Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/e9e9fa29-b290-4ea2-9c3a-b6b0e792e777.roa
File:                     e9e9fa29-b290-4ea2-9c3a-b6b0e792e777.roa (raw, json)
Hash identifier:          rIrI1HhOF7mEkHXp5Ce7PI65BfnkeDRLGcuLoRz8WjE=
Subject key identifier:   3C:04:99:3B:20:AB:BE:99:5A:80:32:B2:BB:11:C9:7A:19:0F:9C:4F
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       069A23B335A0D01A05BF6209C1E0589D5B0B33CA
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/e9e9fa29-b290-4ea2-9c3a-b6b0e792e777.roa
Signing time:             Wed 22 Oct 2025 00:40:10 +0000
ROA not before:           Wed 22 Oct 2025 00:40:10 +0000
ROA not after:            Wed 26 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:f106::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:9a:23:b3:35:a0:d0:1a:05:bf:62:09:c1:e0:58:9d:5b:0b:33:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Oct 22 00:40:10 2025 GMT
            Not After : Nov 26 23:59:59 2025 GMT
        Subject: serialNumber=3d3481d3bde158be188ac432e5c1a8ff7a46a2e320a4942e82a092e743c2f76d, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:52:6c:1b:d8:98:36:09:22:0a:b7:4e:65:d9:
                    24:d0:52:48:fb:d8:6e:99:27:21:5d:6e:cd:4d:85:
                    6a:7b:b9:d5:e5:ec:77:7b:75:e7:ca:f8:20:a6:00:
                    19:f3:53:c3:d9:57:b4:3e:ab:cc:d1:29:40:70:97:
                    c0:6f:a4:2b:fd:8c:76:80:dd:e9:00:89:93:ec:eb:
                    52:93:38:45:4d:15:63:aa:95:5c:eb:22:e9:f6:2d:
                    e0:15:72:6c:dc:d3:0c:af:2a:cc:6b:66:c1:f6:4a:
                    fa:78:c2:41:20:23:6d:fa:f6:19:c0:a4:c4:55:5e:
                    e1:49:69:27:a4:4f:4e:70:7f:97:09:75:52:f6:e7:
                    0b:f4:f2:95:1e:8c:2c:15:5a:10:d5:8a:72:16:d8:
                    a4:4a:5a:a8:fd:ef:11:74:a2:be:c5:b3:55:23:74:
                    c7:13:c8:cc:e5:19:16:9d:8a:cc:17:d8:60:df:49:
                    b3:b2:81:9c:af:e9:d1:a8:4f:ce:08:4f:75:92:b2:
                    e4:36:b3:bd:57:07:98:d9:40:61:78:26:7c:db:57:
                    35:57:15:96:c5:a4:f7:7c:9c:50:94:84:ad:b7:fa:
                    a9:d3:01:96:93:a0:a2:c2:06:89:08:62:1a:14:2d:
                    8d:04:36:f4:7d:59:c0:20:06:d4:9f:da:1b:87:f1:
                    d3:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:04:99:3B:20:AB:BE:99:5A:80:32:B2:BB:11:C9:7A:19:0F:9C:4F
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/e9e9fa29-b290-4ea2-9c3a-b6b0e792e777.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:f106::/48

    Signature Algorithm: sha256WithRSAEncryption
         1e:98:2c:7c:a2:38:7f:45:f4:13:a0:8f:8f:55:c2:d9:ce:8e:
         96:06:e2:50:26:51:85:97:cf:2e:b6:01:61:19:4d:dc:be:f9:
         ff:c2:f0:b6:b5:46:31:d2:9c:e9:2b:a3:86:ef:f6:58:c9:9c:
         71:4d:e7:cb:1b:f8:e8:18:0a:cb:0c:50:8e:f3:ec:ea:f7:7a:
         c4:69:cc:0e:20:60:56:61:d0:9d:3b:a0:2a:1b:eb:fb:e5:7b:
         1e:d4:1c:fc:f0:8b:42:3d:d7:5f:fe:7e:91:67:29:f3:cb:f4:
         51:c7:bf:1d:76:4d:68:25:c8:4d:53:37:b9:b9:78:62:eb:6d:
         34:05:0b:44:1d:81:11:e2:34:2a:73:36:4f:77:36:0e:c4:a4:
         60:87:d2:18:54:cb:a2:3a:48:5d:86:4a:61:8d:ab:d6:70:e2:
         07:4d:39:4d:53:a7:a1:26:2c:38:0b:e4:de:33:b9:34:7e:09:
         ed:72:59:d1:2d:b4:e3:33:4c:29:09:e1:63:bb:0c:cc:a1:27:
         7c:57:34:08:09:bb:81:00:38:19:22:c8:ad:7d:51:cc:41:72:
         5b:2a:78:77:70:cf:fc:96:ba:fb:e1:76:4a:39:a6:54:96:29:
         49:a3:60:52:a8:3d:8a:8d:43:75:6e:e6:86:75:b1:58:1e:6e:
         d9:a1:35:da
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUBpojszWg0BoFv2IJweBYnVsLM8owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDIyMDA0MDEwWhcNMjUxMTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0AzZDM0ODFkM2JkZTE1OGJlMTg4YWM0MzJlNWMxYThmZjdh
NDZhMmUzMjBhNDk0MmU4MmEwOTJlNzQzYzJmNzZkMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCkUmwb2Jg2CSIKt05l2STQUkj72G6ZJyFdbs1NhWp7udXl
7Hd7defK+CCmABnzU8PZV7Q+q8zRKUBwl8BvpCv9jHaA3ekAiZPs61KTOEVNFWOq
lVzrIun2LeAVcmzc0wyvKsxrZsH2Svp4wkEgI2369hnApMRVXuFJaSekT05wf5cJ
dVL25wv08pUejCwVWhDVinIW2KRKWqj97xF0or7Fs1UjdMcTyMzlGRadiswX2GDf
SbOygZyv6dGoT84IT3WSsuQ2s71XB5jZQGF4JnzbVzVXFZbFpPd8nFCUhK23+qnT
AZaToKLCBokIYhoULY0ENvR9WcAgBtSf2huH8dNXAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUPASZOyCrvplagDKyuxHJehkPnE8wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2U5ZTlmYTI5LWIyOTAtNGVhMi05YzNhLWI2YjBlNzkyZTc3Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPD78QYwDQYJKoZIhvcNAQELBQADggEBAB6YLHyiOH9F9BOgj49VwtnO
jpYG4lAmUYWXzy62AWEZTdy++f/C8La1RjHSnOkro4bv9ljJnHFN58sb+OgYCssM
UI7z7Or3esRpzA4gYFZh0J07oCob6/vlex7UHPzwi0I911/+fpFnKfPL9FHHvx12
TWglyE1TN7m5eGLrbTQFC0QdgRHiNCpzNk93Ng7EpGCH0hhUy6I6SF2GSmGNq9Zw
4gdNOU1Tp6EmLDgL5N4zuTR+Ce1yWdEttOMzTCkJ4WO7DMyhJ3xXNAgJu4EAOBki
yK19UcxBclsqeHdwz/yWuvvhdko5plSWKUmjYFKoPYqNQ3Vu5oZ1sVgebtmhNdo=
-----END CERTIFICATE-----