Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/0c492edd-c347-4b97-a816-01566f9d097b.roa
File:                     0c492edd-c347-4b97-a816-01566f9d097b.roa (raw, json)
Hash identifier:          5c3ly782Chxh7dbmkyzxNggJmaOpHWxNArbReCN7bXs=
Subject key identifier:   80:A5:57:AD:E9:F3:FF:E2:C2:DD:AC:52:DD:64:70:24:95:3D:7D:EC
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       5C8C43680AC4B49DEC49163813793AD835FEF2A5
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/0c492edd-c347-4b97-a816-01566f9d097b.roa
Signing time:             Tue 04 Nov 2025 00:00:37 +0000
ROA not before:           Tue 04 Nov 2025 00:00:37 +0000
ROA not after:            Tue 09 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2606:f40:8000::/39 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 07 Nov 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:8c:43:68:0a:c4:b4:9d:ec:49:16:38:13:79:3a:d8:35:fe:f2:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: Nov  4 00:00:37 2025 GMT
            Not After : Dec  9 23:59:59 2025 GMT
        Subject: serialNumber=08bd36022f135284b0edff7a335167589255cc49880f6be0dc3544b10dc4483c, CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:6b:76:06:78:a7:9a:4f:3a:78:f0:15:47:c1:
                    dd:50:48:bb:e9:fb:d0:c3:44:17:04:60:c5:23:fb:
                    b7:16:57:d6:7e:64:80:b6:75:5a:d2:66:88:8b:cc:
                    04:85:f4:a2:af:ba:50:50:16:0b:d5:58:e6:3d:aa:
                    6b:4b:f0:12:36:af:44:d0:2e:fe:cd:40:84:25:70:
                    44:83:01:c0:9b:49:92:24:2d:34:46:7a:ac:b2:67:
                    1e:c1:a6:76:01:e6:f8:d3:31:dc:d3:bb:fb:0d:53:
                    f6:43:35:3e:88:3e:73:cd:c9:32:48:71:ab:89:12:
                    39:43:59:dc:7a:20:8f:18:80:44:79:bb:24:ac:05:
                    76:ea:7c:27:e3:67:dc:a1:d3:d3:4e:1f:47:7e:d6:
                    f7:03:c1:2e:c2:8b:b8:0a:c9:44:f4:c4:64:9c:de:
                    be:1c:6a:ec:d1:4d:ac:1e:c9:12:04:ce:35:cd:a0:
                    0e:09:5f:d9:5e:f1:ce:27:23:d0:c5:a4:db:9b:69:
                    ca:a3:1d:7d:b7:ad:80:4e:23:bd:5c:2d:37:32:48:
                    98:d9:11:30:fb:93:bf:cc:4d:e8:63:9b:df:ac:b9:
                    f2:ef:6c:b2:5b:a4:7d:6c:0b:5b:5c:69:bf:f5:72:
                    3d:5a:e3:24:f0:16:2c:e2:c5:be:9e:a7:13:88:3a:
                    80:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:A5:57:AD:E9:F3:FF:E2:C2:DD:AC:52:DD:64:70:24:95:3D:7D:EC
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/0c492edd-c347-4b97-a816-01566f9d097b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         03:1d:d8:53:30:f9:79:47:a5:4a:0d:ec:56:4d:d5:1b:05:88:
         24:13:71:b2:c6:36:ea:d5:0a:cc:1d:e5:87:a7:7e:39:8c:99:
         94:67:d6:bd:ef:a9:1d:31:f1:f5:09:78:51:8c:27:39:6e:9b:
         7d:dd:5b:45:38:87:05:09:75:2f:d8:2d:63:64:76:dc:26:cf:
         d0:df:8d:d4:2b:f1:1c:10:42:63:bd:4c:59:b0:74:c5:69:33:
         1f:c6:ab:95:da:00:b2:b2:54:1e:10:5f:3a:5d:ce:13:6a:98:
         49:ca:7c:1e:2a:f5:6a:b0:ad:da:df:8c:1e:aa:40:b5:3b:e6:
         7f:2c:9f:97:d5:dd:2c:a5:a5:01:8a:47:0b:d8:5d:8a:db:b9:
         2c:91:08:62:e0:44:6a:51:9b:9e:d4:b8:a8:be:95:87:fa:03:
         cd:fb:1f:c1:f1:78:9b:94:a3:d9:20:55:5a:ca:d3:eb:a5:00:
         3b:12:6d:36:ea:09:a3:ce:e0:b1:d6:0d:8d:93:3f:95:b8:40:
         30:57:f8:73:dc:5a:9f:7a:fc:cb:bc:4a:f8:4e:e7:f0:e0:29:
         48:94:a4:17:57:cd:94:a8:bf:74:bb:91:ab:e4:11:a9:5a:5b:
         3b:fd:ab:4f:ec:c2:29:be:9b:b7:59:32:cd:45:47:c9:2c:ca:
         34:c4:99:e5
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUXIxDaArEtJ3sSRY4E3k62DX+8qUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjUxMTA0MDAwMDM3WhcNMjUxMjA5MjM1OTU5
WjB6MUkwRwYDVQQFE0AwOGJkMzYwMjJmMTM1Mjg0YjBlZGZmN2EzMzUxNjc1ODky
NTVjYzQ5ODgwZjZiZTBkYzM1NDRiMTBkYzQ0ODNjMS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJa3YGeKeaTzp48BVHwd1QSLvp+9DDRBcEYMUj+7cWV9Z+
ZIC2dVrSZoiLzASF9KKvulBQFgvVWOY9qmtL8BI2r0TQLv7NQIQlcESDAcCbSZIk
LTRGeqyyZx7BpnYB5vjTMdzTu/sNU/ZDNT6IPnPNyTJIcauJEjlDWdx6II8YgER5
uySsBXbqfCfjZ9yh09NOH0d+1vcDwS7Ci7gKyUT0xGSc3r4cauzRTaweyRIEzjXN
oA4JX9le8c4nI9DFpNubacqjHX23rYBOI71cLTcySJjZETD7k7/MTehjm9+sufLv
bLJbpH1sC1tcab/1cj1a4yTwFizixb6epxOIOoCnAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUgKVXrenz/+LC3axS3WRwJJU9fewwHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjLzBjNDkyZWRkLWMzNDctNGI5Ny1hODE2LTAxNTY2ZjlkMDk3Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmBg9AgDANBgkqhkiG9w0BAQsFAAOCAQEAAx3YUzD5eUelSg3sVk3VGwWI
JBNxssY26tUKzB3lh6d+OYyZlGfWve+pHTHx9Ql4UYwnOW6bfd1bRTiHBQl1L9gt
Y2R23CbP0N+N1CvxHBBCY71MWbB0xWkzH8arldoAsrJUHhBfOl3OE2qYScp8Hir1
arCt2t+MHqpAtTvmfyyfl9XdLKWlAYpHC9hditu5LJEIYuBEalGbntS4qL6Vh/oD
zfsfwfF4m5Sj2SBVWsrT66UAOxJtNuoJo87gsdYNjZM/lbhAMFf4c9xan3r8y7xK
+E7n8OApSJSkF1fNlKi/dLuRq+QRqVpbO/2rT+zCKb6bt1kyzUVHySzKNMSZ5Q==
-----END CERTIFICATE-----