Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/801f086c-7b67-4a26-ab6d-e406f93a1833.roa
File:                     801f086c-7b67-4a26-ab6d-e406f93a1833.roa (raw, json)
Hash identifier:          9NeNrWh6ZH9A/lLjB6x0BTr/Cg2vOeUxbODEs7Ls8Fs=
Subject key identifier:   96:42:C2:92:2E:0B:F9:D8:F8:79:7F:4F:21:85:05:92:CE:D3:77:2F
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       3955ED565248DD4FB75823A84CD1AC5B46C11568
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/801f086c-7b67-4a26-ab6d-e406f93a1833.roa
Signing time:             Thu 30 Oct 2025 23:23:51 +0000
ROA not before:           Thu 30 Oct 2025 23:23:51 +0000
ROA not after:            Thu 04 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:2cd8::/47 maxlen: 47
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 06 Nov 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:55:ed:56:52:48:dd:4f:b7:58:23:a8:4c:d1:ac:5b:46:c1:15:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Oct 30 23:23:51 2025 GMT
            Not After : Dec  4 23:59:59 2025 GMT
        Subject: serialNumber=0952d331d4366e9d737489db8dea4afc5e1346f397af979ec7e561266833bbdf, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:c1:09:b4:ad:6f:28:3f:51:1c:73:d3:98:9f:
                    19:fd:18:7b:be:fe:63:c3:c9:db:88:f3:e0:8d:c3:
                    06:e1:e6:f0:3d:c6:6c:15:4f:0a:b8:cf:cc:e5:aa:
                    b8:27:83:ca:a7:6a:01:04:51:86:fc:b0:15:3f:21:
                    8a:d4:02:2a:08:a2:b4:b2:16:44:ca:16:14:30:31:
                    ad:e6:50:0e:41:ed:e1:4b:b2:ae:ff:65:2c:28:63:
                    08:ee:f4:73:0b:5f:31:5a:2b:55:4e:e0:5a:27:99:
                    f8:73:a2:b1:83:8c:c1:41:df:96:56:1d:23:c5:ab:
                    8d:39:af:8e:c9:ea:7c:ba:c7:4f:da:b5:e0:6c:b9:
                    83:59:f0:d2:14:69:64:c1:f6:ec:a3:86:d9:95:16:
                    ec:42:b6:42:9e:05:19:cc:43:9b:7b:dd:de:80:d4:
                    bd:ab:72:58:78:de:dd:21:bb:79:cf:3c:09:e8:45:
                    75:60:b6:58:44:e8:c7:2a:f0:63:ef:dc:ad:ac:8c:
                    69:a4:45:53:b7:de:81:8d:ae:e8:ab:dc:65:16:8c:
                    38:a4:5b:f0:3a:5f:0e:9a:fc:78:98:e8:40:ba:a5:
                    1a:7e:11:45:cc:7c:be:58:0a:bd:63:02:72:2c:ad:
                    b5:9c:4e:71:fb:80:04:db:f5:90:a3:49:66:52:8e:
                    41:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:42:C2:92:2E:0B:F9:D8:F8:79:7F:4F:21:85:05:92:CE:D3:77:2F
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/801f086c-7b67-4a26-ab6d-e406f93a1833.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:2cd8::/47

    Signature Algorithm: sha256WithRSAEncryption
         52:6c:9d:0d:e5:3b:5f:e2:d6:01:74:e8:91:c2:bf:31:eb:e2:
         ab:b8:b2:76:90:bb:b2:90:8d:3f:58:aa:7e:8a:e3:f0:2c:61:
         06:77:38:1e:52:d5:e5:df:c5:2c:7b:29:15:a1:39:d8:10:0e:
         ec:2a:32:95:34:18:11:38:67:60:4d:46:07:a9:b9:80:e5:6d:
         86:d4:11:be:ac:8b:a3:1a:c8:10:9a:ac:66:e5:ca:77:fe:3e:
         43:7f:ee:bb:53:91:95:b2:5b:21:c9:6c:45:9f:1f:6f:28:2d:
         d5:bb:a2:b1:01:b4:6c:cd:9b:b6:27:c6:eb:f8:05:85:6d:dd:
         22:03:57:fe:3e:98:0f:a8:1d:ef:eb:6a:0b:88:43:7d:b0:61:
         aa:87:a8:af:f2:ad:0f:22:9b:cd:0e:4e:63:1c:4d:cc:61:a8:
         34:66:d8:be:c3:59:ff:fa:1a:98:86:1e:0a:b1:50:96:b2:74:
         cf:93:55:79:89:5e:4c:7b:52:20:7d:12:02:74:e4:42:e7:65:
         47:96:26:8a:4f:74:1d:30:3a:aa:d5:32:fa:76:7c:e4:f7:4e:
         28:ab:bc:95:0f:94:57:05:4b:fd:4e:38:bb:06:84:d1:2a:14:
         16:9b:3e:85:39:e3:c8:ae:13:ee:99:d5:61:e8:af:44:18:57:
         64:e9:35:09
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUOVXtVlJI3U+3WCOoTNGsW0bBFWgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjUxMDMwMjMyMzUxWhcNMjUxMjA0MjM1OTU5
WjB6MUkwRwYDVQQFE0AwOTUyZDMzMWQ0MzY2ZTlkNzM3NDg5ZGI4ZGVhNGFmYzVl
MTM0NmYzOTdhZjk3OWVjN2U1NjEyNjY4MzNiYmRmMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzwQm0rW8oP1Ecc9OYnxn9GHu+/mPDyduI8+CNwwbh5vA9
xmwVTwq4z8zlqrgng8qnagEEUYb8sBU/IYrUAioIorSyFkTKFhQwMa3mUA5B7eFL
sq7/ZSwoYwju9HMLXzFaK1VO4FonmfhzorGDjMFB35ZWHSPFq405r47J6ny6x0/a
teBsuYNZ8NIUaWTB9uyjhtmVFuxCtkKeBRnMQ5t73d6A1L2rclh43t0hu3nPPAno
RXVgtlhE6Mcq8GPv3K2sjGmkRVO33oGNruir3GUWjDikW/A6Xw6a/HiY6EC6pRp+
EUXMfL5YCr1jAnIsrbWcTnH7gATb9ZCjSWZSjkFtAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUlkLCki4L+dj4eX9PIYUFks7Tdy8wHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzgwMWYwODZjLTdiNjctNGEyNi1hYjZkLWU0MDZmOTNhMTgzMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAJAALNgwDQYJKoZIhvcNAQELBQADggEBAFJsnQ3lO1/i1gF06JHCvzHr
4qu4snaQu7KQjT9Yqn6K4/AsYQZ3OB5S1eXfxSx7KRWhOdgQDuwqMpU0GBE4Z2BN
RgepuYDlbYbUEb6si6MayBCarGblynf+PkN/7rtTkZWyWyHJbEWfH28oLdW7orEB
tGzNm7Ynxuv4BYVt3SIDV/4+mA+oHe/raguIQ32wYaqHqK/yrQ8im80OTmMcTcxh
qDRm2L7DWf/6GpiGHgqxUJaydM+TVXmJXkx7UiB9EgJ05ELnZUeWJopPdB0wOqrV
Mvp2fOT3TiirvJUPlFcFS/1OOLsGhNEqFBabPoU548iuE+6Z1WHor0QYV2TpNQk=
-----END CERTIFICATE-----