Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/6ba0c1f3-2b2e-4d8a-bef1-52e07a4a5a4e.roa
File:                     6ba0c1f3-2b2e-4d8a-bef1-52e07a4a5a4e.roa (raw, json)
Hash identifier:          46th1UV0BqsJzs9k47TkhBOMhrDTG05slVV1Xi4fHZ4=
Subject key identifier:   BB:36:ED:40:A3:6B:B5:2A:D4:93:DC:E9:EC:0B:41:37:64:EB:9A:3C
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       226C57C84FFBE816EDAF3573AC6D6ECAC41B078F
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/6ba0c1f3-2b2e-4d8a-bef1-52e07a4a5a4e.roa
Signing time:             Mon 21 Jul 2025 16:00:14 +0000
ROA not before:           Mon 21 Jul 2025 16:00:14 +0000
ROA not after:            Mon 25 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2606:f40:fffe::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 07:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:6c:57:c8:4f:fb:e8:16:ed:af:35:73:ac:6d:6e:ca:c4:1b:07:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: Jul 21 16:00:14 2025 GMT
            Not After : Aug 25 23:59:59 2025 GMT
        Subject: serialNumber=b961b6e55983830c07f2a4578aa59ef7bf095862d9c2c8d918fc7ba1c3e84913, CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:66:bb:68:51:61:11:b5:94:f5:9b:28:29:ce:
                    c1:d8:c5:84:22:8a:3a:3b:a5:29:d3:ba:49:c5:04:
                    e8:f8:9f:5c:ee:52:f0:ef:9e:81:7c:a6:a0:2d:c2:
                    0a:89:1f:8c:28:bf:87:04:d1:1f:2e:c4:e7:17:27:
                    64:8d:57:26:54:f6:62:54:e1:80:5c:60:16:d8:a3:
                    8d:99:30:14:71:ef:6e:e3:b2:b6:28:dc:d5:81:35:
                    04:15:b1:56:b5:b7:c9:8d:4b:a5:03:a8:f8:66:7b:
                    f4:b8:f6:e1:ac:1e:32:9e:c2:87:76:98:52:09:d7:
                    39:22:0e:9b:c3:c7:05:68:10:c0:b2:20:a6:1c:4e:
                    f4:78:3b:c1:53:e0:0d:a5:09:77:ed:3b:e3:bf:ad:
                    7e:fd:12:e3:4d:05:01:de:ff:15:d1:3a:91:c9:b2:
                    7e:b7:09:af:1e:49:c9:cf:df:e5:cb:f2:b3:74:98:
                    c6:98:d2:fb:be:78:a5:36:3a:2b:38:ff:35:f2:8f:
                    c7:d1:b9:29:4e:48:d6:d2:ce:df:48:5f:b6:47:1b:
                    fb:08:f9:fc:77:74:90:bf:8a:7a:66:b6:44:be:3a:
                    6e:ea:ec:22:75:bc:60:5a:08:ab:13:9b:32:8c:d9:
                    8e:51:6f:5c:eb:5c:0e:b5:5e:6c:51:d7:6f:0b:f2:
                    11:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:36:ED:40:A3:6B:B5:2A:D4:93:DC:E9:EC:0B:41:37:64:EB:9A:3C
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/6ba0c1f3-2b2e-4d8a-bef1-52e07a4a5a4e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40:fffe::/48

    Signature Algorithm: sha256WithRSAEncryption
         7e:3c:6a:81:86:fc:e5:d2:ab:29:00:05:d4:2a:e9:01:bb:89:
         ca:0f:41:92:5c:b3:c5:dc:30:e8:59:1a:52:1b:02:97:1a:4f:
         5d:c8:1d:ea:1f:3d:2e:15:96:b8:1d:af:85:2f:88:56:a9:a6:
         98:c4:41:44:24:9f:ae:61:4e:c3:12:e7:8d:0d:e1:a6:d1:f3:
         25:fc:e0:14:d9:b3:f0:4b:f8:a4:cf:01:54:9b:c4:d2:f8:a9:
         2c:3c:d6:a7:5b:fe:c4:26:1e:1c:10:c5:4b:66:70:e6:23:9a:
         ec:ba:a5:95:c9:cb:74:cb:38:90:cf:48:87:4e:d7:67:c1:aa:
         08:3b:02:cf:06:69:c2:d0:f7:f2:1a:4c:ae:b4:35:ab:66:87:
         2d:3e:74:a5:51:6b:e3:0e:de:ac:18:bb:3f:1f:c4:d0:bc:86:
         73:84:5c:12:ba:db:e7:b2:b7:0c:b3:14:d9:40:46:9a:90:46:
         cd:6a:f4:c5:95:1f:f7:e7:c0:56:cb:ae:b3:3f:36:f1:55:4c:
         0d:5e:63:2c:83:2d:ae:d5:4b:b6:e9:ec:5f:0d:0e:1b:75:cb:
         ac:65:80:d9:8b:ed:00:5e:c0:9d:cf:c7:c3:8a:8d:ff:6e:0d:
         3f:a9:1d:b1:95:c6:b1:d1:a4:a6:ab:51:f7:59:4a:93:90:cb:
         03:2b:c7:fe
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUImxXyE/76BbtrzVzrG1uysQbB48wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjUwNzIxMTYwMDE0WhcNMjUwODI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BiOTYxYjZlNTU5ODM4MzBjMDdmMmE0NTc4YWE1OWVmN2Jm
MDk1ODYyZDljMmM4ZDkxOGZjN2JhMWMzZTg0OTEzMS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDhZrtoUWERtZT1mygpzsHYxYQiijo7pSnTuknFBOj4n1zu
UvDvnoF8pqAtwgqJH4wov4cE0R8uxOcXJ2SNVyZU9mJU4YBcYBbYo42ZMBRx727j
srYo3NWBNQQVsVa1t8mNS6UDqPhme/S49uGsHjKewod2mFIJ1zkiDpvDxwVoEMCy
IKYcTvR4O8FT4A2lCXftO+O/rX79EuNNBQHe/xXROpHJsn63Ca8eScnP3+XL8rN0
mMaY0vu+eKU2Ois4/zXyj8fRuSlOSNbSzt9IX7ZHG/sI+fx3dJC/inpmtkS+Om7q
7CJ1vGBaCKsTmzKM2Y5Rb1zrXA61XmxR128L8hF1AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUuzbtQKNrtSrUk9zp7AtBN2TrmjwwHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjLzZiYTBjMWYzLTJiMmUtNGQ4YS1iZWYxLTUyZTA3YTRhNWE0ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBg9A//4wDQYJKoZIhvcNAQELBQADggEBAH48aoGG/OXSqykABdQq6QG7
icoPQZJcs8XcMOhZGlIbApcaT13IHeofPS4Vlrgdr4UviFapppjEQUQkn65hTsMS
540N4abR8yX84BTZs/BL+KTPAVSbxNL4qSw81qdb/sQmHhwQxUtmcOYjmuy6pZXJ
y3TLOJDPSIdO12fBqgg7As8GacLQ9/IaTK60Natmhy0+dKVRa+MO3qwYuz8fxNC8
hnOEXBK62+eytwyzFNlARpqQRs1q9MWVH/fnwFbLrrM/NvFVTA1eYyyDLa7VS7bp
7F8NDht1y6xlgNmL7QBewJ3Px8OKjf9uDT+pHbGVxrHRpKarUfdZSpOQywMrx/4=
-----END CERTIFICATE-----