Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/c518c762-ddbf-4352-b9b9-1484318adaa8.roa
File:                     c518c762-ddbf-4352-b9b9-1484318adaa8.roa (raw, json)
Hash identifier:          6aB8mCPaXqyxQGBIsaxjDGpU73XF4lSNYLKqpDAXfiI=
Subject key identifier:   5A:F1:C4:5D:0D:92:CF:BB:9E:0F:F7:1A:AA:40:92:AC:F1:E2:B3:27
Certificate issuer:       /CN=6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267
Certificate serial:       2CB86390B73FA2D3121286758535E3A1071D08A9
Authority key identifier: 6D:CA:65:D0:71:4D:7E:F2:56:90:BC:09:13:D3:54:DB:AC:89:2A:5E
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/c518c762-ddbf-4352-b9b9-1484318adaa8.roa
Signing time:             Fri 11 Jul 2025 18:20:01 +0000
ROA not before:           Fri 11 Jul 2025 18:20:01 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:c940::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/5d7wm5lPjPYLrYyQKcAGV3ULImc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/5d7wm5lPjPYLrYyQKcAGV3ULImc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/7276b2fa-548d-4970-8314-8d73945c34d8.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/7276b2fa-548d-4970-8314-8d73945c34d8.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/746e0111-fafb-430f-b778-d204cfcd99a8.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/746e0111-fafb-430f-b778-d204cfcd99a8.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:b8:63:90:b7:3f:a2:d3:12:12:86:75:85:35:e3:a1:07:1d:08:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267
        Validity
            Not Before: Jul 11 18:20:01 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=ac21a5168839c0a7efae6f1394b24e5678f12ff9281d77b9545ad74f24b4b049, CN=15f1683a-c0c2-4266-9a96-ecf9eba3239c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:e4:f9:ba:8d:aa:1a:9c:62:01:17:a5:d9:62:
                    0a:32:2b:a2:12:5d:4b:32:11:09:d7:cc:e7:d5:6e:
                    80:44:eb:ba:38:94:34:3d:4d:34:8d:b4:fd:56:f8:
                    68:e9:bf:7f:05:1e:0e:30:5e:94:4a:88:0a:f2:9a:
                    63:1a:2c:b2:b4:83:7a:1f:b6:2d:68:11:ae:02:30:
                    2b:ae:20:b7:74:b1:ef:07:b0:e7:fd:d6:ff:f7:9f:
                    59:f7:9a:35:19:aa:2a:96:a7:7e:45:69:75:1b:72:
                    75:5a:ad:46:45:07:03:1d:db:4f:0a:74:e7:82:77:
                    64:e0:15:25:ac:c7:b2:16:5d:bf:43:94:2c:ba:59:
                    e0:32:2f:c8:75:c9:3c:66:72:11:3f:49:7d:d1:93:
                    77:fd:3b:f2:e2:e1:1c:f3:25:94:a1:40:13:7f:fe:
                    fc:c5:f3:fa:9f:1b:59:3b:1e:48:7c:7c:46:10:df:
                    76:11:32:66:24:e5:b9:7d:6b:aa:85:6a:8f:d7:37:
                    64:2b:4e:b3:72:d9:b4:87:19:35:16:28:90:d9:2b:
                    76:ce:11:ff:65:09:a8:3b:15:34:99:f7:6b:ec:da:
                    55:c1:75:2a:32:23:60:05:07:16:75:be:49:86:be:
                    b7:26:81:ad:5a:da:4f:e9:8b:19:02:ed:f1:75:08:
                    67:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:F1:C4:5D:0D:92:CF:BB:9E:0F:F7:1A:AA:40:92:AC:F1:E2:B3:27
            X509v3 Authority Key Identifier:
                keyid:6D:CA:65:D0:71:4D:7E:F2:56:90:BC:09:13:D3:54:DB:AC:89:2A:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/c518c762-ddbf-4352-b9b9-1484318adaa8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/5d7wm5lPjPYLrYyQKcAGV3ULImc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:c940::/32

    Signature Algorithm: sha256WithRSAEncryption
         ba:a4:8b:0e:d3:07:4d:6f:fe:d5:67:c2:9c:6d:c1:78:30:81:
         f2:d7:5e:03:43:cf:e0:3c:31:08:7b:3b:df:b9:fb:11:63:3f:
         33:3f:c5:ba:a3:e7:52:e5:79:61:4d:46:76:64:a2:8f:9b:8f:
         2a:a3:2a:d0:88:f3:ca:94:a0:d1:c0:18:ee:de:72:67:cd:22:
         18:85:52:d5:0f:9e:60:83:3b:33:c4:dc:81:a2:24:ba:4c:90:
         a4:9b:ba:cf:ce:f3:a9:cb:dc:fe:04:6d:4e:a5:b5:e5:e8:44:
         00:08:26:68:e8:c2:db:71:ad:bb:b3:3d:c9:80:37:a3:d9:d2:
         93:9f:e8:f9:57:35:40:e5:fc:ad:31:52:2f:0c:b6:8e:8f:d1:
         15:31:10:ea:2a:00:37:35:71:f0:37:33:89:99:0c:23:f4:23:
         56:61:56:89:57:ef:08:66:4c:07:e0:b6:6a:e4:dd:ba:99:ab:
         5e:22:93:ec:2f:11:5b:fb:6b:e1:5c:53:5a:85:66:12:08:8b:
         8c:c7:94:a2:5c:8d:1b:33:e3:8f:02:c3:8a:dc:3d:68:c5:b0:
         f1:50:21:e5:db:8f:dd:92:82:68:fb:34:5e:52:57:c2:cb:27:
         c6:03:8b:0e:d7:bf:67:b7:e1:d0:d1:bd:57:41:67:35:62:7a:
         93:20:f4:8c
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIULLhjkLc/otMSEoZ1hTXjoQcdCKkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmY5Yjk4NWIwZmU1ZGVmMDliOTk0ZjhjZjYwYmFkOGM5
MDI5YzAwNjU3NzUwYjIyNjcwHhcNMjUwNzExMTgyMDAxWhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYzIxYTUxNjg4MzljMGE3ZWZhZTZmMTM5NGIyNGU1Njc4
ZjEyZmY5MjgxZDc3Yjk1NDVhZDc0ZjI0YjRiMDQ5MS0wKwYDVQQDEyQxNWYxNjgz
YS1jMGMyLTQyNjYtOWE5Ni1lY2Y5ZWJhMzIzOWMwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDV5Pm6jaoanGIBF6XZYgoyK6ISXUsyEQnXzOfVboBE67o4
lDQ9TTSNtP1W+Gjpv38FHg4wXpRKiArymmMaLLK0g3ofti1oEa4CMCuuILd0se8H
sOf91v/3n1n3mjUZqiqWp35FaXUbcnVarUZFBwMd208KdOeCd2TgFSWsx7IWXb9D
lCy6WeAyL8h1yTxmchE/SX3Rk3f9O/Li4RzzJZShQBN//vzF8/qfG1k7Hkh8fEYQ
33YRMmYk5bl9a6qFao/XN2QrTrNy2bSHGTUWKJDZK3bOEf9lCag7FTSZ92vs2lXB
dSoyI2AFBxZ1vkmGvrcmga1a2k/pixkC7fF1CGdlAgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQUWvHEXQ2Sz7ueD/caqkCSrPHisycwHwYDVR0jBBgwFoAUbcpl0HFNfvJW
kLwJE9NU26yJKl4wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC83Mjc2YjJmYS01
NDhkLTQ5NzAtODMxNC04ZDczOTQ1YzM0ZDgvNmY5Yjk4NWIwZmU1ZGVmMDliOTk0
ZjhjZjYwYmFkOGM5MDI5YzAwNjU3NzUwYjIyNjcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjNmNmI2ODgtY2ZmNC00MDJmLTk3ZDUtMDJm
NmYxODg2YjdlL2M1MThjNzYyLWRkYmYtNDM1Mi1iOWI5LTE0ODQzMThhZGFhOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2IzZjZiNjg4LWNmZjQtNDAyZi05N2Q1
LTAyZjZmMTg4NmI3ZS81ZDd3bTVsUGpQWUxyWXlRS2NBR1YzVUxJbWMuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAmBclAMA0GCSqGSIb3DQEBCwUAA4IBAQC6pIsO0wdNb/7VZ8KcbcF4MIHy
114DQ8/gPDEIezvfufsRYz8zP8W6o+dS5XlhTUZ2ZKKPm48qoyrQiPPKlKDRwBju
3nJnzSIYhVLVD55ggzszxNyBoiS6TJCkm7rPzvOpy9z+BG1OpbXl6EQACCZo6MLb
ca27sz3JgDej2dKTn+j5VzVA5fytMVIvDLaOj9EVMRDqKgA3NXHwNzOJmQwj9CNW
YVaJV+8IZkwH4LZq5N26mateIpPsLxFb+2vhXFNahWYSCIuMx5SiXI0bM+OPAsOK
3D1oxbDxUCHl24/dkoJo+zReUlfCyyfGA4sO179nt+HQ0b1XQWc1YnqTIPSM
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:56:21 2025 by rpki-client