Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/9318efc3-4d3a-413f-86c6-169a71d2eccb.roa
File:                     9318efc3-4d3a-413f-86c6-169a71d2eccb.roa (raw, json)
Hash identifier:          CbBnUWc/9eyuyEN8NhXTAr9BKjsBDi8ALrerOoWw9uc=
Subject key identifier:   E3:97:DA:2D:8E:D4:05:7B:D6:DC:7F:6C:B3:D9:B5:22:D8:BD:04:D2
Certificate issuer:       /CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d
Certificate serial:       2B4C2753738269FAE9AD0D8D95A3F03B3DD209A8
Authority key identifier: 7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/9318efc3-4d3a-413f-86c6-169a71d2eccb.roa
Signing time:             Sat 26 Jul 2025 00:20:42 +0000
ROA not before:           Sat 26 Jul 2025 00:20:42 +0000
ROA not after:            Sat 30 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:b140::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:4c:27:53:73:82:69:fa:e9:ad:0d:8d:95:a3:f0:3b:3d:d2:09:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d
        Validity
            Not Before: Jul 26 00:20:42 2025 GMT
            Not After : Aug 30 23:59:59 2025 GMT
        Subject: serialNumber=ab5c75d6454f7077444095bda406c7c880e3c38fc9d54491480fbf487efd86a8, CN=b0dbbb6a-5472-4b68-ae4d-401518603039
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:8c:f3:f5:ce:3a:fe:88:f6:37:7c:c4:2d:d7:
                    f0:57:92:2d:69:a4:42:8e:2c:6d:6e:4b:63:21:5b:
                    c8:56:7f:8e:91:06:e8:97:4b:ac:e8:54:5e:0e:80:
                    9a:ff:59:63:07:76:80:ab:c7:91:90:2d:eb:73:79:
                    92:7a:a4:b4:1a:f1:f7:08:87:7a:9a:39:52:d5:43:
                    df:d2:37:06:8b:35:4b:0f:dd:e0:08:20:82:26:06:
                    75:cf:17:c1:08:a4:4d:36:31:55:07:cf:96:37:2c:
                    69:f5:48:17:06:07:cb:6c:04:55:7a:49:83:02:29:
                    95:82:c5:17:25:b9:2e:38:43:59:e4:52:dc:f2:57:
                    5b:64:0e:b3:14:43:46:97:17:94:5e:18:a1:de:67:
                    71:0a:4d:1a:b4:bd:81:2d:9b:b8:bf:be:87:29:3e:
                    55:b0:53:cf:7e:36:4d:10:d0:f5:7b:37:76:d8:e3:
                    82:c5:8c:53:ec:d4:7e:93:34:3b:7a:2e:29:39:73:
                    45:4e:dd:cb:fc:f3:7b:cf:89:9f:c3:13:85:74:6c:
                    54:a2:53:29:ed:7a:ed:0a:6a:5e:de:30:20:2b:81:
                    07:9b:c0:c3:d9:66:4e:a4:5a:12:76:94:0d:de:0c:
                    91:9b:4e:76:f3:dc:9f:d6:78:01:ca:71:27:ee:fc:
                    8c:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:97:DA:2D:8E:D4:05:7B:D6:DC:7F:6C:B3:D9:B5:22:D8:BD:04:D2
            X509v3 Authority Key Identifier:
                keyid:7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/9318efc3-4d3a-413f-86c6-169a71d2eccb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:b140::/32

    Signature Algorithm: sha256WithRSAEncryption
         00:00:e0:a9:cd:47:70:f7:05:da:71:3b:ec:49:38:f0:6d:af:
         d0:e5:94:91:4b:70:06:e5:3b:10:90:45:61:cf:56:3e:10:28:
         45:0a:62:25:cc:d8:84:1c:82:9d:ac:3c:4a:cf:34:b9:46:44:
         bd:b3:26:d2:91:a7:aa:87:24:bd:1d:f4:bc:50:f6:68:a8:dd:
         79:3c:9a:60:5e:76:5a:98:5c:d1:d8:f5:88:66:a9:47:02:3a:
         56:58:a4:e4:ee:8b:44:a0:20:e0:4e:92:20:ca:b9:47:21:18:
         fb:79:86:ae:85:2f:ab:d2:59:ff:70:ed:f1:29:45:d3:76:fc:
         45:d5:11:c4:6b:40:be:27:49:f5:5d:ad:ba:2d:5c:2f:54:57:
         7a:56:ea:79:a3:21:28:0d:49:d8:1c:04:ee:cf:5f:ec:b0:0c:
         ed:f8:81:26:9f:61:c1:24:43:53:95:c3:e9:e6:ac:ba:44:83:
         91:f8:52:9b:6b:6d:47:1c:a6:33:06:d6:76:d9:50:e3:df:87:
         06:e2:30:88:33:0e:d6:47:a5:9c:a2:72:90:8d:1c:3a:e6:07:
         b8:9c:ee:f8:47:e4:94:12:6c:92:95:dd:62:ce:98:c8:e4:9c:
         61:9d:e9:74:b9:b3:9e:41:70:28:b0:99:59:ba:61:f6:6a:32:
         ed:a0:71:b2
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUK0wnU3OCafrprQ2NlaPwOz3SCagwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMGVlNDU4M2Q4NGQ5YjRmMDgyNGNiODBiYThmYzEyNDBi
NDc5NGI1MTUwNzFlOTc1MWQwHhcNMjUwNzI2MDAyMDQyWhcNMjUwODMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BhYjVjNzVkNjQ1NGY3MDc3NDQ0MDk1YmRhNDA2YzdjODgw
ZTNjMzhmYzlkNTQ0OTE0ODBmYmY0ODdlZmQ4NmE4MS0wKwYDVQQDEyRiMGRiYmI2
YS01NDcyLTRiNjgtYWU0ZC00MDE1MTg2MDMwMzkwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOjPP1zjr+iPY3fMQt1/BXki1ppEKOLG1uS2MhW8hWf46R
BuiXS6zoVF4OgJr/WWMHdoCrx5GQLetzeZJ6pLQa8fcIh3qaOVLVQ9/SNwaLNUsP
3eAIIIImBnXPF8EIpE02MVUHz5Y3LGn1SBcGB8tsBFV6SYMCKZWCxRcluS44Q1nk
UtzyV1tkDrMUQ0aXF5ReGKHeZ3EKTRq0vYEtm7i/vocpPlWwU89+Nk0Q0PV7N3bY
44LFjFPs1H6TNDt6Lik5c0VO3cv883vPiZ/DE4V0bFSiUynteu0Kal7eMCArgQeb
wMPZZk6kWhJ2lA3eDJGbTnbz3J/WeAHKcSfu/IxXAgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQU45faLY7UBXvW3H9ss9m1Iti9BNIwHwYDVR0jBBgwFoAUfYRHxJeKC0xz
m+v2kuJMdd0/vK4wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9iNGU0ZmVjNS0z
NTEwLTQwMTctOTBlZi04MzkxNDEyZWNkNmMvMGVlNDU4M2Q4NGQ5YjRmMDgyNGNi
ODBiYThmYzEyNDBiNDc5NGI1MTUwNzFlOTc1MWQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZGZkN2Y2ZDMtZTZlOS00OTg3LTlhZTctZDA1
MmM1MzUzODk4LzkzMThlZmMzLTRkM2EtNDEzZi04NmM2LTE2OWE3MWQyZWNjYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2RmZDdmNmQzLWU2ZTktNDk4Ny05YWU3
LWQwNTJjNTM1Mzg5OC8yYlR3Z2t5NEM2ajhFa0MwZVV0UlVISHBkUjAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAmBbFAMA0GCSqGSIb3DQEBCwUAA4IBAQAAAOCpzUdw9wXacTvsSTjwba/Q
5ZSRS3AG5TsQkEVhz1Y+EChFCmIlzNiEHIKdrDxKzzS5RkS9sybSkaeqhyS9HfS8
UPZoqN15PJpgXnZamFzR2PWIZqlHAjpWWKTk7otEoCDgTpIgyrlHIRj7eYauhS+r
0ln/cO3xKUXTdvxF1RHEa0C+J0n1Xa26LVwvVFd6Vup5oyEoDUnYHATuz1/ssAzt
+IEmn2HBJENTlcPp5qy6RIOR+FKba21HHKYzBtZ22VDj34cG4jCIMw7WR6WconKQ
jRw65ge4nO74R+SUEmySld1izpjI5Jxhnel0ubOeQXAosJlZumH2ajLtoHGy
-----END CERTIFICATE-----