Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/0c492edd-c347-4b97-a816-01566f9d097b.roa
File:                     0c492edd-c347-4b97-a816-01566f9d097b.roa (raw, json)
Hash identifier:          SDd5dp1rSONPDABypNCOKh3AxR6UjQxREvpLISyf/lA=
Subject key identifier:   2B:F2:A9:EE:9C:07:E7:8E:52:CF:A6:EC:D7:FB:18:09:9D:1C:C3:D4
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       13A3E5D1B8F7423895915871B6889825D2B9A35C
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/0c492edd-c347-4b97-a816-01566f9d097b.roa
Signing time:             Fri 10 Oct 2025 00:21:08 +0000
ROA not before:           Fri 10 Oct 2025 00:21:08 +0000
ROA not after:            Fri 14 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2606:f40:8000::/39 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:a3:e5:d1:b8:f7:42:38:95:91:58:71:b6:88:98:25:d2:b9:a3:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: Oct 10 00:21:08 2025 GMT
            Not After : Nov 14 23:59:59 2025 GMT
        Subject: serialNumber=6bddc104b49b468458575f458a49557c3924d19911ff80e453ac8efaf1c46448, CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:a4:d4:73:8a:7f:98:fd:6c:4a:a5:cf:53:8b:
                    94:af:06:a9:72:bc:99:55:67:d8:34:71:ae:02:4b:
                    4d:98:58:03:3a:b0:de:e8:51:91:e6:d6:a0:87:06:
                    5a:e2:e1:a2:08:64:f8:f2:c1:a3:18:75:16:94:26:
                    be:51:d8:ce:3f:66:79:55:b3:3e:ab:bf:cf:df:7d:
                    60:22:62:ed:f5:a2:60:3c:24:94:11:b4:6b:61:78:
                    a8:e9:b5:c6:df:84:44:31:f5:81:80:6d:5d:90:d0:
                    a5:3c:37:6c:92:0f:ea:9a:cd:e3:b5:d0:5e:3a:3a:
                    3e:47:f0:d0:6b:33:ae:53:14:81:ef:02:18:04:8e:
                    b8:0e:52:82:c8:53:38:0f:2b:5c:2e:36:89:d2:b5:
                    92:24:19:f6:ce:80:e6:30:c6:ac:7d:c6:a9:f5:77:
                    4b:d7:53:0f:65:69:22:1a:90:08:1e:b8:0a:f7:71:
                    99:e4:c5:92:f2:21:84:a9:16:a2:80:52:47:1a:69:
                    98:56:da:12:21:90:6e:2c:ab:17:28:15:39:59:56:
                    63:35:44:79:18:b1:b1:7f:48:e6:09:e1:f2:5f:3b:
                    f4:82:3a:48:fd:05:a6:28:66:b9:43:71:0f:88:e3:
                    21:8f:59:f9:c2:77:07:78:fb:26:a4:7f:d1:cd:95:
                    5a:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:F2:A9:EE:9C:07:E7:8E:52:CF:A6:EC:D7:FB:18:09:9D:1C:C3:D4
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/0c492edd-c347-4b97-a816-01566f9d097b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         1b:53:e3:b2:ac:a6:63:35:44:f8:ea:ab:e4:bd:d0:60:5f:c8:
         cf:aa:e2:8e:44:cc:a5:22:af:a3:10:84:85:c9:0a:a6:41:8f:
         6a:bb:37:93:8c:d6:18:6c:15:1a:53:b3:d1:1f:7b:5b:0b:a1:
         37:7c:26:ab:65:72:4f:7e:6c:7b:57:d3:1e:da:d3:a2:54:f3:
         b1:7c:34:1c:47:7f:63:35:32:6c:93:f1:0b:a5:a0:85:4d:a1:
         6a:3f:e1:6a:81:f2:f8:1f:ed:12:ce:10:93:71:ee:cb:3c:d1:
         88:ee:09:7c:ec:ad:88:61:d3:bf:11:45:c5:32:65:16:8a:73:
         b0:5c:47:03:b2:89:53:6e:c4:eb:4a:e0:63:50:3b:3b:fb:65:
         7f:07:f6:25:0d:cf:7a:5c:a1:cd:95:6b:f1:6d:20:03:4a:d4:
         39:a0:d9:30:2e:85:d7:41:ac:a5:dc:ee:fb:84:f7:6a:7a:96:
         a4:1f:d2:fe:67:a6:5d:c1:8c:96:7e:2c:a5:bf:32:5b:80:a5:
         83:3b:b1:bc:5c:4c:bd:2e:d0:32:da:4b:de:94:7f:b0:f9:2b:
         3c:56:f2:e2:c4:ad:c8:44:23:16:5b:20:ec:a4:33:3f:90:b7:
         b5:55:a2:4c:44:70:70:0e:89:00:fc:2f:91:01:fd:35:c0:90:
         e2:42:cd:3c
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUE6Pl0bj3QjiVkVhxtoiYJdK5o1wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjUxMDEwMDAyMTA4WhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A2YmRkYzEwNGI0OWI0Njg0NTg1NzVmNDU4YTQ5NTU3YzM5
MjRkMTk5MTFmZjgwZTQ1M2FjOGVmYWYxYzQ2NDQ4MS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0pNRzin+Y/WxKpc9Ti5SvBqlyvJlVZ9g0ca4CS02YWAM6
sN7oUZHm1qCHBlri4aIIZPjywaMYdRaUJr5R2M4/ZnlVsz6rv8/ffWAiYu31omA8
JJQRtGtheKjptcbfhEQx9YGAbV2Q0KU8N2ySD+qazeO10F46Oj5H8NBrM65TFIHv
AhgEjrgOUoLIUzgPK1wuNonStZIkGfbOgOYwxqx9xqn1d0vXUw9laSIakAgeuAr3
cZnkxZLyIYSpFqKAUkcaaZhW2hIhkG4sqxcoFTlZVmM1RHkYsbF/SOYJ4fJfO/SC
Okj9BaYoZrlDcQ+I4yGPWfnCdwd4+yakf9HNlVr9AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUK/Kp7pwH545Sz6bs1/sYCZ0cw9QwHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjLzBjNDkyZWRkLWMzNDctNGI5Ny1hODE2LTAxNTY2ZjlkMDk3Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmBg9AgDANBgkqhkiG9w0BAQsFAAOCAQEAG1PjsqymYzVE+Oqr5L3QYF/I
z6rijkTMpSKvoxCEhckKpkGPars3k4zWGGwVGlOz0R97WwuhN3wmq2VyT35se1fT
HtrTolTzsXw0HEd/YzUybJPxC6WghU2haj/haoHy+B/tEs4Qk3HuyzzRiO4JfOyt
iGHTvxFFxTJlFopzsFxHA7KJU27E60rgY1A7O/tlfwf2JQ3PelyhzZVr8W0gA0rU
OaDZMC6F10Gspdzu+4T3anqWpB/S/memXcGMln4spb8yW4ClgzuxvFxMvS7QMtpL
3pR/sPkrPFby4sStyEQjFlsg7KQzP5C3tVWiTERwcA6JAPwvkQH9NcCQ4kLNPA==
-----END CERTIFICATE-----