Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/75e5e6ce-a11a-4045-bcc5-38c5085921a3.roa
File:                     75e5e6ce-a11a-4045-bcc5-38c5085921a3.roa (raw, json)
Hash identifier:          FIBAImW/oa7xgHki8jrHNandlftVxojQ1rBQ+Dg0I38=
Subject key identifier:   6B:4A:FA:6E:2C:56:02:E0:01:69:03:76:75:62:EA:86:71:2A:99:C3
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       2F9210D609CF290B2D2A9108FCC8F30CEB558987
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/75e5e6ce-a11a-4045-bcc5-38c5085921a3.roa
Signing time:             Fri 15 Aug 2025 21:22:11 +0000
ROA not before:           Fri 15 Aug 2025 21:22:11 +0000
ROA not after:            Fri 19 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:6109::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 21 Aug 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:92:10:d6:09:cf:29:0b:2d:2a:91:08:fc:c8:f3:0c:eb:55:89:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Aug 15 21:22:11 2025 GMT
            Not After : Sep 19 23:59:59 2025 GMT
        Subject: serialNumber=54ce54027acbccfe49d4f077afcd9728d3803eda1c30febabc3bfe5c708cefdf, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:eb:4e:ca:27:d3:90:7e:79:01:e0:24:46:5c:
                    39:28:1b:de:c8:61:4f:90:31:b9:f8:52:b3:12:cb:
                    81:cd:f4:75:9f:61:25:06:16:ed:16:31:5b:93:6b:
                    b3:8c:c1:6c:c3:52:9b:bc:ad:75:6a:de:3d:65:ac:
                    5f:ee:fa:45:3d:f5:c4:b7:65:1b:13:96:41:a5:51:
                    ed:e4:5e:73:ad:48:be:97:ca:61:db:d2:c9:c3:11:
                    e5:81:1d:c2:f2:b5:94:2c:16:6b:b7:20:dc:32:d6:
                    aa:de:42:ed:58:8e:1c:e3:f2:96:3b:1d:ac:42:f2:
                    e6:58:e6:0e:c3:ed:ce:2b:81:a8:4f:74:cd:0f:68:
                    ea:ed:e1:b8:25:f5:ac:4e:8c:93:95:b8:16:44:44:
                    6e:13:db:58:3a:ea:d9:7f:0f:6a:44:38:97:e0:63:
                    99:97:65:65:35:2c:bc:80:46:88:72:b4:49:d2:bc:
                    7a:fb:a9:ee:ef:a1:c6:06:78:5a:14:58:1f:46:08:
                    64:d5:be:3f:82:34:10:c5:cb:51:40:81:9a:42:38:
                    8b:85:a9:01:5b:3e:8c:89:7c:aa:e3:f6:4c:5e:b5:
                    3a:73:d0:97:9c:65:20:04:65:68:fb:f0:81:da:36:
                    85:ea:b2:26:7c:5d:f4:ee:29:d5:20:9f:f9:25:b1:
                    2a:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:4A:FA:6E:2C:56:02:E0:01:69:03:76:75:62:EA:86:71:2A:99:C3
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/75e5e6ce-a11a-4045-bcc5-38c5085921a3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:6109::/48

    Signature Algorithm: sha256WithRSAEncryption
         33:94:cd:f8:4e:8d:70:c5:76:7f:14:9b:ee:37:9a:4f:18:02:
         25:ab:77:7b:b2:66:7a:0b:c7:e6:8c:c1:b8:cb:8e:0b:be:cf:
         db:2b:3a:d0:be:2a:93:46:e2:9e:01:cf:ac:f8:be:10:38:20:
         db:fd:b8:1a:5d:46:e6:ae:17:dd:55:96:f7:e8:1d:ec:40:b5:
         b2:12:01:bd:62:dc:28:b4:13:11:83:0a:a0:e4:07:07:37:55:
         9d:44:de:f4:f1:95:92:86:56:27:92:a1:ba:9e:51:ac:16:12:
         80:5c:d3:fb:1b:09:50:35:66:0a:db:57:a9:13:54:11:4e:50:
         4f:bd:1c:a4:d0:bd:9d:bc:6a:91:1d:bb:87:7a:95:e1:d8:61:
         f3:8e:8c:44:a1:7c:a4:a6:1f:46:be:84:20:2b:d1:bb:d8:53:
         66:60:4d:be:82:12:a0:cc:77:45:54:0d:1d:7c:a1:ca:9f:19:
         43:20:46:f9:55:18:fa:0b:34:93:ee:5f:be:6e:7c:ba:9a:cd:
         11:13:ab:65:5b:a5:0e:1d:6c:92:9e:d5:d9:df:7f:47:1e:d8:
         e2:e3:1a:44:1b:89:3e:7b:ee:d2:ee:ce:3e:06:8a:e7:5b:2e:
         ad:9a:36:d0:b4:73:65:4e:21:5a:a9:d1:e8:02:4b:75:31:3a:
         9c:4e:96:50
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUL5IQ1gnPKQstKpEI/MjzDOtViYcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwODE1MjEyMjExWhcNMjUwOTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NGNlNTQwMjdhY2JjY2ZlNDlkNGYwNzdhZmNkOTcyOGQz
ODAzZWRhMWMzMGZlYmFiYzNiZmU1YzcwOGNlZmRmMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCN607KJ9OQfnkB4CRGXDkoG97IYU+QMbn4UrMSy4HN9HWf
YSUGFu0WMVuTa7OMwWzDUpu8rXVq3j1lrF/u+kU99cS3ZRsTlkGlUe3kXnOtSL6X
ymHb0snDEeWBHcLytZQsFmu3INwy1qreQu1Yjhzj8pY7HaxC8uZY5g7D7c4rgahP
dM0PaOrt4bgl9axOjJOVuBZERG4T21g66tl/D2pEOJfgY5mXZWU1LLyARohytEnS
vHr7qe7vocYGeFoUWB9GCGTVvj+CNBDFy1FAgZpCOIuFqQFbPoyJfKrj9kxetTpz
0JecZSAEZWj78IHaNoXqsiZ8XfTuKdUgn/klsSpnAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUa0r6bixWAuABaQN2dWLqhnEqmcMwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2Lzc1ZTVlNmNlLWExMWEtNDA0NS1iY2M1LTM4YzUwODU5MjFhMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwYQkwDQYJKoZIhvcNAQELBQADggEBADOUzfhOjXDFdn8Um+43mk8Y
AiWrd3uyZnoLx+aMwbjLjgu+z9srOtC+KpNG4p4Bz6z4vhA4INv9uBpdRuauF91V
lvfoHexAtbISAb1i3Ci0ExGDCqDkBwc3VZ1E3vTxlZKGVieSobqeUawWEoBc0/sb
CVA1ZgrbV6kTVBFOUE+9HKTQvZ28apEdu4d6leHYYfOOjEShfKSmH0a+hCAr0bvY
U2ZgTb6CEqDMd0VUDR18ocqfGUMgRvlVGPoLNJPuX75ufLqazRETq2VbpQ4dbJKe
1dnff0ce2OLjGkQbiT577tLuzj4GiudbLq2aNtC0c2VOIVqp0egCS3UxOpxOllA=
-----END CERTIFICATE-----