Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa
File:                     dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa (raw, json)
Hash identifier:          JttH2tC51Kc+tqvnmbfFdy2MMHKOk+EWye0zre9Z4sk=
Subject key identifier:   7E:91:02:BF:F4:EE:08:6C:28:25:0F:CA:2A:AB:83:89:37:17:AB:C4
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       6290EE6DD1DDBA47C800365737FC881285FDAC7A
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa
Signing time:             Fri 26 Sep 2025 18:10:25 +0000
ROA not before:           Fri 26 Sep 2025 18:10:25 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:e000::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:90:ee:6d:d1:dd:ba:47:c8:00:36:57:37:fc:88:12:85:fd:ac:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Sep 26 18:10:25 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=28015c42e114c7b32e90c9a8f76e2b2040865d213f6d9ed4bfc8ad57a2fd1cc4, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:ca:d1:cd:d7:0d:96:05:04:60:e3:d3:6a:ac:
                    61:a1:48:86:ef:01:23:a5:9a:95:82:73:cb:ce:ab:
                    ba:88:7e:c0:59:2f:3a:37:f5:da:29:e3:b8:86:6d:
                    f1:4e:e8:49:38:d7:6d:a8:e4:bf:6f:61:1f:d4:7e:
                    b4:99:0b:4a:b5:ae:88:e2:1b:51:51:7b:1b:c5:ac:
                    6c:2c:74:e7:93:1b:6d:3d:0f:a4:7b:60:04:0a:8d:
                    a1:5a:69:54:85:21:e0:dc:87:72:18:00:bc:f4:01:
                    7d:40:8e:e7:01:f4:8a:01:91:39:cb:ec:75:4b:52:
                    08:fb:c0:4f:fe:7d:f8:4d:ea:58:69:c7:f8:27:f7:
                    4d:99:d9:37:03:65:63:c3:2f:c0:78:aa:1c:9c:99:
                    9b:7b:2e:72:ec:68:8d:73:cd:6d:73:68:57:7b:cc:
                    39:21:25:37:51:51:86:81:9f:16:3a:f0:c0:40:d0:
                    e3:c0:12:a0:6b:ac:d8:de:85:f2:2e:4e:7c:cf:be:
                    2e:14:1c:52:54:27:20:59:50:07:fd:b1:69:83:11:
                    ca:dc:f6:a0:22:d3:a9:6a:6d:4b:bf:b6:8c:38:0c:
                    d3:96:b7:57:4a:86:58:24:67:f9:3b:a4:c7:78:e1:
                    23:85:70:0a:5c:c0:0f:a2:1f:23:69:9a:69:98:ec:
                    95:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:91:02:BF:F4:EE:08:6C:28:25:0F:CA:2A:AB:83:89:37:17:AB:C4
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:e000::/40

    Signature Algorithm: sha256WithRSAEncryption
         13:b1:ee:33:13:17:6a:59:77:5c:4d:0c:cd:4e:04:52:cd:64:
         6e:64:d9:03:ca:4e:01:55:16:65:6b:c3:51:ae:a7:a4:54:90:
         25:b6:cd:a9:d8:c2:50:42:a1:7a:14:8a:dd:c4:7f:99:45:99:
         ee:2d:30:cb:00:d4:c8:2e:cb:0e:a0:22:a1:36:fc:3b:92:2a:
         e4:c4:e4:89:a9:90:dd:32:e7:74:24:0e:e0:7a:4e:18:c0:6a:
         1b:9b:dd:e6:b2:29:e1:df:df:95:d3:93:79:d6:22:64:c1:c6:
         a6:50:19:88:dd:77:dd:6c:4a:7d:a6:46:53:95:63:73:7a:14:
         b2:e4:cf:90:e8:59:c9:5b:f9:1f:9f:d6:bd:74:84:77:7d:ca:
         f1:ff:e3:e5:55:33:21:f4:16:55:39:c5:5a:a9:e8:cb:f5:09:
         be:a0:0c:7e:ed:fb:80:4d:ee:7b:87:9c:c3:63:3f:a7:f7:09:
         b6:0c:ef:00:d4:06:6d:75:69:13:6a:a7:d6:39:08:50:66:bc:
         f9:11:d0:78:99:76:6e:76:a9:48:8b:ac:d9:39:6d:be:ea:37:
         20:1e:3d:e7:70:b7:65:3e:1f:47:6d:1d:94:a1:c2:bf:44:eb:
         cc:7d:ce:2c:9a:6f:4c:45:0a:b9:ea:2a:3d:09:d0:b6:25:25:
         e3:b5:8c:24
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUYpDubdHdukfIADZXN/yIEoX9rHowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwOTI2MTgxMDI1WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AyODAxNWM0MmUxMTRjN2IzMmU5MGM5YThmNzZlMmIyMDQw
ODY1ZDIxM2Y2ZDllZDRiZmM4YWQ1N2EyZmQxY2M0MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjytHN1w2WBQRg49NqrGGhSIbvASOlmpWCc8vOq7qIfsBZ
Lzo39dop47iGbfFO6Ek4122o5L9vYR/UfrSZC0q1rojiG1FRexvFrGwsdOeTG209
D6R7YAQKjaFaaVSFIeDch3IYALz0AX1AjucB9IoBkTnL7HVLUgj7wE/+ffhN6lhp
x/gn902Z2TcDZWPDL8B4qhycmZt7LnLsaI1zzW1zaFd7zDkhJTdRUYaBnxY68MBA
0OPAEqBrrNjehfIuTnzPvi4UHFJUJyBZUAf9sWmDEcrc9qAi06lqbUu/tow4DNOW
t1dKhlgkZ/k7pMd44SOFcApcwA+iHyNpmmmY7JXhAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUfpECv/TuCGwoJQ/KKquDiTcXq8QwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2RjMGUwZTczLWJiYmUtNDE3MC1iNzMzLTQ5MDRlY2MyN2Y5OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPD74DANBgkqhkiG9w0BAQsFAAOCAQEAE7HuMxMXall3XE0MzU4EUs1k
bmTZA8pOAVUWZWvDUa6npFSQJbbNqdjCUEKhehSK3cR/mUWZ7i0wywDUyC7LDqAi
oTb8O5Iq5MTkiamQ3TLndCQO4HpOGMBqG5vd5rIp4d/fldOTedYiZMHGplAZiN13
3WxKfaZGU5Vjc3oUsuTPkOhZyVv5H5/WvXSEd33K8f/j5VUzIfQWVTnFWqnoy/UJ
vqAMfu37gE3ue4ecw2M/p/cJtgzvANQGbXVpE2qn1jkIUGa8+RHQeJl2bnapSIus
2Tltvuo3IB4953C3ZT4fR20dlKHCv0TrzH3OLJpvTEUKueoqPQnQtiUl47WMJA==
-----END CERTIFICATE-----