Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/02e80c9d-369f-46ba-87b8-e7748e7c9c90.roa
File:                     02e80c9d-369f-46ba-87b8-e7748e7c9c90.roa (raw, json)
Hash identifier:          PlfnyP0bmS7TFMnI9jQ2CL5JaMrIcqLJgvmfze5CiqU=
Subject key identifier:   32:0E:64:EB:E8:8E:97:C9:1D:62:88:B7:21:FD:F3:53:9D:76:77:42
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       3D6FD5696D473F7346A2EDAE0067FCBC8684143B
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/02e80c9d-369f-46ba-87b8-e7748e7c9c90.roa
Signing time:             Tue 21 Oct 2025 13:10:08 +0000
ROA not before:           Tue 21 Oct 2025 13:10:08 +0000
ROA not after:            Tue 25 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:e700::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 06 Nov 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:6f:d5:69:6d:47:3f:73:46:a2:ed:ae:00:67:fc:bc:86:84:14:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Oct 21 13:10:08 2025 GMT
            Not After : Nov 25 23:59:59 2025 GMT
        Subject: serialNumber=4b908a4a12953897e17af37c9e5bce1e716b96b0e7a8200da7b772ec4ecd35ec, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:42:cc:6f:47:c7:e0:3f:fd:05:b3:37:4a:66:
                    d3:53:d1:72:d3:9c:ea:00:37:89:45:f1:7d:85:b4:
                    22:30:88:b0:be:78:ca:a6:b7:a6:18:20:67:81:eb:
                    42:3d:ae:f4:13:69:fb:6d:75:96:66:34:32:81:ec:
                    88:54:a0:28:bd:0e:73:77:ed:c0:64:c4:95:2e:6e:
                    33:7e:b7:76:21:3b:5d:81:c9:46:ac:59:5b:b8:dc:
                    70:48:e2:45:05:f2:92:e2:fe:46:a4:1f:c0:1d:a5:
                    3c:74:a7:4c:c9:dd:40:97:43:6a:4b:85:e3:16:a5:
                    f3:8d:35:e1:f6:50:3e:87:2e:bf:73:1a:9b:0f:a2:
                    4c:60:1c:53:ec:d7:bb:09:10:90:9b:d5:14:e0:1b:
                    53:2b:02:a8:ea:c1:80:03:67:92:d1:69:83:7e:19:
                    21:3a:8f:76:c1:c5:79:7d:8b:b1:d3:2c:79:1e:0b:
                    95:a7:e8:70:fd:05:e3:15:63:f9:ea:2b:a3:a5:f5:
                    38:44:b1:98:e1:9f:ed:90:e7:a6:f7:65:3e:2f:4f:
                    7c:1e:eb:06:82:6a:16:2a:47:ad:53:38:44:e4:6d:
                    29:79:bd:09:07:4f:d9:60:a3:e7:7e:cf:c9:0b:7e:
                    0d:ad:a2:39:29:90:91:96:e2:e1:c9:b6:40:22:bb:
                    10:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:0E:64:EB:E8:8E:97:C9:1D:62:88:B7:21:FD:F3:53:9D:76:77:42
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/02e80c9d-369f-46ba-87b8-e7748e7c9c90.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:e700::/40

    Signature Algorithm: sha256WithRSAEncryption
         76:a5:b0:b6:82:50:31:63:c5:d8:6d:0c:78:49:14:7f:da:65:
         bb:76:16:6a:1e:34:a8:46:fd:8f:04:f1:93:31:e6:28:eb:72:
         96:cb:94:b6:c5:63:34:e3:a8:1a:2b:77:68:fe:28:3b:55:9d:
         db:dc:59:fe:f7:51:df:96:e6:ab:1a:d2:52:39:ba:02:ac:81:
         5b:c6:29:b3:ec:fd:ab:68:7d:a2:b8:40:52:18:f6:ef:d9:92:
         76:48:3d:fe:2d:2f:53:c2:e3:53:3b:9b:1c:1e:93:84:cd:26:
         42:07:1e:63:f4:fe:0b:5b:90:2f:ef:09:99:7f:f6:44:a6:6c:
         5f:b7:68:e0:2d:e2:6d:14:44:5e:38:81:91:d8:94:82:39:ae:
         c6:67:b8:c7:e0:f4:d1:c9:44:c2:5f:3d:5b:5b:56:fc:17:9a:
         fb:37:fe:5e:9e:1f:17:49:ce:fa:89:5c:cb:a1:33:50:64:6d:
         d0:58:e6:b3:e1:be:fa:08:f0:60:6e:6a:f6:92:9c:00:9f:2e:
         e4:77:55:7d:ce:17:92:eb:e4:03:f1:33:c5:12:e4:b1:56:9d:
         9f:93:7b:e6:9a:21:1f:f0:9d:53:95:e4:ab:a0:07:80:19:f0:
         0f:d8:fb:42:c6:77:7a:24:ec:e9:44:ae:13:43:ad:60:56:b2:
         ce:b4:06:e4
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUPW/VaW1HP3NGou2uAGf8vIaEFDswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDIxMTMxMDA4WhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A0YjkwOGE0YTEyOTUzODk3ZTE3YWYzN2M5ZTViY2UxZTcx
NmI5NmIwZTdhODIwMGRhN2I3NzJlYzRlY2QzNWVjMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZQsxvR8fgP/0FszdKZtNT0XLTnOoAN4lF8X2FtCIwiLC+
eMqmt6YYIGeB60I9rvQTafttdZZmNDKB7IhUoCi9DnN37cBkxJUubjN+t3YhO12B
yUasWVu43HBI4kUF8pLi/kakH8AdpTx0p0zJ3UCXQ2pLheMWpfONNeH2UD6HLr9z
GpsPokxgHFPs17sJEJCb1RTgG1MrAqjqwYADZ5LRaYN+GSE6j3bBxXl9i7HTLHke
C5Wn6HD9BeMVY/nqK6Ol9ThEsZjhn+2Q56b3ZT4vT3we6waCahYqR61TOETkbSl5
vQkHT9lgo+d+z8kLfg2tojkpkJGW4uHJtkAiuxCdAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUMg5k6+iOl8kdYoi3If3zU512d0IwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzAyZTgwYzlkLTM2OWYtNDZiYS04N2I4LWU3NzQ4ZTdjOWM5MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPD75zANBgkqhkiG9w0BAQsFAAOCAQEAdqWwtoJQMWPF2G0MeEkUf9pl
u3YWah40qEb9jwTxkzHmKOtylsuUtsVjNOOoGit3aP4oO1Wd29xZ/vdR35bmqxrS
Ujm6AqyBW8Yps+z9q2h9orhAUhj279mSdkg9/i0vU8LjUzubHB6ThM0mQgceY/T+
C1uQL+8JmX/2RKZsX7do4C3ibRREXjiBkdiUgjmuxme4x+D00clEwl89W1tW/Bea
+zf+Xp4fF0nO+olcy6EzUGRt0Fjms+G++gjwYG5q9pKcAJ8u5HdVfc4XkuvkA/Ez
xRLksVadn5N75pohH/CdU5Xkq6AHgBnwD9j7QsZ3eiTs6USuE0OtYFayzrQG5A==
-----END CERTIFICATE-----