Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/1e0ccd54-23cc-4939-b5be-1cf1c8ab6154.roa
File:                     1e0ccd54-23cc-4939-b5be-1cf1c8ab6154.roa (raw, json)
Hash identifier:          9CTOS4GqZwqlkH8WiwktXvAQS88MH8TIQcIzGx9ALiI=
Subject key identifier:   1F:F3:B3:9A:CE:1A:E2:BE:5E:33:05:45:17:43:5F:1B:B6:5F:7D:FE
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       3289907711B7B71B5CD5F21757389F181E0AD3F5
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/1e0ccd54-23cc-4939-b5be-1cf1c8ab6154.roa
Signing time:             Tue 28 Oct 2025 00:10:06 +0000
ROA not before:           Tue 28 Oct 2025 00:10:06 +0000
ROA not after:            Tue 02 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:6102::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 06 Nov 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:89:90:77:11:b7:b7:1b:5c:d5:f2:17:57:38:9f:18:1e:0a:d3:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Oct 28 00:10:06 2025 GMT
            Not After : Dec  2 23:59:59 2025 GMT
        Subject: serialNumber=6d72a030dfdbf43aab9e2e61cf65aa001315dfedc452dcf920e5fe274390acf8, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:51:1a:0a:62:8c:e4:8f:aa:2f:f3:6a:b9:28:
                    e0:a6:ff:46:94:ad:1b:86:08:a2:e3:d7:33:ca:c9:
                    17:c5:78:91:aa:35:b5:24:95:df:f4:c5:90:0a:26:
                    ac:47:e1:5a:6a:81:b5:da:2a:ab:74:a3:7d:8e:b4:
                    1b:b0:98:6c:bc:e4:b9:95:5b:8c:88:b1:56:30:ca:
                    7e:ac:a5:72:ec:2d:57:41:a4:a2:79:ab:a2:00:e2:
                    c9:06:0c:e3:ea:f0:9e:13:66:e7:d7:e9:48:88:38:
                    66:ed:3b:3f:63:31:f0:42:ed:10:83:6e:e8:d7:c4:
                    e0:d2:23:e5:77:5f:f9:0c:8b:73:ab:de:00:82:04:
                    78:77:64:ac:e2:83:1d:85:26:58:f8:34:8f:55:9e:
                    3c:54:f5:00:77:d3:ea:98:af:64:8c:04:37:f5:21:
                    a7:fc:24:8c:7f:17:99:5f:b4:e3:33:8e:e6:eb:86:
                    47:f8:b1:91:14:68:36:34:25:71:46:81:77:3b:70:
                    f7:9e:9e:bd:82:07:f6:82:dd:23:bf:0e:ee:ab:fc:
                    2e:ee:c2:33:b2:00:b5:97:20:cd:d9:31:cc:55:bb:
                    42:b3:34:a7:b2:64:4d:f8:93:0f:10:5d:af:ef:af:
                    45:e4:61:70:18:da:3b:74:e4:d4:8a:ce:17:f6:6c:
                    83:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:F3:B3:9A:CE:1A:E2:BE:5E:33:05:45:17:43:5F:1B:B6:5F:7D:FE
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/1e0ccd54-23cc-4939-b5be-1cf1c8ab6154.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:6102::/48

    Signature Algorithm: sha256WithRSAEncryption
         57:23:10:52:70:5c:7e:5d:c9:c4:f9:8e:1c:4a:2c:10:3f:e2:
         3b:93:9b:60:23:b5:4f:0f:0a:69:00:dc:93:3c:17:ef:5a:f1:
         ac:ae:94:e5:b7:3a:d4:ef:87:b3:36:d8:fc:1f:d5:e0:d5:9d:
         dc:f5:8a:29:f0:17:66:cb:f0:c5:41:4a:d6:81:89:80:5d:7a:
         12:5b:5b:fa:1b:81:99:0a:ad:77:ff:6b:e7:8b:69:9f:c7:c8:
         42:6a:da:d7:5b:06:9f:40:2a:5f:4a:8b:c4:00:05:7b:07:0f:
         2d:8f:f7:e0:c4:cd:8f:22:31:4f:7e:f2:db:4f:3c:ac:c3:f5:
         e7:0c:c3:ad:69:0c:e8:50:c7:9b:21:72:45:e7:bb:7b:65:92:
         e4:e6:15:5d:cd:2b:cf:a6:c0:e1:e4:03:8f:40:54:94:4c:26:
         e1:cf:81:11:86:d0:89:9e:24:bc:78:fd:b6:cf:35:30:63:c9:
         a6:d8:e6:7e:3e:63:c5:29:4f:88:e6:c3:14:1a:85:e4:63:19:
         dc:a0:04:56:49:79:b7:c1:d6:b2:f7:1d:38:68:01:58:56:0c:
         32:90:ee:43:b8:60:63:c2:e4:3d:01:35:8f:1a:bf:e3:66:af:
         2b:99:2d:8c:6a:05:3b:07:34:ae:36:bc:df:c8:f8:17:ae:05:
         0c:8d:36:a3
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUMomQdxG3txtc1fIXVzifGB4K0/UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDI4MDAxMDA2WhcNMjUxMjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A2ZDcyYTAzMGRmZGJmNDNhYWI5ZTJlNjFjZjY1YWEwMDEz
MTVkZmVkYzQ1MmRjZjkyMGU1ZmUyNzQzOTBhY2Y4MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCSURoKYozkj6ov82q5KOCm/0aUrRuGCKLj1zPKyRfFeJGq
NbUkld/0xZAKJqxH4VpqgbXaKqt0o32OtBuwmGy85LmVW4yIsVYwyn6spXLsLVdB
pKJ5q6IA4skGDOPq8J4TZufX6UiIOGbtOz9jMfBC7RCDbujXxODSI+V3X/kMi3Or
3gCCBHh3ZKzigx2FJlj4NI9VnjxU9QB30+qYr2SMBDf1Iaf8JIx/F5lftOMzjubr
hkf4sZEUaDY0JXFGgXc7cPeenr2CB/aC3SO/Du6r/C7uwjOyALWXIM3ZMcxVu0Kz
NKeyZE34kw8QXa/vr0XkYXAY2jt05NSKzhf2bIMHAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUH/Ozms4a4r5eMwVFF0NfG7Zfff4wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzFlMGNjZDU0LTIzY2MtNDkzOS1iNWJlLTFjZjFjOGFiNjE1NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwYQIwDQYJKoZIhvcNAQELBQADggEBAFcjEFJwXH5dycT5jhxKLBA/
4juTm2AjtU8PCmkA3JM8F+9a8ayulOW3OtTvh7M22Pwf1eDVndz1iinwF2bL8MVB
StaBiYBdehJbW/obgZkKrXf/a+eLaZ/HyEJq2tdbBp9AKl9Ki8QABXsHDy2P9+DE
zY8iMU9+8ttPPKzD9ecMw61pDOhQx5shckXnu3tlkuTmFV3NK8+mwOHkA49AVJRM
JuHPgRGG0ImeJLx4/bbPNTBjyabY5n4+Y8UpT4jmwxQaheRjGdygBFZJebfB1rL3
HThoAVhWDDKQ7kO4YGPC5D0BNY8av+NmryuZLYxqBTsHNK42vN/I+BeuBQyNNqM=
-----END CERTIFICATE-----