Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/0c492edd-c347-4b97-a816-01566f9d097b.roa
File:                     0c492edd-c347-4b97-a816-01566f9d097b.roa (raw, json)
Hash identifier:          Z3ZbWEWnpze5mFT7MHP92X0/ruVPZyW5cJmWjMYlvt0=
Subject key identifier:   57:12:25:6A:AA:8F:EA:81:83:1C:15:D6:F9:35:62:9B:E7:0F:C6:F9
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       4CDEB98C89977B0F14A3A941EE61ADC76002808C
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/0c492edd-c347-4b97-a816-01566f9d097b.roa
Signing time:             Tue 01 Jul 2025 00:20:31 +0000
ROA not before:           Tue 01 Jul 2025 00:20:31 +0000
ROA not after:            Tue 05 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2606:f40:8000::/39 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:de:b9:8c:89:97:7b:0f:14:a3:a9:41:ee:61:ad:c7:60:02:80:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: Jul  1 00:20:31 2025 GMT
            Not After : Aug  5 23:59:59 2025 GMT
        Subject: serialNumber=2e62657e124f9c943c228e0d7500fbcb5ccbd90ccbeea002100d65d24f08d728, CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:9b:fd:72:41:d1:c7:ea:3f:ea:ad:a8:62:2c:
                    56:0e:a1:55:a8:95:64:da:b1:58:7c:59:d7:87:bd:
                    4c:8b:70:f8:f9:00:43:f1:c3:e2:e0:3f:a6:40:ba:
                    92:a6:43:f6:76:5f:77:e5:ae:87:bf:bc:7a:71:07:
                    3c:69:cb:8e:32:41:86:ac:3e:cb:a5:40:59:2e:b9:
                    84:e0:65:98:45:a0:81:e9:ee:1a:9a:15:f8:e5:61:
                    60:4b:48:55:8e:88:53:3e:b5:6f:33:fb:0c:70:5f:
                    35:53:86:5a:54:ca:78:c5:68:c5:99:c5:67:83:5e:
                    74:f2:4d:48:bf:ed:80:bc:7e:a8:51:dc:41:90:69:
                    4d:fa:d4:74:12:6a:88:46:73:87:9f:d7:fe:25:c6:
                    d9:77:34:63:8b:19:4d:d1:72:47:0b:04:f3:5d:5f:
                    dd:a5:7b:76:10:de:93:90:f4:e5:78:89:ef:03:f8:
                    52:64:c3:57:69:fb:b2:57:0a:87:63:bc:6f:4c:04:
                    b2:4b:40:6b:2f:3b:17:de:78:f5:36:e6:da:60:53:
                    a4:65:51:24:8d:71:f9:aa:f2:e6:43:6f:b9:9c:98:
                    e8:af:77:88:b2:0e:12:40:2f:e7:7f:71:e1:25:c0:
                    3c:44:f2:ff:80:9a:02:51:b6:f6:35:97:fe:52:06:
                    e9:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:12:25:6A:AA:8F:EA:81:83:1C:15:D6:F9:35:62:9B:E7:0F:C6:F9
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/0c492edd-c347-4b97-a816-01566f9d097b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         55:40:cd:d7:3c:78:eb:e9:b3:ca:f3:81:b3:d0:eb:11:af:e9:
         98:44:65:3a:c4:e7:58:0d:07:f4:f1:09:47:8e:0a:1b:6f:dc:
         9e:8f:36:26:c6:90:4a:6a:42:0b:21:c1:8a:da:db:1e:9b:ed:
         2c:67:cf:ad:a2:24:bc:62:17:56:97:98:ae:8a:cc:c5:47:96:
         07:56:fa:10:31:26:ea:7e:8c:d0:7a:e4:c5:36:57:87:66:79:
         d5:fc:eb:be:b5:6f:b4:f3:24:cc:e4:3c:a4:f3:b6:a1:02:0e:
         28:32:23:3c:6b:77:bb:cc:0f:cd:db:3d:0c:c3:ba:9e:4b:a4:
         9c:b0:51:de:bd:70:70:47:3c:c1:a0:42:6e:a4:c2:0f:2b:e0:
         35:42:51:03:8c:c7:92:e2:a7:e6:8d:bd:63:0d:aa:ca:fd:f8:
         21:48:c6:62:17:f0:ed:06:e2:30:f6:aa:c8:a9:81:f6:ce:3f:
         79:10:53:3c:9e:82:5c:24:dc:ea:f0:17:e3:6c:e4:aa:2e:69:
         d0:10:de:bc:3d:fa:2f:a6:f5:59:8b:10:08:a5:65:01:e2:9e:
         7b:63:0f:1d:53:3d:d2:33:8e:1a:d8:87:9e:85:61:47:92:da:
         a6:c6:17:1b:2d:55:13:41:7f:eb:cd:6a:36:2d:28:78:6b:1b:
         d7:ce:d3:40
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUTN65jImXew8Uo6lB7mGtx2ACgIwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjUwNzAxMDAyMDMxWhcNMjUwODA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AyZTYyNjU3ZTEyNGY5Yzk0M2MyMjhlMGQ3NTAwZmJjYjVj
Y2JkOTBjY2JlZWEwMDIxMDBkNjVkMjRmMDhkNzI4MS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCIm/1yQdHH6j/qrahiLFYOoVWolWTasVh8WdeHvUyLcPj5
AEPxw+LgP6ZAupKmQ/Z2X3flroe/vHpxBzxpy44yQYasPsulQFkuuYTgZZhFoIHp
7hqaFfjlYWBLSFWOiFM+tW8z+wxwXzVThlpUynjFaMWZxWeDXnTyTUi/7YC8fqhR
3EGQaU361HQSaohGc4ef1/4lxtl3NGOLGU3RckcLBPNdX92le3YQ3pOQ9OV4ie8D
+FJkw1dp+7JXCodjvG9MBLJLQGsvOxfeePU25tpgU6RlUSSNcfmq8uZDb7mcmOiv
d4iyDhJAL+d/ceElwDxE8v+AmgJRtvY1l/5SBul3AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUVxIlaqqP6oGDHBXW+TVim+cPxvkwHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjLzBjNDkyZWRkLWMzNDctNGI5Ny1hODE2LTAxNTY2ZjlkMDk3Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmBg9AgDANBgkqhkiG9w0BAQsFAAOCAQEAVUDN1zx46+mzyvOBs9DrEa/p
mERlOsTnWA0H9PEJR44KG2/cno82JsaQSmpCCyHBitrbHpvtLGfPraIkvGIXVpeY
rorMxUeWB1b6EDEm6n6M0HrkxTZXh2Z51fzrvrVvtPMkzOQ8pPO2oQIOKDIjPGt3
u8wPzds9DMO6nkuknLBR3r1wcEc8waBCbqTCDyvgNUJRA4zHkuKn5o29Yw2qyv34
IUjGYhfw7QbiMPaqyKmB9s4/eRBTPJ6CXCTc6vAX42zkqi5p0BDevD36L6b1WYsQ
CKVlAeKee2MPHVM90jOOGtiHnoVhR5LapsYXGy1VE0F/681qNi0oeGsb187TQA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:48:43 2025 by rpki-client