47:42:43:c7:
         5b:ed:98:59:c6:2b:2b:53:1c:5f:ba:8c:c1:48:36:3b:21:86:
         2e:85:43:b4:68:95:75:71:23:64:d2:a1:0a:53:a3:8c:d7:a4:
         ce:20:82:c5:ad:c3:d8:97:1b:96:ed:e7:bc:60:6b:a6:0c:bb:
         fb:dd:7d:12:f2:c9:84:b9:40:47:52:a7:27:2c:51:8f:d8:34:
         39:ec:16:bf:5b:1a:7b:67:25:4e:82:30:2c:06:83:19:9d:fe:
         f8:e9:b5:0c:72:5e:c8:18:a4:42:4f:bc:dd:16:5f:37:be:b3:
         2a:ed:23:96:83:fc:99:3c:6b:96:6d:af:4a:22:83:f6:3e:b2:
         af:8f:f7:d5:76:01:9b:e5:f8:82:ee:79:1b:56:1f:e4:1d:d5:
         ec:e1:d9:89:73:21:73:30:f3:08:be:8a:b0:3f:fc:6b:1b:86:
         e7:73:df:70:2a:b6:03:74:79:6a:fe:eb:ca:54:bf:11:67:2d:
         48:fb:cd:5b:99:ca:0f:cc:25:70:27:5e:2f:52:12:61:26:98:
         8a:44:c4:39
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUY9neVUKfZiBzM6UvN8No80uh9p0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjUwNjA2MDAyMDEzWhcNMjUwNzExMjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZTNjYWNhMzk4MGM1MWRjYmZiMDI5ZTk3ZDk1YTI1NmY4
MmIzNmYyZDRkYTgxMDk5OWM0ZjRlOTRiODJkZDMzMS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDEDQyZqsReuhRvu9yyCsyT6Ilr3Ud16pktbroCm8/ITrva
dsZmEjUy7RmR2HVAgQQOwCJlomK/iAVF3eao5Rekafz0AZEEBygLYUwSNgm4m8Iu
n2uXRLtc9hMCyjJvxUhLuKOn2qbkDnoFR0UxGmMBm0Pgr0a97Qsmf00lmzzPnwq0
u/4fphh29uRFcp/LM32IJnlOxEmamf82X0bQKYVdv01z4XHSt2D2Me/s89H2WWhM
crVGu4HrJjmE9j/+XbZ4KVE1R8zxMTu3xolwi1+O+3cVi7AdoRBsYXLOKCLjRhqy
6UCFHkITH7drckhDHqdKzqaHqoypxv1tvMBJv/Y1AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUTE6BRmk1DITS3Xpha5WcAGivgzMwHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjLzBjNDkyZWRkLWMzNDctNGI5Ny1hODE2LTAxNTY2ZjlkMDk3Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmBg9AgDANBgkqhkiG9w0BAQsFAAOCAQEAErhcCUFibYqrNIOFZQAyfhnD
nQZaPR4HOLET5SoOb1uryrc/ljlQTWKmiygC9cFg8UFHQkPHW+2YWcYrK1McX7qM
wUg2OyGGLoVDtGiVdXEjZNKhClOjjNekziCCxa3D2Jcblu3nvGBrpgy7+919EvLJ
hLlAR1KnJyxRj9g0OewWv1sae2clToIwLAaDGZ3++Om1DHJeyBikQk+83RZfN76z
Ku0jloP8mTxrlm2vSiKD9j6yr4/31XYBm+X4gu55G1Yf5B3V7OHZiXMhczDzCL6K
sD/8axuG53PfcCq2A3R5av7rylS/EWctSPvNW5nKD8wlcCdeL1ISYSaYikTEOQ==
-----END CERTIFICATE-----