Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/bda33800-108d-4eb7-bbc8-f1f3a5a088e0.roa
File:                     bda33800-108d-4eb7-bbc8-f1f3a5a088e0.roa (raw, json)
Hash identifier:          is2iumUnAUJxcK5MqnZAFNinyqtx9vLx2ax1922lSMY=
Subject key identifier:   80:D4:61:A8:C3:65:BB:8D:49:F4:EC:85:31:40:0D:98:02:7E:8F:FD
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       79783626FE7856C35475F94A35EE2DE5B86AFC5E
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/bda33800-108d-4eb7-bbc8-f1f3a5a088e0.roa
Signing time:             Tue 21 Oct 2025 13:00:22 +0000
ROA not before:           Tue 21 Oct 2025 13:00:22 +0000
ROA not after:            Tue 25 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f0:5519::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 06 Nov 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:78:36:26:fe:78:56:c3:54:75:f9:4a:35:ee:2d:e5:b8:6a:fc:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Oct 21 13:00:22 2025 GMT
            Not After : Nov 25 23:59:59 2025 GMT
        Subject: serialNumber=f6984b4bae0d4b3b7ca05232a1977143cce2c77af41461d7c114435a6bbb194e, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:a7:26:c9:0c:b3:27:31:3b:d5:c4:df:c8:25:
                    21:70:61:34:e7:c6:22:c1:bb:9e:c4:94:98:d2:85:
                    6d:29:9f:5c:24:63:d5:bf:64:50:cf:67:95:7f:c9:
                    56:62:d9:ac:2a:e2:76:40:7c:62:87:c1:fb:33:ce:
                    d5:64:13:6c:bc:db:66:4f:8b:3a:e4:a8:e7:e5:c4:
                    70:92:1d:98:0d:2b:0b:98:cf:84:67:e8:b8:78:02:
                    b7:52:b4:e0:e2:83:a1:23:43:2f:10:5d:26:ad:77:
                    83:2e:c8:ec:a0:cc:5c:02:f0:cc:59:91:22:5b:e1:
                    c7:0f:a8:70:a6:51:d9:11:51:a0:36:b6:8b:a5:77:
                    02:23:e9:ae:8a:c2:3f:ef:b6:1d:f1:12:47:c6:31:
                    7b:43:77:8a:8d:85:86:d2:80:61:45:e9:30:02:a3:
                    98:9c:c7:5d:83:1c:ad:1a:da:f9:43:4e:07:44:91:
                    8b:95:a7:a5:8c:9b:89:b2:69:3d:c2:58:a3:1a:4d:
                    9f:62:ab:30:3b:e2:34:f8:97:6f:5e:67:fd:a6:9d:
                    0e:db:3d:b8:0a:68:6f:99:c1:f2:f0:94:73:77:16:
                    d5:d6:39:b8:e9:d5:b1:0f:eb:ac:df:0c:b6:58:a2:
                    03:e9:85:46:0d:27:05:4f:45:9b:43:86:34:30:68:
                    aa:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:D4:61:A8:C3:65:BB:8D:49:F4:EC:85:31:40:0D:98:02:7E:8F:FD
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/bda33800-108d-4eb7-bbc8-f1f3a5a088e0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:5519::/48

    Signature Algorithm: sha256WithRSAEncryption
         9c:60:5d:df:3f:10:8b:96:1c:e0:05:f6:7b:05:a3:0c:ca:d4:
         fa:65:48:c7:0f:d3:6c:6e:32:09:45:80:41:c0:87:8b:e2:b0:
         af:74:41:46:76:d8:18:87:8b:3e:8f:74:f2:95:6b:d2:67:ca:
         e8:9b:87:c3:cd:af:02:f9:4d:8d:83:f1:21:75:23:7e:4c:b2:
         06:56:68:05:be:7a:19:89:2a:4c:10:23:5a:d6:13:6a:0f:0a:
         4e:43:25:a9:4c:fd:70:90:03:f5:61:40:9d:b8:f0:bb:6f:23:
         34:06:5d:ce:c8:7f:68:38:74:0b:2c:f6:9c:3f:ed:9f:1a:06:
         93:4e:5b:81:06:fe:ea:a7:70:99:54:da:fb:6d:f0:50:89:02:
         de:fd:c6:f4:21:d4:cf:25:b7:32:58:ec:eb:72:62:42:cb:06:
         78:0e:04:07:a5:9a:85:5a:ca:69:e5:4f:70:31:8f:be:21:68:
         0a:12:ca:06:04:1b:37:51:f8:09:0a:3c:d1:94:aa:ec:5c:4f:
         a7:12:f5:1c:b7:10:08:1f:2f:ec:4c:67:02:53:36:c3:0f:f5:
         91:28:cd:19:b8:ce:63:5a:6b:f8:99:10:f8:19:be:b5:7a:e3:
         f3:7f:85:9d:e5:f3:e5:c5:53:3c:44:76:45:b1:70:10:dc:67:
         ed:1d:ee:a4
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUeXg2Jv54VsNUdflKNe4t5bhq/F4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDIxMTMwMDIyWhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BmNjk4NGI0YmFlMGQ0YjNiN2NhMDUyMzJhMTk3NzE0M2Nj
ZTJjNzdhZjQxNDYxZDdjMTE0NDM1YTZiYmIxOTRlMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWpybJDLMnMTvVxN/IJSFwYTTnxiLBu57ElJjShW0pn1wk
Y9W/ZFDPZ5V/yVZi2awq4nZAfGKHwfszztVkE2y822ZPizrkqOflxHCSHZgNKwuY
z4Rn6Lh4ArdStODig6EjQy8QXSatd4MuyOygzFwC8MxZkSJb4ccPqHCmUdkRUaA2
touldwIj6a6Kwj/vth3xEkfGMXtDd4qNhYbSgGFF6TACo5icx12DHK0a2vlDTgdE
kYuVp6WMm4myaT3CWKMaTZ9iqzA74jT4l29eZ/2mnQ7bPbgKaG+ZwfLwlHN3FtXW
Objp1bEP66zfDLZYogPphUYNJwVPRZtDhjQwaKr/AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUgNRhqMNlu41J9OyFMUANmAJ+j/0wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2JkYTMzODAwLTEwOGQtNGViNy1iYmM4LWYxZjNhNWEwODhlMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVRkwDQYJKoZIhvcNAQELBQADggEBAJxgXd8/EIuWHOAF9nsFowzK
1PplSMcP02xuMglFgEHAh4visK90QUZ22BiHiz6PdPKVa9Jnyuibh8PNrwL5TY2D
8SF1I35MsgZWaAW+ehmJKkwQI1rWE2oPCk5DJalM/XCQA/VhQJ248LtvIzQGXc7I
f2g4dAss9pw/7Z8aBpNOW4EG/uqncJlU2vtt8FCJAt79xvQh1M8ltzJY7OtyYkLL
BngOBAelmoVaymnlT3Axj74haAoSygYEGzdR+AkKPNGUquxcT6cS9Ry3EAgfL+xM
ZwJTNsMP9ZEozRm4zmNaa/iZEPgZvrV64/N/hZ3l8+XFUzxEdkWxcBDcZ+0d7qQ=
-----END CERTIFICATE-----