Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/9318efc3-4d3a-413f-86c6-169a71d2eccb.roa
File:                     9318efc3-4d3a-413f-86c6-169a71d2eccb.roa (raw, json)
Hash identifier:          iPw4oozsUd+vRi0i+2m0B2EDEyxDyE9IldOJARH41Qk=
Subject key identifier:   D7:51:BA:22:9C:F5:E4:30:2F:25:EC:9A:6A:77:7B:4B:23:7A:09:5E
Certificate issuer:       /CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d
Certificate serial:       622E545FE99C18E9F9B4FC7C09E43AE9C869BF12
Authority key identifier: 7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/9318efc3-4d3a-413f-86c6-169a71d2eccb.roa
Signing time:             Tue 04 Nov 2025 00:10:07 +0000
ROA not before:           Tue 04 Nov 2025 00:10:07 +0000
ROA not after:            Tue 09 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:b140::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 06 Nov 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:2e:54:5f:e9:9c:18:e9:f9:b4:fc:7c:09:e4:3a:e9:c8:69:bf:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d
        Validity
            Not Before: Nov  4 00:10:07 2025 GMT
            Not After : Dec  9 23:59:59 2025 GMT
        Subject: serialNumber=9135233153ee07a9c72afd8fde1f399d8eb01f41401f72384f3402c4c03b2b9a, CN=b0dbbb6a-5472-4b68-ae4d-401518603039
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:65:be:2e:c0:cb:0b:3e:38:33:35:9d:72:5d:
                    3a:f3:72:de:2e:74:96:81:3f:2d:cf:70:b1:82:38:
                    c8:d2:37:dd:ff:c0:95:c3:bb:ff:a1:b4:6f:58:16:
                    62:60:3e:96:b0:82:4e:51:6e:07:8f:0b:0e:dd:7c:
                    d6:4a:d6:3a:f7:25:03:d8:89:55:3d:a3:4d:31:aa:
                    01:3c:0b:31:a1:b0:f1:60:cc:74:06:7f:b1:be:f5:
                    72:03:a7:62:5e:f4:6b:a4:1d:90:75:57:63:ee:47:
                    46:68:74:6f:9a:b2:0e:f0:bd:ff:64:38:83:c8:5f:
                    9c:e0:88:40:a3:58:d1:2f:82:b0:26:33:ce:12:4a:
                    7c:b0:27:67:91:2f:18:49:b4:26:5a:31:93:c6:e7:
                    3f:69:a3:cf:e4:3a:da:58:09:0c:c5:9a:75:ca:68:
                    eb:6c:69:4d:e5:c7:e4:f0:d2:15:3c:ea:0f:bc:da:
                    24:d6:2a:80:a0:f1:6d:95:e4:b9:25:61:b4:05:a5:
                    98:13:62:ca:ce:77:68:15:76:b7:ab:1e:7b:c7:3d:
                    a5:5e:4d:e4:d6:f6:b9:2d:e3:7b:aa:0f:be:45:67:
                    e3:8e:ea:13:0a:3f:da:ba:d3:da:84:54:2c:e5:45:
                    ca:2d:7d:c4:01:24:18:c2:1a:ec:16:11:01:8a:e9:
                    03:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:51:BA:22:9C:F5:E4:30:2F:25:EC:9A:6A:77:7B:4B:23:7A:09:5E
            X509v3 Authority Key Identifier:
                keyid:7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/9318efc3-4d3a-413f-86c6-169a71d2eccb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:b140::/32

    Signature Algorithm: sha256WithRSAEncryption
         13:7d:44:35:c9:c6:1d:b1:ab:6b:fa:e0:49:de:cc:d0:44:21:
         c4:c0:0b:ba:89:f9:fd:7e:8a:e8:b8:e7:fb:f4:a8:e1:99:94:
         96:25:78:35:95:13:bb:6e:a7:be:dc:8a:c8:a2:25:c3:b6:fc:
         b9:99:33:3d:de:bb:6d:59:31:44:f8:2e:a5:6d:8f:87:5d:12:
         28:b5:44:23:e5:ea:a2:a4:94:47:16:20:0f:76:9e:a7:d2:b0:
         65:fc:db:14:b6:db:47:95:31:cb:ed:f0:e3:c7:4a:9a:8e:bc:
         c6:68:c9:c4:6e:f1:42:ce:75:01:4e:20:74:fe:58:fc:40:b5:
         41:28:fc:ad:81:89:11:9e:90:1f:58:4b:cd:c0:c2:eb:b8:9e:
         d5:82:2e:76:96:ec:d7:b2:62:02:98:44:69:5d:1e:35:46:45:
         65:83:14:ca:5f:a1:50:de:c1:cf:e9:88:96:9c:1f:a1:72:40:
         bb:9f:47:83:55:53:87:d7:23:7d:3a:ab:db:a2:e5:79:40:46:
         66:79:d5:12:e7:34:62:8b:76:9c:f7:95:39:1b:97:14:db:4a:
         af:fe:11:0c:10:44:e3:c5:ee:87:2a:9f:f3:1d:83:a2:6d:14:
         b6:a8:35:e5:69:82:3c:89:e6:5b:a2:a3:a7:da:43:7e:a8:f0:
         14:57:09:f6
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUYi5UX+mcGOn5tPx8CeQ66chpvxIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMGVlNDU4M2Q4NGQ5YjRmMDgyNGNiODBiYThmYzEyNDBi
NDc5NGI1MTUwNzFlOTc1MWQwHhcNMjUxMTA0MDAxMDA3WhcNMjUxMjA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A5MTM1MjMzMTUzZWUwN2E5YzcyYWZkOGZkZTFmMzk5ZDhl
YjAxZjQxNDAxZjcyMzg0ZjM0MDJjNGMwM2IyYjlhMS0wKwYDVQQDEyRiMGRiYmI2
YS01NDcyLTRiNjgtYWU0ZC00MDE1MTg2MDMwMzkwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5Zb4uwMsLPjgzNZ1yXTrzct4udJaBPy3PcLGCOMjSN93/
wJXDu/+htG9YFmJgPpawgk5RbgePCw7dfNZK1jr3JQPYiVU9o00xqgE8CzGhsPFg
zHQGf7G+9XIDp2Je9GukHZB1V2PuR0ZodG+asg7wvf9kOIPIX5zgiECjWNEvgrAm
M84SSnywJ2eRLxhJtCZaMZPG5z9po8/kOtpYCQzFmnXKaOtsaU3lx+Tw0hU86g+8
2iTWKoCg8W2V5LklYbQFpZgTYsrOd2gVdrerHnvHPaVeTeTW9rkt43uqD75FZ+OO
6hMKP9q609qEVCzlRcotfcQBJBjCGuwWEQGK6QMbAgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQU11G6Ipz15DAvJeyaand7SyN6CV4wHwYDVR0jBBgwFoAUfYRHxJeKC0xz
m+v2kuJMdd0/vK4wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9iNGU0ZmVjNS0z
NTEwLTQwMTctOTBlZi04MzkxNDEyZWNkNmMvMGVlNDU4M2Q4NGQ5YjRmMDgyNGNi
ODBiYThmYzEyNDBiNDc5NGI1MTUwNzFlOTc1MWQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZGZkN2Y2ZDMtZTZlOS00OTg3LTlhZTctZDA1
MmM1MzUzODk4LzkzMThlZmMzLTRkM2EtNDEzZi04NmM2LTE2OWE3MWQyZWNjYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2RmZDdmNmQzLWU2ZTktNDk4Ny05YWU3
LWQwNTJjNTM1Mzg5OC8yYlR3Z2t5NEM2ajhFa0MwZVV0UlVISHBkUjAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAmBbFAMA0GCSqGSIb3DQEBCwUAA4IBAQATfUQ1ycYdsatr+uBJ3szQRCHE
wAu6ifn9forouOf79KjhmZSWJXg1lRO7bqe+3IrIoiXDtvy5mTM93rttWTFE+C6l
bY+HXRIotUQj5eqipJRHFiAPdp6n0rBl/NsUtttHlTHL7fDjx0qajrzGaMnEbvFC
znUBTiB0/lj8QLVBKPytgYkRnpAfWEvNwMLruJ7Vgi52luzXsmICmERpXR41RkVl
gxTKX6FQ3sHP6YiWnB+hckC7n0eDVVOH1yN9OqvbouV5QEZmedUS5zRii3ac95U5
G5cU20qv/hEMEETjxe6HKp/zHYOibRS2qDXlaYI8ieZboqOn2kN+qPAUVwn2
-----END CERTIFICATE-----