Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/59b63ffd-a0c1-4006-9040-edbf822eebd1.roa
File:                     59b63ffd-a0c1-4006-9040-edbf822eebd1.roa (raw, json)
Hash identifier:          F6SclaSshvtXYpjMH14kGau2jKkanq/fI8QP6RIYWh8=
Subject key identifier:   57:96:5F:3F:95:21:F0:2F:0D:08:E5:2B:A2:50:68:DC:6D:FE:7E:F9
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       3791F0A962420E2B9B656F106F246C59F560663F
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/59b63ffd-a0c1-4006-9040-edbf822eebd1.roa
Signing time:             Mon 06 Oct 2025 17:20:03 +0000
ROA not before:           Mon 06 Oct 2025 17:20:03 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2606:8140:500::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:91:f0:a9:62:42:0e:2b:9b:65:6f:10:6f:24:6c:59:f5:60:66:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Oct  6 17:20:03 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=ff2bd188953dc36af02dc0f994da800c1659efdc7c803f30a928509159aa2c4c, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:de:c7:2e:94:c7:75:5f:80:1f:41:42:5b:1f:
                    82:37:f2:f0:05:ed:3b:f3:8d:d9:20:3f:f0:08:c9:
                    c7:43:99:88:0a:aa:eb:22:99:93:b8:94:14:74:c7:
                    fa:49:ea:da:83:d9:d7:b7:d5:07:61:3a:c4:e9:30:
                    47:66:f9:6f:f0:d1:ff:d7:04:80:9d:a0:6f:4d:37:
                    1b:45:77:c1:26:e1:a6:ba:b2:d0:28:a5:61:ed:f3:
                    11:d9:ac:cf:e3:a9:7a:f8:3c:b1:44:0a:7e:3d:fc:
                    ba:eb:71:a4:c3:d5:60:00:94:b8:6e:fd:da:97:b8:
                    b1:b0:c3:b0:cf:55:2c:e4:c0:34:47:73:90:72:aa:
                    c5:55:2d:05:69:5a:f5:44:4b:a9:ab:fb:b4:4f:e4:
                    c9:6f:6c:5b:1a:2d:d9:ea:22:25:2e:75:8d:6d:82:
                    4a:97:4f:0a:6a:04:20:5d:f2:05:34:82:88:a9:4e:
                    ee:54:e1:91:71:3a:ab:a3:eb:5c:2f:da:5e:87:7f:
                    c1:fc:0c:e5:66:f0:1e:0e:8a:05:d1:f4:0c:a2:2a:
                    64:91:39:7b:75:25:db:66:b7:94:20:92:68:d2:85:
                    83:de:79:26:a7:1c:0c:cc:8e:cc:48:d0:04:75:39:
                    52:80:14:33:ce:9e:08:df:22:45:b9:bb:ef:57:12:
                    a9:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:96:5F:3F:95:21:F0:2F:0D:08:E5:2B:A2:50:68:DC:6D:FE:7E:F9
            X509v3 Authority Key Identifier:
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/59b63ffd-a0c1-4006-9040-edbf822eebd1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:8140:500::/40

    Signature Algorithm: sha256WithRSAEncryption
         5e:ca:61:70:52:ca:20:5e:ab:fd:70:bc:23:be:45:59:17:d1:
         5e:b0:f5:13:de:6c:b0:dc:fa:78:a2:3a:c4:4e:53:69:55:02:
         58:5c:55:9c:db:02:e8:ce:a3:da:cc:d1:39:30:77:be:19:76:
         2d:d8:03:d7:12:f4:6e:25:7e:f0:e0:fa:9c:c4:8a:86:eb:94:
         37:93:a7:9a:bc:70:e2:a3:6b:78:3a:de:6c:e5:1d:de:1d:9d:
         c8:2e:c2:01:aa:e2:c8:e0:68:03:5d:ad:87:f4:fd:5c:a4:70:
         0e:51:14:44:d5:ed:3e:18:ec:88:5a:8d:6d:be:67:89:29:4c:
         00:41:c7:43:de:88:e3:7a:b3:c5:7b:3b:1b:c5:ed:27:af:7f:
         7d:f1:9e:40:95:73:d8:99:d6:b3:7a:51:e9:eb:99:1c:06:5a:
         83:e1:44:47:61:48:83:43:1a:e3:07:d6:12:0f:24:6d:fc:43:
         6e:9c:1d:a2:35:d5:72:63:af:98:3e:00:15:ea:39:a3:28:24:
         4a:65:b5:d8:52:5a:cb:c3:24:63:47:5b:1f:1b:1a:a4:ae:56:
         08:25:84:f0:5b:44:ea:6e:71:86:58:7f:0a:e0:bf:3a:4c:a0:
         93:40:19:2f:2c:76:bd:31:43:05:0d:9b:94:69:0f:18:72:a7:
         a6:6d:8f:30
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUN5HwqWJCDiubZW8QbyRsWfVgZj8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUxMDA2MTcyMDAzWhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BmZjJiZDE4ODk1M2RjMzZhZjAyZGMwZjk5NGRhODAwYzE2
NTllZmRjN2M4MDNmMzBhOTI4NTA5MTU5YWEyYzRjMS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC73sculMd1X4AfQUJbH4I38vAF7TvzjdkgP/AIycdDmYgK
qusimZO4lBR0x/pJ6tqD2de31QdhOsTpMEdm+W/w0f/XBICdoG9NNxtFd8Em4aa6
stAopWHt8xHZrM/jqXr4PLFECn49/LrrcaTD1WAAlLhu/dqXuLGww7DPVSzkwDRH
c5ByqsVVLQVpWvVES6mr+7RP5MlvbFsaLdnqIiUudY1tgkqXTwpqBCBd8gU0goip
Tu5U4ZFxOquj61wv2l6Hf8H8DOVm8B4OigXR9AyiKmSROXt1Jdtmt5QgkmjShYPe
eSanHAzMjsxI0AR1OVKAFDPOngjfIkW5u+9XEqn1AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUV5ZfP5Uh8C8NCOUrolBo3G3+fvkwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyLzU5YjYzZmZkLWEwYzEtNDAwNi05MDQwLWVkYmY4MjJlZWJkMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmBoFABTANBgkqhkiG9w0BAQsFAAOCAQEAXsphcFLKIF6r/XC8I75FWRfR
XrD1E95ssNz6eKI6xE5TaVUCWFxVnNsC6M6j2szROTB3vhl2LdgD1xL0biV+8OD6
nMSKhuuUN5Onmrxw4qNreDrebOUd3h2dyC7CAariyOBoA12th/T9XKRwDlEURNXt
PhjsiFqNbb5niSlMAEHHQ96I43qzxXs7G8XtJ69/ffGeQJVz2JnWs3pR6euZHAZa
g+FER2FIg0Ma4wfWEg8kbfxDbpwdojXVcmOvmD4AFeo5oygkSmW12FJay8MkY0db
HxsapK5WCCWE8FtE6m5xhlh/CuC/Okygk0AZLyx2vTFDBQ2blGkPGHKnpm2PMA==
-----END CERTIFICATE-----