Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/06ea2b4a-6dfc-489d-b8f1-dc7f93cac1c3.roa
File:                     06ea2b4a-6dfc-489d-b8f1-dc7f93cac1c3.roa (raw, json)
Hash identifier:          s03nSkZJu4meq286YzKQL4CLia87XWjjGT9WZckR2vA=
Subject key identifier:   C2:79:79:CA:7C:A9:3B:32:CF:7B:27:F8:44:44:48:69:8E:75:1D:D8
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       01D15E99FB0499A33696C5D155A00D39C506A70E
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/06ea2b4a-6dfc-489d-b8f1-dc7f93cac1c3.roa
Signing time:             Fri 11 Jul 2025 18:31:33 +0000
ROA not before:           Fri 11 Jul 2025 18:31:33 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0fb:e900::/42 maxlen: 42
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 05 Aug 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:d1:5e:99:fb:04:99:a3:36:96:c5:d1:55:a0:0d:39:c5:06:a7:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jul 11 18:31:33 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=156ef39ab69b1e5c0fc8b0016225bc5de8b7dacc67fc3df33a053eccff178cd4, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:70:18:62:48:76:f8:c0:95:26:da:fe:21:ce:
                    77:85:98:b8:4c:1a:0a:98:df:8b:45:b6:e3:61:20:
                    91:7b:54:27:f0:aa:99:28:6c:c8:7f:f9:1f:8f:d8:
                    18:9d:ae:8f:ff:c7:56:ba:6e:50:ef:5e:32:cf:ff:
                    11:fc:77:1c:8b:e7:0c:d6:04:3d:62:99:aa:b3:fa:
                    19:f5:e2:ec:79:2c:cc:25:63:ed:2b:07:39:95:0f:
                    be:67:cc:8b:56:47:81:07:50:34:a7:cb:cd:6c:d1:
                    11:91:49:90:27:92:70:1d:d0:eb:7b:e0:96:72:0b:
                    f9:f3:3b:5e:51:89:16:aa:cb:8d:6a:e4:3e:fb:c5:
                    7d:27:9e:ba:45:ea:0e:d1:6d:66:f8:41:03:2a:9f:
                    1b:7d:25:72:8c:c4:92:21:ac:f3:6f:6b:29:05:04:
                    71:5a:cc:b0:59:97:3f:cf:ea:4d:bd:13:a1:66:8e:
                    02:d1:ff:42:70:5f:2c:68:6e:df:72:66:9a:01:94:
                    ff:44:85:30:f8:88:86:9d:94:82:69:8b:33:a2:af:
                    0e:8a:56:ba:bb:2f:47:62:89:00:74:45:ad:a3:ca:
                    9a:44:12:8a:2f:65:c4:64:8a:3b:8e:82:fc:ea:4d:
                    39:48:b7:c5:78:b4:31:5b:07:40:83:15:7a:31:2f:
                    fb:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:79:79:CA:7C:A9:3B:32:CF:7B:27:F8:44:44:48:69:8E:75:1D:D8
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/06ea2b4a-6dfc-489d-b8f1-dc7f93cac1c3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:e900::/42

    Signature Algorithm: sha256WithRSAEncryption
         a5:f6:05:d1:83:5d:91:d5:45:35:fc:ee:7a:50:f5:99:44:76:
         79:4d:74:be:8d:db:55:ac:e8:7c:45:f0:98:63:de:d2:cd:95:
         7a:8f:b2:52:56:2d:39:07:95:7c:da:dd:f9:bc:ae:67:06:e0:
         26:aa:f0:c4:a8:e9:33:4a:29:f8:55:e7:e9:c9:4f:c5:8c:ee:
         af:15:2b:8f:ea:e2:5b:81:69:64:51:1d:c9:e1:34:d7:cd:17:
         e8:37:c1:ef:c7:0f:f3:14:43:27:39:4b:20:44:d0:ab:ee:e0:
         11:2f:11:c7:42:42:7a:65:37:2c:fc:44:7c:05:db:f9:39:4a:
         52:92:92:91:bb:7f:bb:9e:2e:48:ca:d8:25:5b:05:d7:7b:20:
         8c:99:0f:05:c4:89:06:54:17:67:12:54:fa:5f:e2:1d:0f:04:
         14:23:dd:f6:25:08:9e:a9:8e:e0:13:d8:fe:78:ca:d5:6b:5a:
         53:09:3d:9f:92:2c:2d:a4:ea:1c:81:f9:8d:39:6a:26:3c:c8:
         65:80:84:cc:af:b2:61:78:d9:4e:3a:f0:53:2d:a0:56:f9:07:
         c7:1e:9d:73:5e:b2:7b:62:b6:f2:12:52:78:90:cc:a9:16:65:
         3b:5c:48:0a:e1:fe:6a:26:f3:b0:c1:89:ed:44:5c:3f:df:52:
         c9:e4:91:e1
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUAdFemfsEmaM2lsXRVaANOcUGpw4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNzExMTgzMTMzWhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0AxNTZlZjM5YWI2OWIxZTVjMGZjOGIwMDE2MjI1YmM1ZGU4
YjdkYWNjNjdmYzNkZjMzYTA1M2VjY2ZmMTc4Y2Q0MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCscBhiSHb4wJUm2v4hzneFmLhMGgqY34tFtuNhIJF7VCfw
qpkobMh/+R+P2Bidro//x1a6blDvXjLP/xH8dxyL5wzWBD1imaqz+hn14ux5LMwl
Y+0rBzmVD75nzItWR4EHUDSny81s0RGRSZAnknAd0Ot74JZyC/nzO15RiRaqy41q
5D77xX0nnrpF6g7RbWb4QQMqnxt9JXKMxJIhrPNvaykFBHFazLBZlz/P6k29E6Fm
jgLR/0JwXyxobt9yZpoBlP9EhTD4iIadlIJpizOirw6KVrq7L0diiQB0Ra2jyppE
EoovZcRkijuOgvzqTTlIt8V4tDFbB0CDFXoxL/vpAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUwnl5ynypOzLPeyf4RERIaY51HdgwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzA2ZWEyYjRhLTZkZmMtNDg5ZC1iOGYxLWRjN2Y5M2NhYzFjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwYmAPD76QAwDQYJKoZIhvcNAQELBQADggEBAKX2BdGDXZHVRTX87npQ9ZlE
dnlNdL6N21Ws6HxF8Jhj3tLNlXqPslJWLTkHlXza3fm8rmcG4Caq8MSo6TNKKfhV
5+nJT8WM7q8VK4/q4luBaWRRHcnhNNfNF+g3we/HD/MUQyc5SyBE0Kvu4BEvEcdC
QnplNyz8RHwF2/k5SlKSkpG7f7ueLkjK2CVbBdd7IIyZDwXEiQZUF2cSVPpf4h0P
BBQj3fYlCJ6pjuAT2P54ytVrWlMJPZ+SLC2k6hyB+Y05aiY8yGWAhMyvsmF42U46
8FMtoFb5B8cenXNesntitvISUniQzKkWZTtcSArh/mom87DBie1EXD/fUsnkkeE=
-----END CERTIFICATE-----