Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/34a8f046-03ce-4f81-9e6e-d50a3b00d8cd.roa
File:                     34a8f046-03ce-4f81-9e6e-d50a3b00d8cd.roa (raw, json)
Hash identifier:          YTTs0W1mONrPsoLM0CERnYzPeNtspENngBg+qI5zISc=
Subject key identifier:   21:E8:57:1A:88:B9:D4:9C:FD:61:F4:62:7A:25:A5:9C:20:8E:B6:3B
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       669B234BEBEAE83EF504A2057C05D019596892E4
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/34a8f046-03ce-4f81-9e6e-d50a3b00d8cd.roa
Signing time:             Fri 31 Oct 2025 06:22:13 +0000
ROA not before:           Fri 31 Oct 2025 06:22:13 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:3d58::/45 maxlen: 45
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 06 Nov 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:9b:23:4b:eb:ea:e8:3e:f5:04:a2:05:7c:05:d0:19:59:68:92:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Oct 31 06:22:13 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=9512a9a1b1b0c1e049a62c7d9725b9fb65f9db8eccf40bb5f6a757097c6d0cde, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:46:eb:10:1b:b6:b9:fa:35:f3:a6:fa:5f:61:
                    34:27:4c:b5:08:3c:dc:63:c8:e6:9d:6e:60:2d:fd:
                    42:ed:50:e4:a5:90:06:39:16:ed:90:eb:1a:63:cc:
                    9e:71:da:e0:ca:ce:84:9f:11:fe:71:6d:00:e8:b0:
                    da:98:5c:83:2b:5e:85:67:59:40:e8:fc:59:33:4c:
                    de:98:45:cc:50:01:8c:76:c4:7c:37:b5:f9:01:40:
                    8b:c9:ba:49:06:15:b8:14:a3:cf:38:1d:12:09:5a:
                    97:88:62:67:f4:7c:1e:3b:87:00:b1:cc:2e:2a:68:
                    50:e9:60:a2:1f:52:73:cf:ac:c5:e2:88:0a:a4:65:
                    e8:bf:7a:d1:63:c9:49:7c:e1:40:80:6a:15:43:18:
                    88:f4:7c:da:30:b1:af:4b:8f:8e:ca:05:5e:49:1f:
                    d2:17:ed:7d:49:c3:1f:4c:53:e6:49:03:8f:a9:c0:
                    41:db:b2:31:e9:e4:7b:fd:97:98:59:40:5d:30:dd:
                    75:2d:0a:66:1e:85:9d:97:af:9a:18:c2:47:6b:cd:
                    7f:79:4f:c9:89:10:1f:17:a4:1e:ea:47:fb:ff:f1:
                    69:c7:42:29:4a:2b:63:be:5f:ac:83:3e:cf:d5:81:
                    53:9e:71:0a:a7:82:4c:4c:cf:dc:3f:d0:1f:f7:d3:
                    f1:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:E8:57:1A:88:B9:D4:9C:FD:61:F4:62:7A:25:A5:9C:20:8E:B6:3B
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/34a8f046-03ce-4f81-9e6e-d50a3b00d8cd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:3d58::/45

    Signature Algorithm: sha256WithRSAEncryption
         87:50:f0:55:ab:2b:27:f0:79:85:13:76:4e:f1:20:4c:1c:b2:
         fe:a8:44:7c:59:ef:c3:2c:9e:08:92:99:a5:e3:9a:26:c8:e3:
         c3:01:7f:73:67:de:14:d5:e5:bf:72:ca:4f:8d:86:ec:47:e2:
         47:dc:da:1a:77:af:cb:89:b5:27:d3:14:b4:65:51:b3:a8:70:
         7f:12:6e:4d:9b:1b:51:67:4c:d4:da:3d:f3:16:1f:37:2c:34:
         f0:da:ad:7c:a9:f4:ba:6d:e3:5c:f8:b3:94:5c:d5:1c:e7:17:
         d3:30:6e:92:5d:8d:cc:5b:76:96:6f:07:6d:c1:51:e3:8c:87:
         fd:39:1b:fe:42:86:ed:8d:22:0c:a3:d7:81:f6:9c:22:8f:c5:
         e8:54:87:f9:a4:5c:57:aa:2e:e0:cd:14:1d:98:e9:36:a3:6c:
         56:22:bb:82:fe:a5:99:8b:6e:ee:cd:1b:05:44:82:6a:0c:e2:
         62:a3:65:3d:5a:7f:aa:91:bc:a1:c3:ff:cb:bb:61:40:2b:90:
         73:ce:25:2e:fc:97:49:3e:b2:f8:80:e5:2b:00:e4:38:26:b2:
         39:7a:30:aa:01:fb:08:25:21:c4:b5:f9:c8:61:43:44:d2:f1:
         17:af:be:1c:20:5e:be:61:fe:16:2d:13:5d:69:4f:2b:9b:9c:
         75:cd:3c:9d
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUZpsjS+vq6D71BKIFfAXQGVlokuQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjUxMDMxMDYyMjEzWhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5NTEyYTlhMWIxYjBjMWUwNDlhNjJjN2Q5NzI1YjlmYjY1
ZjlkYjhlY2NmNDBiYjVmNmE3NTcwOTdjNmQwY2RlMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0RusQG7a5+jXzpvpfYTQnTLUIPNxjyOadbmAt/ULtUOSl
kAY5Fu2Q6xpjzJ5x2uDKzoSfEf5xbQDosNqYXIMrXoVnWUDo/FkzTN6YRcxQAYx2
xHw3tfkBQIvJukkGFbgUo884HRIJWpeIYmf0fB47hwCxzC4qaFDpYKIfUnPPrMXi
iAqkZei/etFjyUl84UCAahVDGIj0fNowsa9Lj47KBV5JH9IX7X1Jwx9MU+ZJA4+p
wEHbsjHp5Hv9l5hZQF0w3XUtCmYehZ2Xr5oYwkdrzX95T8mJEB8XpB7qR/v/8WnH
QilKK2O+X6yDPs/VgVOecQqngkxMz9w/0B/30/GxAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUIehXGoi51Jz9YfRieiWlnCCOtjswHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzM0YThmMDQ2LTAzY2UtNGY4MS05ZTZlLWQ1MGEzYjAwZDhjZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwMmAJAAPVgwDQYJKoZIhvcNAQELBQADggEBAIdQ8FWrKyfweYUTdk7xIEwc
sv6oRHxZ78MsngiSmaXjmibI48MBf3Nn3hTV5b9yyk+NhuxH4kfc2hp3r8uJtSfT
FLRlUbOocH8Sbk2bG1FnTNTaPfMWHzcsNPDarXyp9Lpt41z4s5Rc1RznF9MwbpJd
jcxbdpZvB23BUeOMh/05G/5Chu2NIgyj14H2nCKPxehUh/mkXFeqLuDNFB2Y6Taj
bFYiu4L+pZmLbu7NGwVEgmoM4mKjZT1af6qRvKHD/8u7YUArkHPOJS78l0k+sviA
5SsA5Dgmsjl6MKoB+wglIcS1+chhQ0TS8RevvhwgXr5h/hYtE11pTyubnHXNPJ0=
-----END CERTIFICATE-----