Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ca586b6c-c586-4283-8392-892b53790b90.roa
File:                     ca586b6c-c586-4283-8392-892b53790b90.roa (raw, json)
Hash identifier:          TZudgK2OTncQaFNjsg0s6EqxujzRMHUd0vl7tNmUZ+s=
Subject key identifier:   32:ED:A2:E7:74:69:63:4E:37:41:22:AE:8E:21:97:32:8A:6C:22:D3
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       6B26150A0DAB1C4D5C77C061CEFCC9FCA803A609
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ca586b6c-c586-4283-8392-892b53790b90.roa
Signing time:             Mon 29 Sep 2025 23:07:09 +0000
ROA not before:           Mon 29 Sep 2025 23:07:09 +0000
ROA not after:            Mon 03 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f1::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 10 Oct 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:26:15:0a:0d:ab:1c:4d:5c:77:c0:61:ce:fc:c9:fc:a8:03:a6:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Sep 29 23:07:09 2025 GMT
            Not After : Nov  3 23:59:59 2025 GMT
        Subject: serialNumber=1a48ba3596b27935bfbfe6e84570c58303dd7f387debb1572ccfc3a00f4fc337, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:ed:fe:80:fd:d1:ec:9c:8f:d0:56:69:05:31:
                    5d:c7:ec:2f:0a:21:1e:c7:61:b7:66:d1:6f:42:9e:
                    e7:75:b2:35:bc:6e:f4:5f:fc:0d:28:7a:dd:8c:ab:
                    af:e5:15:e5:70:d2:35:66:42:69:46:0f:a2:70:4e:
                    64:92:b4:5a:4a:fb:ed:34:e2:f3:6a:e9:66:3f:d4:
                    08:3f:71:18:06:73:f0:74:b9:53:02:0a:92:c3:ea:
                    cf:86:35:b2:b7:50:93:45:9d:98:16:ee:55:dd:de:
                    98:46:32:db:99:23:eb:bf:d1:2e:d6:f1:95:60:43:
                    52:73:7f:1b:f7:13:e5:fb:47:bc:49:70:5f:cc:a3:
                    65:0b:a2:59:47:1b:55:57:fe:39:e6:15:0d:e1:1a:
                    bf:c2:c8:c2:d4:c9:61:ea:ae:1e:e7:41:ab:82:48:
                    eb:07:97:c5:ae:7a:e2:61:29:6a:34:ee:8d:94:a5:
                    37:32:8d:28:6a:54:85:04:30:37:2e:c6:98:71:10:
                    74:2b:f0:76:a9:69:0c:93:eb:86:ac:56:df:bc:d9:
                    59:2a:e4:2b:f7:e0:77:15:87:d8:94:b2:19:5a:cd:
                    f4:ed:00:52:90:7c:a5:10:bd:8a:cf:c2:0e:ab:c0:
                    ca:59:bc:e5:e2:49:a2:07:72:cc:8c:7d:04:ce:02:
                    32:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:ED:A2:E7:74:69:63:4E:37:41:22:AE:8E:21:97:32:8A:6C:22:D3
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ca586b6c-c586-4283-8392-892b53790b90.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f1::/44

    Signature Algorithm: sha256WithRSAEncryption
         4f:80:ef:03:c0:95:77:2a:99:fe:10:21:8f:98:1a:48:89:48:
         67:c4:80:da:64:2c:05:f5:4e:1e:57:b5:60:9d:1d:fd:22:80:
         58:0d:01:db:44:70:4b:d4:9a:6b:e6:76:35:f4:93:fa:05:22:
         c0:ed:f6:e4:09:b9:d5:4d:d0:42:bf:5e:bb:f2:cf:75:b1:f8:
         e8:e8:0d:0b:70:c0:ba:1b:a8:37:f2:42:52:a7:e8:02:8e:95:
         23:b5:27:99:6f:4d:a8:1d:cb:c8:a8:ac:72:14:23:d5:0d:3f:
         08:25:6d:94:74:86:a7:fb:f8:57:2c:c7:f6:06:03:35:d8:2c:
         b8:ea:22:f9:e2:fa:9a:82:08:f9:0f:7c:a1:ad:df:7f:8b:1e:
         51:ff:b1:2b:ec:b7:25:29:d8:c8:27:e3:9e:bc:d4:90:c0:c4:
         9d:5d:a0:b8:c7:b3:85:e2:48:67:21:c2:66:a0:c3:c6:39:0c:
         5e:f0:82:6d:97:a6:16:76:e1:fe:5c:7e:36:fb:cc:bb:3d:db:
         40:7d:a7:5f:83:06:de:73:9c:d4:45:83:df:61:2a:fb:de:fd:
         71:03:ca:b7:1e:00:31:d3:61:c0:f8:45:86:94:52:95:99:fb:
         37:4a:f2:3a:61:0e:9c:13:15:9d:d3:a9:7a:b9:45:e7:79:95:
         12:b6:d9:ae
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUayYVCg2rHE1cd8BhzvzJ/KgDpgkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwOTI5MjMwNzA5WhcNMjUxMTAzMjM1OTU5
WjB6MUkwRwYDVQQFE0AxYTQ4YmEzNTk2YjI3OTM1YmZiZmU2ZTg0NTcwYzU4MzAz
ZGQ3ZjM4N2RlYmIxNTcyY2NmYzNhMDBmNGZjMzM3MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCo7f6A/dHsnI/QVmkFMV3H7C8KIR7HYbdm0W9Cnud1sjW8
bvRf/A0oet2Mq6/lFeVw0jVmQmlGD6JwTmSStFpK++004vNq6WY/1Ag/cRgGc/B0
uVMCCpLD6s+GNbK3UJNFnZgW7lXd3phGMtuZI+u/0S7W8ZVgQ1Jzfxv3E+X7R7xJ
cF/Mo2ULollHG1VX/jnmFQ3hGr/CyMLUyWHqrh7nQauCSOsHl8WueuJhKWo07o2U
pTcyjShqVIUEMDcuxphxEHQr8HapaQyT64asVt+82Vkq5Cv34HcVh9iUshlazfTt
AFKQfKUQvYrPwg6rwMpZvOXiSaIHcsyMfQTOAjK7AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUMu2i53RpY043QSKujiGXMopsItMwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2NhNTg2YjZjLWM1ODYtNDI4My04MzkyLTg5MmI1Mzc5MGI5MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmAPDxAAAwDQYJKoZIhvcNAQELBQADggEBAE+A7wPAlXcqmf4QIY+YGkiJ
SGfEgNpkLAX1Th5XtWCdHf0igFgNAdtEcEvUmmvmdjX0k/oFIsDt9uQJudVN0EK/
Xrvyz3Wx+OjoDQtwwLobqDfyQlKn6AKOlSO1J5lvTagdy8iorHIUI9UNPwglbZR0
hqf7+Fcsx/YGAzXYLLjqIvni+pqCCPkPfKGt33+LHlH/sSvstyUp2Mgn45681JDA
xJ1doLjHs4XiSGchwmagw8Y5DF7wgm2XphZ24f5cfjb7zLs920B9p1+DBt5znNRF
g99hKvve/XEDyrceADHTYcD4RYaUUpWZ+zdK8jphDpwTFZ3TqXq5Red5lRK22a4=
-----END CERTIFICATE-----
Generated at Wed Oct 8 19:39:52 2025 by rpki-client