Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/59031a63-ea1a-4943-86ab-19221a23ca42.roa
File:                     59031a63-ea1a-4943-86ab-19221a23ca42.roa (raw, json)
Hash identifier:          yECxH7apCO4zF5C6VtAqqPWf6iKVLqsnRrPNL6NK3bQ=
Subject key identifier:   5B:12:12:B9:6D:EC:62:EC:70:64:D0:2D:1D:12:CB:E2:A3:E9:AD:11
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       795DDFAB661CAFCB56FA87CA9A3E53C84AF3FF22
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/59031a63-ea1a-4943-86ab-19221a23ca42.roa
Signing time:             Wed 16 Apr 2025 00:10:11 +0000
ROA not before:           Wed 16 Apr 2025 00:10:11 +0000
ROA not after:            Wed 21 May 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2606:f40:8000::/39 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:5d:df:ab:66:1c:af:cb:56:fa:87:ca:9a:3e:53:c8:4a:f3:ff:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: Apr 16 00:10:11 2025 GMT
            Not After : May 21 23:59:59 2025 GMT
        Subject: serialNumber=43131127c2cb42b88a053d82332788c9e5d9f2495ec733f4a1a822210ae57227, CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:61:f9:2b:e8:38:bd:64:04:89:74:fe:66:61:
                    9b:ea:24:02:2f:fc:0e:22:22:bb:26:ff:82:e3:9d:
                    4a:ba:43:d9:d1:d4:fb:9d:8f:66:da:09:bb:5b:1d:
                    32:53:10:b3:bf:02:9f:22:0b:69:ff:3b:68:8c:f4:
                    f4:4c:34:db:52:20:ce:a6:be:d6:0a:eb:30:96:15:
                    f5:df:a2:f0:d0:96:64:f4:d9:bb:5b:fc:c3:b8:bd:
                    7e:ac:30:84:db:e7:cc:1e:55:62:9a:73:18:13:50:
                    15:33:7e:cd:ff:62:90:01:aa:87:1b:8f:07:c5:f8:
                    5b:4b:2f:08:32:d8:a0:f8:30:69:c8:a9:6c:75:bf:
                    66:76:8e:69:8c:32:e6:8b:f1:d2:f5:59:b4:c3:23:
                    25:92:a3:5c:17:74:5d:db:13:23:d6:6c:77:0c:5f:
                    bb:b3:21:0d:0e:87:74:d9:76:e7:c4:c9:0a:6d:18:
                    be:b6:35:2a:a5:c0:68:2e:f5:67:a5:53:b4:09:87:
                    77:55:48:e8:22:c7:87:11:9d:20:69:6b:1e:38:92:
                    b0:e1:91:32:5b:91:6c:84:cf:85:d2:9e:ab:c6:d0:
                    bf:90:22:c8:17:da:fb:b6:52:87:1e:86:f4:9a:82:
                    bc:19:c4:c5:2a:d6:ca:04:0f:23:ef:96:67:1c:1b:
                    bd:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:12:12:B9:6D:EC:62:EC:70:64:D0:2D:1D:12:CB:E2:A3:E9:AD:11
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/59031a63-ea1a-4943-86ab-19221a23ca42.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         45:40:dd:2b:3e:a5:74:44:eb:a7:a1:7e:e6:90:f8:6c:e1:df:
         74:70:7f:eb:f6:65:a3:42:af:6c:0e:c7:82:7f:86:8b:3b:43:
         e7:91:10:f0:0c:22:40:f6:3d:fc:69:f7:30:a2:9f:82:c9:80:
         cd:ea:4b:88:1a:18:f2:76:d2:48:f9:fd:2b:b7:99:03:0a:00:
         b0:db:4a:7c:f7:51:af:ce:e3:1a:30:0f:5d:4d:82:4c:e2:b1:
         e3:89:a4:55:26:6e:29:80:9a:dd:18:34:e9:ff:06:d9:71:fa:
         00:59:25:a1:cc:02:f9:90:7d:68:f0:5a:af:95:aa:49:7b:19:
         46:45:ce:f4:56:9f:ca:92:09:9a:5b:21:fd:3f:50:25:de:dc:
         1c:36:77:8c:d3:8f:e8:2c:99:47:99:18:5c:52:21:c8:47:20:
         92:64:e6:fe:fd:81:81:e4:02:a7:56:29:97:32:fe:b7:fe:c1:
         55:26:53:52:a7:cf:79:3b:42:05:7b:a3:2e:a0:48:15:9f:38:
         a7:fb:5b:b0:70:d3:1c:05:3b:a4:af:96:8e:f6:ab:1d:62:0d:
         f7:8a:5d:a6:e1:e0:a3:6b:82:82:d7:17:92:3f:0e:34:f4:73:
         da:03:87:45:83:02:7b:61:6e:9b:f4:9a:b3:17:56:ca:b3:17:
         0a:65:55:60
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUeV3fq2Ycr8tW+ofKmj5TyErz/yIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjUwNDE2MDAxMDExWhcNMjUwNTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0A0MzEzMTEyN2MyY2I0MmI4OGEwNTNkODIzMzI3ODhjOWU1
ZDlmMjQ5NWVjNzMzZjRhMWE4MjIyMTBhZTU3MjI3MS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0Yfkr6Di9ZASJdP5mYZvqJAIv/A4iIrsm/4LjnUq6Q9nR
1Pudj2baCbtbHTJTELO/Ap8iC2n/O2iM9PRMNNtSIM6mvtYK6zCWFfXfovDQlmT0
2btb/MO4vX6sMITb58weVWKacxgTUBUzfs3/YpABqocbjwfF+FtLLwgy2KD4MGnI
qWx1v2Z2jmmMMuaL8dL1WbTDIyWSo1wXdF3bEyPWbHcMX7uzIQ0Oh3TZdufEyQpt
GL62NSqlwGgu9WelU7QJh3dVSOgix4cRnSBpax44krDhkTJbkWyEz4XSnqvG0L+Q
IsgX2vu2UocehvSagrwZxMUq1soEDyPvlmccG72xAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUWxISuW3sYuxwZNAtHRLL4qPprREwHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjLzU5MDMxYTYzLWVhMWEtNDk0My04NmFiLTE5MjIxYTIzY2E0Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmBg9AgDANBgkqhkiG9w0BAQsFAAOCAQEARUDdKz6ldETrp6F+5pD4bOHf
dHB/6/Zlo0KvbA7Hgn+GiztD55EQ8AwiQPY9/Gn3MKKfgsmAzepLiBoY8nbSSPn9
K7eZAwoAsNtKfPdRr87jGjAPXU2CTOKx44mkVSZuKYCa3Rg06f8G2XH6AFklocwC
+ZB9aPBar5WqSXsZRkXO9FafypIJmlsh/T9QJd7cHDZ3jNOP6CyZR5kYXFIhyEcg
kmTm/v2BgeQCp1YplzL+t/7BVSZTUqfPeTtCBXujLqBIFZ84p/tbsHDTHAU7pK+W
jvarHWIN94pdpuHgo2uCgtcXkj8ONPRz2gOHRYMCe2Fum/SasxdWyrMXCmVVYA==
-----END CERTIFICATE-----