Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/4aef75f4-87ef-46d3-96d7-dc53be178ebe.roa
File:                     4aef75f4-87ef-46d3-96d7-dc53be178ebe.roa (raw, json)
Hash identifier:          EFmKNle5ro5UfWrBkGN5EZ3dbmeSlkb4piuFr5SN4TY=
Subject key identifier:   0D:33:CE:24:FB:EB:C1:19:58:BE:88:BE:36:95:3F:F4:E8:18:6E:C9
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       221A36031D2FC235C59D7C0A814EB02182B33DB4
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/4aef75f4-87ef-46d3-96d7-dc53be178ebe.roa
Signing time:             Fri 31 Oct 2025 00:00:03 +0000
ROA not before:           Fri 31 Oct 2025 00:00:03 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2606:f40:fffc::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 07 Nov 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:1a:36:03:1d:2f:c2:35:c5:9d:7c:0a:81:4e:b0:21:82:b3:3d:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: Oct 31 00:00:03 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=b3f0d942455d8eef88fdc7aecca7b0703f7f6f84048c45be6cb4dda0fa195712, CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:b6:1b:1f:9f:36:b9:a1:b9:40:77:e6:65:23:
                    c4:5f:df:56:c7:25:bb:d5:c1:5d:2b:63:0a:5b:3c:
                    9f:d8:a7:c6:8d:96:01:73:94:87:a9:3d:58:8f:d5:
                    1b:d3:86:d1:15:17:e9:40:30:ce:20:e1:15:79:35:
                    7a:fa:4f:b3:ff:21:56:3d:24:58:0d:26:27:44:36:
                    54:74:6c:62:58:b0:b9:06:bb:f0:c0:05:95:d2:dc:
                    b4:64:7a:60:b9:1c:62:52:bb:20:18:a1:ff:84:5b:
                    74:8d:98:34:df:95:3f:f9:37:78:50:e9:aa:99:fa:
                    81:5f:62:39:21:11:af:8f:45:af:99:ea:07:78:e2:
                    16:95:7d:3c:1e:16:1b:97:ef:8c:cd:c2:91:83:ab:
                    03:b7:51:8d:43:76:7b:58:6a:e8:f4:a9:02:13:a6:
                    f1:7f:24:f8:67:79:55:23:cf:22:ae:52:18:6e:c1:
                    d3:81:c0:71:43:d3:c7:36:c2:a1:a9:58:2a:ac:3a:
                    5b:6e:b5:64:8e:67:70:21:34:03:5f:59:59:f8:0b:
                    84:77:a1:16:f4:50:83:34:8a:48:57:71:3b:11:da:
                    2e:f0:23:0d:80:8b:1d:e9:b0:c3:4b:49:f8:ca:f4:
                    1e:79:0f:1b:68:a6:63:0d:b9:67:82:31:b3:c1:a3:
                    46:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:33:CE:24:FB:EB:C1:19:58:BE:88:BE:36:95:3F:F4:E8:18:6E:C9
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/4aef75f4-87ef-46d3-96d7-dc53be178ebe.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40:fffc::/48

    Signature Algorithm: sha256WithRSAEncryption
         34:45:63:07:c0:33:78:07:a2:d7:4b:6d:e2:fa:ae:ff:39:d8:
         7a:a9:62:9b:7d:8b:82:8c:73:9b:ac:bd:08:b8:6d:1a:ed:fc:
         e1:63:f4:59:65:c7:66:3d:1f:af:82:90:bb:06:03:56:c4:65:
         88:65:89:45:72:1b:70:e9:75:1d:95:d1:0d:c0:49:df:0f:ee:
         6b:65:2f:9b:c2:e9:67:2e:ac:8e:70:b0:27:ba:48:7e:6b:76:
         d5:bb:81:2c:88:a4:68:ce:85:99:85:2a:a4:18:d2:18:65:e8:
         23:50:bd:7a:4d:f0:b3:db:56:3a:eb:14:13:27:43:56:ed:46:
         56:94:ac:09:f4:59:4c:e6:dc:d3:f9:b6:4b:26:30:d8:01:cb:
         bc:ac:4a:35:58:77:93:02:d4:19:b2:cf:84:a3:c4:ab:92:98:
         1a:94:c3:91:88:34:de:91:d1:e2:27:e0:f7:3f:31:e2:f7:74:
         45:c4:1c:10:eb:c4:7e:48:4a:c0:df:4b:7e:23:23:6c:de:93:
         44:ac:55:d1:14:c7:c5:c9:a6:fe:38:89:7a:b0:cc:62:5c:b6:
         c4:83:07:77:e1:1c:c6:33:42:ab:8c:45:a6:50:1a:3c:63:bd:
         a1:3b:54:c3:3b:6c:42:1f:cd:eb:5f:c8:10:9b:f9:ab:f9:0c:
         98:6b:50:ef
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUIho2Ax0vwjXFnXwKgU6wIYKzPbQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjUxMDMxMDAwMDAzWhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BiM2YwZDk0MjQ1NWQ4ZWVmODhmZGM3YWVjY2E3YjA3MDNm
N2Y2Zjg0MDQ4YzQ1YmU2Y2I0ZGRhMGZhMTk1NzEyMS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqthsfnza5oblAd+ZlI8Rf31bHJbvVwV0rYwpbPJ/Yp8aN
lgFzlIepPViP1RvThtEVF+lAMM4g4RV5NXr6T7P/IVY9JFgNJidENlR0bGJYsLkG
u/DABZXS3LRkemC5HGJSuyAYof+EW3SNmDTflT/5N3hQ6aqZ+oFfYjkhEa+PRa+Z
6gd44haVfTweFhuX74zNwpGDqwO3UY1DdntYauj0qQITpvF/JPhneVUjzyKuUhhu
wdOBwHFD08c2wqGpWCqsOltutWSOZ3AhNANfWVn4C4R3oRb0UIM0ikhXcTsR2i7w
Iw2Aix3psMNLSfjK9B55DxtopmMNuWeCMbPBo0a/AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUDTPOJPvrwRlYvoi+NpU/9OgYbskwHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjLzRhZWY3NWY0LTg3ZWYtNDZkMy05NmQ3LWRjNTNiZTE3OGViZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBg9A//wwDQYJKoZIhvcNAQELBQADggEBADRFYwfAM3gHotdLbeL6rv85
2HqpYpt9i4KMc5usvQi4bRrt/OFj9Fllx2Y9H6+CkLsGA1bEZYhliUVyG3DpdR2V
0Q3ASd8P7mtlL5vC6WcurI5wsCe6SH5rdtW7gSyIpGjOhZmFKqQY0hhl6CNQvXpN
8LPbVjrrFBMnQ1btRlaUrAn0WUzm3NP5tksmMNgBy7ysSjVYd5MC1Bmyz4SjxKuS
mBqUw5GINN6R0eIn4Pc/MeL3dEXEHBDrxH5ISsDfS34jI2zek0SsVdEUx8XJpv44
iXqwzGJctsSDB3fhHMYzQquMRaZQGjxjvaE7VMM7bEIfzetfyBCb+av5DJhrUO8=
-----END CERTIFICATE-----