Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/91a27594-a038-483a-a558-a5377f4d266f.roa
File:                     91a27594-a038-483a-a558-a5377f4d266f.roa (raw, json)
Hash identifier:          wxDPX7oaeomt9KXow4vKWMpETLabLSwXFUz1MuLa93g=
Subject key identifier:   B3:95:04:15:32:F5:F6:78:97:7A:E5:AB:37:11:A9:85:8F:61:FD:8A
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       7E401DB420A1CF3F11E77B536889BDAF3C0900BC
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/91a27594-a038-483a-a558-a5377f4d266f.roa
Signing time:             Mon 06 Oct 2025 16:41:10 +0000
ROA not before:           Mon 06 Oct 2025 16:41:10 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2606:f40:fffc::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:40:1d:b4:20:a1:cf:3f:11:e7:7b:53:68:89:bd:af:3c:09:00:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: Oct  6 16:41:10 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=8e3d7feaac039e4e3781a8a6df6a7bfea9eec4b3a45ee8d6c6073b411e89745f, CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:4e:a3:a3:4b:c3:f4:95:61:ef:cd:1d:8d:26:
                    d2:37:14:ff:12:44:6d:9a:c7:31:98:41:66:31:70:
                    ac:2c:39:2f:69:3e:15:cb:99:64:53:fc:2c:a5:73:
                    49:82:7f:2a:37:8c:76:af:32:d8:47:4d:35:ad:4c:
                    c6:8d:8c:8d:3a:70:5c:58:7f:1a:98:72:55:66:67:
                    32:fe:b8:8d:3b:94:bd:ef:85:6e:8c:a2:cb:2a:2c:
                    f6:56:b7:0b:ca:58:fb:25:e7:03:a8:a8:75:3c:df:
                    4c:0d:6c:21:dd:a9:97:d0:f4:fc:2c:e7:ba:ff:94:
                    8d:32:fc:38:09:6f:70:5d:63:5f:a1:84:89:63:2e:
                    93:89:2e:42:89:71:8e:7e:cb:ae:6b:a4:e4:a8:b2:
                    fa:b0:91:52:e8:14:bc:13:75:00:91:a7:10:e1:85:
                    d7:30:43:46:6d:c9:fe:24:51:f2:9b:75:b9:ad:a3:
                    81:b4:8d:65:8b:02:fa:32:e5:89:69:e9:69:7b:35:
                    a8:df:9e:3f:26:a2:99:49:c1:4a:1f:35:cd:e1:3c:
                    9c:51:9a:99:9e:10:92:f5:a6:cb:3f:57:a5:83:1d:
                    97:46:8d:d9:ee:d4:55:c5:9a:17:68:f3:98:f1:67:
                    2c:3f:ef:46:12:12:73:67:db:0b:fe:00:05:b3:e7:
                    c1:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:95:04:15:32:F5:F6:78:97:7A:E5:AB:37:11:A9:85:8F:61:FD:8A
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/91a27594-a038-483a-a558-a5377f4d266f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40:fffc::/48

    Signature Algorithm: sha256WithRSAEncryption
         10:02:c1:9a:ad:e2:e7:f1:5b:e0:9b:05:13:ae:e0:2a:3f:98:
         2a:0b:50:ae:66:cb:cc:01:c2:68:de:9b:8a:ce:93:be:48:59:
         f2:fe:3d:fa:9e:50:ea:97:f7:59:38:0e:d0:f0:c7:cc:8e:18:
         e0:fd:45:a6:70:31:2f:10:a2:a7:0d:61:81:e3:24:fe:c8:8c:
         91:ee:05:3a:c8:92:94:7b:b9:41:91:3b:42:28:13:cd:a6:90:
         b5:b9:57:69:c7:e5:76:6d:f6:5d:a7:6a:a2:24:69:c0:bc:4c:
         1a:ae:6e:07:8f:75:aa:5f:78:d4:d5:13:7b:d0:a7:d7:06:17:
         ef:de:7b:a9:8d:c9:04:90:e0:f3:53:fb:18:07:55:e3:ad:24:
         07:46:36:48:ad:1a:c3:46:f9:76:a7:dd:31:c2:f7:5b:b9:5c:
         db:50:10:ea:d3:c3:8a:b5:58:1f:55:1c:1e:22:d1:f0:29:5e:
         2b:b9:76:1c:57:d8:b8:a5:80:f2:f7:fa:4b:db:07:b0:c0:9d:
         ec:02:7e:59:08:e8:89:6c:7b:53:b7:3c:6d:83:f9:a0:fa:92:
         a8:35:fb:f8:fe:62:76:06:e2:d8:7e:83:df:45:3e:5d:8e:3f:
         f7:a6:d1:0b:3a:76:f1:af:c4:de:91:d2:de:cc:10:e1:63:93:
         92:69:6d:bf
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUfkAdtCChzz8R53tTaIm9rzwJALwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjUxMDA2MTY0MTEwWhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZTNkN2ZlYWFjMDM5ZTRlMzc4MWE4YTZkZjZhN2JmZWE5
ZWVjNGIzYTQ1ZWU4ZDZjNjA3M2I0MTFlODk3NDVmMS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCuTqOjS8P0lWHvzR2NJtI3FP8SRG2axzGYQWYxcKwsOS9p
PhXLmWRT/Cylc0mCfyo3jHavMthHTTWtTMaNjI06cFxYfxqYclVmZzL+uI07lL3v
hW6MossqLPZWtwvKWPsl5wOoqHU830wNbCHdqZfQ9Pws57r/lI0y/DgJb3BdY1+h
hIljLpOJLkKJcY5+y65rpOSosvqwkVLoFLwTdQCRpxDhhdcwQ0Ztyf4kUfKbdbmt
o4G0jWWLAvoy5Ylp6Wl7Najfnj8moplJwUofNc3hPJxRmpmeEJL1pss/V6WDHZdG
jdnu1FXFmhdo85jxZyw/70YSEnNn2wv+AAWz58H9AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUs5UEFTL19niXeuWrNxGphY9h/YowHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjLzkxYTI3NTk0LWEwMzgtNDgzYS1hNTU4LWE1Mzc3ZjRkMjY2Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBg9A//wwDQYJKoZIhvcNAQELBQADggEBABACwZqt4ufxW+CbBROu4Co/
mCoLUK5my8wBwmjem4rOk75IWfL+PfqeUOqX91k4DtDwx8yOGOD9RaZwMS8QoqcN
YYHjJP7IjJHuBTrIkpR7uUGRO0IoE82mkLW5V2nH5XZt9l2naqIkacC8TBqubgeP
dapfeNTVE3vQp9cGF+/ee6mNyQSQ4PNT+xgHVeOtJAdGNkitGsNG+Xan3THC91u5
XNtQEOrTw4q1WB9VHB4i0fApXiu5dhxX2LilgPL3+kvbB7DAnewCflkI6Ilse1O3
PG2D+aD6kqg1+/j+YnYG4th+g99FPl2OP/em0Qs6dvGvxN6R0t7MEOFjk5Jpbb8=
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:24:25 2025 by rpki-client