Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/56ee27f8-4518-41fe-86ac-ae8a2e2a410d.roa
File:                     56ee27f8-4518-41fe-86ac-ae8a2e2a410d.roa (raw, json)
Hash identifier:          ig93PminnNPM2/577oL4lQiW3DYGv1aLT873CfAgKdg=
Subject key identifier:   D9:84:8C:F4:FF:54:01:38:32:7C:7F:A3:8C:CC:A9:32:2F:17:5F:75
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       4B38091CDD86712315582D86C1F37B45B20C765C
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/56ee27f8-4518-41fe-86ac-ae8a2e2a410d.roa
Signing time:             Fri 26 Sep 2025 18:00:40 +0000
ROA not before:           Fri 26 Sep 2025 18:00:40 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f0:4100::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 10 Oct 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:38:09:1c:dd:86:71:23:15:58:2d:86:c1:f3:7b:45:b2:0c:76:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Sep 26 18:00:40 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=815df1676e6a3e24d37b0aa9f94c374661f6e0333c65ae1ab9735aa640ec351d, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:63:52:b0:2d:db:af:6f:bc:cf:e7:49:78:c4:
                    a1:1e:0c:ff:6f:56:7a:95:cc:5c:ec:12:7b:65:ac:
                    da:eb:b6:a0:e0:23:38:16:81:65:f5:7b:88:c4:f7:
                    74:4d:cf:11:a3:eb:8e:13:9f:ff:f1:dc:2a:b8:e2:
                    df:f4:5e:13:2f:0b:90:60:bf:22:be:09:6c:80:a5:
                    ab:10:e3:ad:5a:8d:4e:3d:82:00:c1:c6:e8:b6:41:
                    b5:8c:6c:8d:14:69:17:40:4b:49:45:ec:a4:65:3c:
                    89:04:0a:37:54:75:4e:94:50:35:ea:b7:a0:aa:17:
                    1a:23:40:be:8e:31:63:e4:69:25:c7:78:5a:66:38:
                    de:25:39:a1:aa:8e:70:11:a5:44:18:4d:31:83:ce:
                    d6:dd:28:ad:bb:45:b5:f4:90:49:ce:be:bf:bd:6c:
                    ea:f0:56:49:3d:2c:bb:02:85:0e:b2:32:a4:0d:e9:
                    78:08:32:d1:cf:61:37:e4:31:d7:53:da:4a:19:1e:
                    04:6e:2b:44:1f:2f:cb:31:b1:46:db:d2:8d:01:e5:
                    f6:92:00:ad:cc:07:9b:e4:20:e5:36:87:95:3c:32:
                    a5:cd:3a:aa:06:19:94:d0:67:c3:c0:48:42:98:4e:
                    d9:f8:99:ba:c5:f7:b5:99:71:d9:8e:6f:0d:6f:8a:
                    35:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:84:8C:F4:FF:54:01:38:32:7C:7F:A3:8C:CC:A9:32:2F:17:5F:75
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/56ee27f8-4518-41fe-86ac-ae8a2e2a410d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:4100::/48

    Signature Algorithm: sha256WithRSAEncryption
         01:50:87:b3:c7:b7:6e:c2:27:d2:c1:88:8d:7a:fb:01:43:a2:
         35:bf:0a:f3:11:93:77:b5:d3:2e:d9:15:0a:4a:8d:ba:c7:25:
         1d:f0:7a:07:62:74:6a:60:58:f2:fa:9a:46:13:82:18:2a:48:
         9c:3a:36:23:f9:b3:a8:b1:bf:a0:43:03:d5:89:ec:87:4d:57:
         6c:e9:40:23:b1:51:27:7f:c6:0c:b5:71:8f:4a:fe:bd:9e:3c:
         66:d9:4b:86:39:36:c0:e7:6b:32:e2:7a:45:45:93:70:23:86:
         b6:40:bf:de:fa:76:2e:58:37:2a:d8:25:92:fe:c9:f2:ae:23:
         09:d1:b4:96:4a:9a:23:ac:ed:29:d2:5b:db:bc:06:f7:68:0c:
         f4:d3:6e:ab:e4:0a:0a:7f:4b:8f:a5:e3:34:21:74:cf:49:7d:
         2d:d1:ca:17:55:e8:4a:a9:c9:43:81:1d:a6:1d:71:ee:2d:79:
         df:f6:69:6e:dc:c5:81:43:46:0a:d8:57:47:dd:67:33:84:5f:
         c5:11:60:5d:25:d7:ca:38:60:3c:f9:6f:f4:77:b6:64:93:ba:
         8b:d9:3a:a4:d3:16:f4:c9:c2:31:70:17:76:b0:02:a7:06:86:
         97:86:91:f3:fa:f1:00:c4:7f:c6:96:6f:46:26:d4:f9:4a:c7:
         80:b0:7b:a2
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUSzgJHN2GcSMVWC2GwfN7RbIMdlwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwOTI2MTgwMDQwWhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A4MTVkZjE2NzZlNmEzZTI0ZDM3YjBhYTlmOTRjMzc0NjYx
ZjZlMDMzM2M2NWFlMWFiOTczNWFhNjQwZWMzNTFkMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDVY1KwLduvb7zP50l4xKEeDP9vVnqVzFzsEntlrNrrtqDg
IzgWgWX1e4jE93RNzxGj644Tn//x3Cq44t/0XhMvC5BgvyK+CWyApasQ461ajU49
ggDBxui2QbWMbI0UaRdAS0lF7KRlPIkECjdUdU6UUDXqt6CqFxojQL6OMWPkaSXH
eFpmON4lOaGqjnARpUQYTTGDztbdKK27RbX0kEnOvr+9bOrwVkk9LLsChQ6yMqQN
6XgIMtHPYTfkMddT2koZHgRuK0QfL8sxsUbb0o0B5faSAK3MB5vkIOU2h5U8MqXN
OqoGGZTQZ8PASEKYTtn4mbrF97WZcdmObw1vijUTAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU2YSM9P9UATgyfH+jjMypMi8XX3UwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzU2ZWUyN2Y4LTQ1MTgtNDFmZS04NmFjLWFlOGEyZTJhNDEwZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwQQAwDQYJKoZIhvcNAQELBQADggEBAAFQh7PHt27CJ9LBiI16+wFD
ojW/CvMRk3e10y7ZFQpKjbrHJR3wegdidGpgWPL6mkYTghgqSJw6NiP5s6ixv6BD
A9WJ7IdNV2zpQCOxUSd/xgy1cY9K/r2ePGbZS4Y5NsDnazLiekVFk3AjhrZAv976
di5YNyrYJZL+yfKuIwnRtJZKmiOs7SnSW9u8BvdoDPTTbqvkCgp/S4+l4zQhdM9J
fS3RyhdV6EqpyUOBHaYdce4ted/2aW7cxYFDRgrYV0fdZzOEX8URYF0l18o4YDz5
b/R3tmSTuovZOqTTFvTJwjFwF3awAqcGhpeGkfP68QDEf8aWb0Ym1PlKx4Cwe6I=
-----END CERTIFICATE-----