Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ab4b0199-6a63-46e2-9ecf-6c0bbea54035.roa
File:                     ab4b0199-6a63-46e2-9ecf-6c0bbea54035.roa (raw, json)
Hash identifier:          XroJGbrF+Oa+L7jtkOINvbvB4HJD0B0/GN9sNxr0+hQ=
Subject key identifier:   48:B3:15:8C:A0:28:7A:52:C8:C8:22:A6:04:4E:63:D5:D7:EF:E2:14
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       53F6FDDAB508AD3F6079DB43E26C5F079B70C587
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ab4b0199-6a63-46e2-9ecf-6c0bbea54035.roa
Signing time:             Tue 21 Oct 2025 12:50:48 +0000
ROA not before:           Tue 21 Oct 2025 12:50:48 +0000
ROA not after:            Tue 25 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:e600::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 06 Nov 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:f6:fd:da:b5:08:ad:3f:60:79:db:43:e2:6c:5f:07:9b:70:c5:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Oct 21 12:50:48 2025 GMT
            Not After : Nov 25 23:59:59 2025 GMT
        Subject: serialNumber=44b65f48f456e5039592aa33b30b602dc81cc138d3cba0eddd5269751c00ef9e, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:6b:23:da:cc:89:e9:ff:17:72:b8:11:73:2d:
                    6c:0d:06:4d:9f:40:29:75:c5:9f:45:7b:ec:a9:db:
                    14:3c:96:3b:e5:10:bc:ff:d1:54:79:9e:8f:2a:22:
                    8b:00:88:0b:b4:bd:73:db:9d:f8:7b:2e:4b:4d:9a:
                    ce:38:67:2f:f7:a0:2f:72:48:37:f4:6c:c9:18:91:
                    6d:1d:3d:bb:05:f2:5d:18:5c:96:d8:50:d5:de:65:
                    e3:63:ed:17:1a:cf:92:1b:b6:3e:8f:63:80:11:40:
                    35:4c:06:db:1c:45:2f:10:5b:82:20:ba:c1:64:ef:
                    87:ac:ab:a1:45:62:56:b7:e1:58:53:00:9a:91:7e:
                    ae:8e:da:02:6b:97:78:99:4a:02:96:3d:87:e1:bf:
                    14:8d:d5:f1:aa:b9:19:bb:7b:e8:3a:ce:62:ea:ac:
                    88:2b:67:3c:49:a5:7a:f7:7b:aa:c4:a1:70:6b:38:
                    d6:c8:3d:c1:4c:63:96:8e:fa:86:fc:d2:b8:db:65:
                    34:02:54:e1:2c:4b:90:6d:aa:ec:dd:a6:e6:e0:25:
                    e6:39:8c:5f:9b:0d:0e:d4:21:22:43:c6:10:f8:5b:
                    27:1d:97:99:b7:42:81:cb:64:16:25:11:08:3a:d1:
                    4c:4c:cc:23:b9:ff:0a:1f:99:e5:fb:ef:4d:0e:2c:
                    30:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:B3:15:8C:A0:28:7A:52:C8:C8:22:A6:04:4E:63:D5:D7:EF:E2:14
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ab4b0199-6a63-46e2-9ecf-6c0bbea54035.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:e600::/40

    Signature Algorithm: sha256WithRSAEncryption
         4f:58:24:11:9d:c4:61:66:b4:8d:4f:f2:95:fb:c6:c2:72:32:
         d8:0a:0e:20:d2:67:c8:4c:3c:3a:55:d0:9b:2c:d0:00:74:1b:
         1a:b3:ab:2c:00:b4:85:8e:33:5c:ed:e2:d8:d8:65:c6:e3:b2:
         77:6c:11:9e:e2:f8:d4:00:59:5c:21:ee:b9:34:f7:5b:f3:69:
         07:da:53:55:a5:2a:b5:0e:f5:c3:d3:41:5d:c3:f8:38:cc:2e:
         4d:96:43:a2:d0:23:55:fa:0d:43:20:9d:48:c5:3e:9d:b9:ce:
         cd:a8:80:a1:84:43:6d:ee:f6:82:22:d4:f2:ff:28:02:a2:1d:
         b1:e4:07:c2:d7:18:1e:26:2d:0d:33:23:41:6c:ff:44:82:77:
         57:09:2a:6d:cb:62:6e:36:24:ce:4b:3c:0c:04:d2:04:71:1b:
         f6:c7:a3:21:c8:ca:5d:cf:f6:fd:08:86:c3:97:6f:21:d7:7b:
         ff:bf:48:ed:65:1b:01:98:a7:08:f0:88:07:e4:50:49:d6:bc:
         50:b7:d9:ab:d2:47:af:a3:0e:fb:74:cc:fc:a3:c0:e2:2d:fe:
         a3:e3:7e:9d:80:22:06:d0:8b:aa:f5:11:67:1f:66:30:43:04:
         d8:45:2c:ba:ce:5c:dd:1b:67:4f:1c:6c:f8:23:b1:0a:f7:83:
         61:35:2e:52
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUU/b92rUIrT9gedtD4mxfB5twxYcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDIxMTI1MDQ4WhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NGI2NWY0OGY0NTZlNTAzOTU5MmFhMzNiMzBiNjAyZGM4
MWNjMTM4ZDNjYmEwZWRkZDUyNjk3NTFjMDBlZjllMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCWayPazInp/xdyuBFzLWwNBk2fQCl1xZ9Fe+yp2xQ8ljvl
ELz/0VR5no8qIosAiAu0vXPbnfh7LktNms44Zy/3oC9ySDf0bMkYkW0dPbsF8l0Y
XJbYUNXeZeNj7Rcaz5Ibtj6PY4ARQDVMBtscRS8QW4IgusFk74esq6FFYla34VhT
AJqRfq6O2gJrl3iZSgKWPYfhvxSN1fGquRm7e+g6zmLqrIgrZzxJpXr3e6rEoXBr
ONbIPcFMY5aO+ob80rjbZTQCVOEsS5BtquzdpubgJeY5jF+bDQ7UISJDxhD4Wycd
l5m3QoHLZBYlEQg60UxMzCO5/wofmeX7700OLDCLAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUSLMVjKAoelLIyCKmBE5j1dfv4hQwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2FiNGIwMTk5LTZhNjMtNDZlMi05ZWNmLTZjMGJiZWE1NDAzNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPD75jANBgkqhkiG9w0BAQsFAAOCAQEAT1gkEZ3EYWa0jU/ylfvGwnIy
2AoOINJnyEw8OlXQmyzQAHQbGrOrLAC0hY4zXO3i2NhlxuOyd2wRnuL41ABZXCHu
uTT3W/NpB9pTVaUqtQ71w9NBXcP4OMwuTZZDotAjVfoNQyCdSMU+nbnOzaiAoYRD
be72giLU8v8oAqIdseQHwtcYHiYtDTMjQWz/RIJ3VwkqbctibjYkzks8DATSBHEb
9sejIcjKXc/2/QiGw5dvIdd7/79I7WUbAZinCPCIB+RQSda8ULfZq9JHr6MO+3TM
/KPA4i3+o+N+nYAiBtCLqvURZx9mMEME2EUsus5c3RtnTxxs+COxCveDYTUuUg==
-----END CERTIFICATE-----