Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/943694fe-e278-4d76-b786-7df26f151dd9.roa
File:                     943694fe-e278-4d76-b786-7df26f151dd9.roa (raw, json)
Hash identifier:          w6P/zF2rZrb62NPlJcKnbrFjusyu2pvKslB0sosSotc=
Subject key identifier:   2D:77:BC:D6:79:0B:A1:2C:9D:34:71:8C:37:CD:F4:41:50:C2:A6:D2
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       76B88400681FC07E4B37B493A15DE283946D930D
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/943694fe-e278-4d76-b786-7df26f151dd9.roa
Signing time:             Fri 15 Aug 2025 00:50:15 +0000
ROA not before:           Fri 15 Aug 2025 00:50:15 +0000
ROA not after:            Fri 19 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2606:f40:fffe::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:b8:84:00:68:1f:c0:7e:4b:37:b4:93:a1:5d:e2:83:94:6d:93:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: Aug 15 00:50:15 2025 GMT
            Not After : Sep 19 23:59:59 2025 GMT
        Subject: serialNumber=6d0dc98910f119d79e28f50fa8852a8313a77507c0b40e846f8ed6802ccd2f9e, CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:db:a9:84:a7:ec:f2:66:c8:ca:45:f8:76:95:
                    fa:63:60:ec:ec:8e:2e:70:ed:68:73:69:8a:1a:5c:
                    bb:46:a0:fc:c9:74:c2:3d:7c:05:27:91:31:e3:02:
                    8b:80:d7:94:1c:63:01:57:c4:b2:7b:d9:b6:41:cc:
                    9e:33:43:fe:80:bf:a1:21:8b:b0:c1:c6:8b:ed:bb:
                    3c:9f:de:c0:e1:fc:d7:06:bc:54:f4:e6:1c:b9:21:
                    c8:bc:51:09:31:87:a4:25:7c:ab:a0:e8:f9:a0:62:
                    19:65:3a:9b:fa:14:ca:5f:14:87:ea:df:86:e5:78:
                    f1:da:70:39:12:48:d9:58:2c:5d:51:94:8d:b3:e9:
                    23:5f:20:cc:db:0f:df:20:76:b4:e6:83:b8:17:23:
                    b3:ed:bf:20:01:87:95:d1:16:a1:28:a4:99:8b:8b:
                    db:df:38:c8:27:a0:ef:18:9f:9f:e3:be:82:9b:00:
                    81:1a:25:17:ac:d4:2e:30:29:01:15:93:e5:65:4f:
                    bd:de:0c:5e:b7:7c:9f:e3:73:ce:79:01:41:85:95:
                    bc:89:cf:2a:4e:4d:dc:79:3b:43:3a:d2:a0:61:a0:
                    96:19:1e:9a:6a:40:07:8a:09:96:7e:30:8b:ed:5f:
                    40:6e:76:7d:7d:89:7e:8b:86:96:66:e4:ab:dc:48:
                    be:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:77:BC:D6:79:0B:A1:2C:9D:34:71:8C:37:CD:F4:41:50:C2:A6:D2
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/943694fe-e278-4d76-b786-7df26f151dd9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40:fffe::/48

    Signature Algorithm: sha256WithRSAEncryption
         ce:ec:6c:f0:c2:2c:a9:34:b7:0b:84:b2:8e:0c:84:f3:ff:3e:
         ba:5f:d2:76:4d:0d:1b:38:93:79:ae:66:b2:d3:5b:2c:f0:dd:
         50:30:d8:43:e5:13:44:da:0c:ca:01:a5:40:dd:32:3f:8e:44:
         53:66:c2:4d:ae:0b:eb:97:a2:68:22:8f:93:7a:9a:8f:f2:b4:
         5c:14:cc:d0:96:f7:6a:8d:3b:67:2f:a0:28:88:5f:d6:bb:c8:
         8d:57:2e:c4:de:57:66:5a:72:41:3d:a8:fe:54:f4:44:19:85:
         01:09:89:03:e9:a0:e8:ed:8c:cf:ed:43:9b:c4:94:30:37:b8:
         c4:c1:43:20:04:8f:be:82:1e:2e:59:80:33:8d:47:76:24:65:
         5f:a4:4c:91:06:e5:db:90:46:99:c3:92:9a:6a:7a:39:b6:7c:
         86:fc:ed:6b:29:17:af:21:3b:46:0d:d3:10:3e:2e:8e:c9:e0:
         63:48:05:f4:77:7e:27:ec:93:34:b9:eb:2b:78:72:e5:4c:d0:
         3a:ea:9b:dd:9a:74:f9:0f:4a:30:f1:c8:29:9a:df:b2:92:09:
         f0:62:9c:6f:2f:bd:f6:a6:48:89:0b:ce:b9:0b:f9:65:0e:f2:
         d9:11:db:d1:23:ce:8b:4e:94:86:ea:fe:9b:3d:cb:10:f7:5d:
         f4:76:22:cb
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUdriEAGgfwH5LN7SToV3ig5Rtkw0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjUwODE1MDA1MDE1WhcNMjUwOTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0A2ZDBkYzk4OTEwZjExOWQ3OWUyOGY1MGZhODg1MmE4MzEz
YTc3NTA3YzBiNDBlODQ2ZjhlZDY4MDJjY2QyZjllMS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCJ26mEp+zyZsjKRfh2lfpjYOzsji5w7WhzaYoaXLtGoPzJ
dMI9fAUnkTHjAouA15QcYwFXxLJ72bZBzJ4zQ/6Av6Ehi7DBxovtuzyf3sDh/NcG
vFT05hy5Ici8UQkxh6QlfKug6PmgYhllOpv6FMpfFIfq34blePHacDkSSNlYLF1R
lI2z6SNfIMzbD98gdrTmg7gXI7PtvyABh5XRFqEopJmLi9vfOMgnoO8Yn5/jvoKb
AIEaJRes1C4wKQEVk+VlT73eDF63fJ/jc855AUGFlbyJzypOTdx5O0M60qBhoJYZ
HppqQAeKCZZ+MIvtX0Budn19iX6LhpZm5KvcSL5dAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQULXe81nkLoSydNHGMN830QVDCptIwHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjLzk0MzY5NGZlLWUyNzgtNGQ3Ni1iNzg2LTdkZjI2ZjE1MWRkOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBg9A//4wDQYJKoZIhvcNAQELBQADggEBAM7sbPDCLKk0twuEso4MhPP/
Prpf0nZNDRs4k3muZrLTWyzw3VAw2EPlE0TaDMoBpUDdMj+ORFNmwk2uC+uXomgi
j5N6mo/ytFwUzNCW92qNO2cvoCiIX9a7yI1XLsTeV2ZackE9qP5U9EQZhQEJiQPp
oOjtjM/tQ5vElDA3uMTBQyAEj76CHi5ZgDONR3YkZV+kTJEG5duQRpnDkppqejm2
fIb87WspF68hO0YN0xA+Lo7J4GNIBfR3fifskzS56yt4cuVM0Drqm92adPkPSjDx
yCma37KSCfBinG8vvfamSIkLzrkL+WUO8tkR29EjzotOlIbq/ps9yxD3XfR2Iss=
-----END CERTIFICATE-----