Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/9be00ba3-e666-4bc8-b24b-2042e8474186.roa
File:                     9be00ba3-e666-4bc8-b24b-2042e8474186.roa (raw, json)
Hash identifier:          i6eVqq1jNDZOmF4apdf3GvdsjCGv6grc+NlYtQn5Ies=
Subject key identifier:   78:F6:D3:AC:B9:FB:4E:38:DD:32:02:06:22:17:DA:1A:96:B7:C9:45
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       7AD8E46435024DB123BE611CF65D6F9F512E7FC2
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/9be00ba3-e666-4bc8-b24b-2042e8474186.roa
Signing time:             Fri 31 Oct 2025 06:07:07 +0000
ROA not before:           Fri 31 Oct 2025 06:07:07 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:3760::/45 maxlen: 45
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 19 Nov 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:d8:e4:64:35:02:4d:b1:23:be:61:1c:f6:5d:6f:9f:51:2e:7f:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Oct 31 06:07:07 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=ab4c8c400e7ce476d793393b17c4f531aa40f0d8f637d39de0505366afc2ed70, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:d7:40:0f:ef:14:fc:a0:ef:06:27:74:62:49:
                    0b:59:79:24:4c:bf:68:9c:da:e4:36:07:03:4e:d3:
                    89:9a:e2:c0:d3:b4:c5:8a:7a:ce:35:ca:b9:f8:59:
                    68:e6:2d:b8:4e:16:c9:6a:46:7d:f9:53:3a:15:c2:
                    b4:a6:8a:8c:80:16:9b:bf:e8:cc:82:5b:1b:c3:d6:
                    04:0b:e5:a7:3e:d8:c5:c5:1b:3a:61:14:0c:f0:e1:
                    fc:b3:90:1e:6d:35:b7:07:e2:03:02:fd:b5:43:0d:
                    7d:f3:98:6b:f4:eb:9f:72:4d:d4:2d:72:86:25:8a:
                    11:7a:37:0b:ce:d0:61:c7:ff:9f:fd:1a:2e:c8:eb:
                    6a:ae:52:c1:fc:d4:8c:82:b9:d0:aa:83:21:eb:db:
                    f5:cf:34:d8:f1:c7:c3:ec:a8:da:b8:fa:d6:67:0c:
                    45:ba:40:22:2e:b4:9e:dc:be:ea:37:fe:91:c5:8a:
                    98:c6:6b:5e:d6:61:fb:f6:14:57:b6:e5:43:36:53:
                    90:5a:e6:21:c4:00:f6:a3:16:2e:7e:80:3f:c3:5a:
                    1b:fa:9d:a4:23:74:30:7d:3d:23:c8:57:fc:28:8a:
                    75:b7:cd:86:9a:a5:b1:14:e9:35:97:61:27:4c:29:
                    b0:72:ac:be:dd:19:c4:6b:87:b4:88:c4:cd:ad:52:
                    fb:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:F6:D3:AC:B9:FB:4E:38:DD:32:02:06:22:17:DA:1A:96:B7:C9:45
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/9be00ba3-e666-4bc8-b24b-2042e8474186.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:3760::/45

    Signature Algorithm: sha256WithRSAEncryption
         9b:87:cb:81:c4:0e:7d:c3:c1:26:e2:95:c7:9b:0b:db:b0:37:
         71:72:aa:6c:8f:97:63:61:d4:89:91:58:42:e2:9f:3f:89:ae:
         d6:ec:ab:ac:66:e1:bc:0e:e1:75:e4:9b:62:14:d2:7d:47:d0:
         57:92:b6:d8:03:ea:5c:7b:bb:95:df:c2:a0:7e:56:c1:bf:df:
         98:b3:28:f1:b0:62:c0:e5:6d:21:a8:bc:1a:43:62:a1:b8:13:
         74:19:24:0f:41:d4:44:64:d0:9d:96:77:b1:1a:54:9d:31:08:
         a6:dc:9f:6f:ed:f8:73:c4:d8:ac:3e:46:bc:33:ca:b5:50:67:
         fb:00:b9:b3:98:ef:39:a9:d7:8c:e3:d2:41:6e:60:c0:d0:5a:
         d6:b7:35:e8:9d:25:04:ec:2e:25:4a:b6:a5:0e:b9:e1:da:3b:
         90:82:9b:a7:63:70:23:38:7e:38:73:b6:87:6c:5e:d8:f8:cc:
         17:a8:b1:79:21:81:c8:8e:8e:98:d5:f3:b5:ce:52:e5:ca:9d:
         72:f8:f0:4c:17:0f:bd:7d:2c:8f:d0:cc:01:af:3b:ad:f9:d8:
         a5:1a:c5:a5:44:b1:58:30:61:31:e2:8d:4b:27:55:d5:33:ff:
         84:26:0c:93:f7:80:74:9a:9a:68:ba:5d:76:8c:cb:ff:08:a9:
         31:c2:5e:e5
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUetjkZDUCTbEjvmEc9l1vn1Euf8IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjUxMDMxMDYwNzA3WhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYjRjOGM0MDBlN2NlNDc2ZDc5MzM5M2IxN2M0ZjUzMWFh
NDBmMGQ4ZjYzN2QzOWRlMDUwNTM2NmFmYzJlZDcwMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDF10AP7xT8oO8GJ3RiSQtZeSRMv2ic2uQ2BwNO04ma4sDT
tMWKes41yrn4WWjmLbhOFslqRn35UzoVwrSmioyAFpu/6MyCWxvD1gQL5ac+2MXF
GzphFAzw4fyzkB5tNbcH4gMC/bVDDX3zmGv0659yTdQtcoYlihF6NwvO0GHH/5/9
Gi7I62quUsH81IyCudCqgyHr2/XPNNjxx8PsqNq4+tZnDEW6QCIutJ7cvuo3/pHF
ipjGa17WYfv2FFe25UM2U5Ba5iHEAPajFi5+gD/DWhv6naQjdDB9PSPIV/woinW3
zYaapbEU6TWXYSdMKbByrL7dGcRrh7SIxM2tUvtPAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUePbTrLn7TjjdMgIGIhfaGpa3yUUwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzliZTAwYmEzLWU2NjYtNGJjOC1iMjRiLTIwNDJlODQ3NDE4Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwMmAJAAN2AwDQYJKoZIhvcNAQELBQADggEBAJuHy4HEDn3DwSbilcebC9uw
N3FyqmyPl2Nh1ImRWELinz+Jrtbsq6xm4bwO4XXkm2IU0n1H0FeSttgD6lx7u5Xf
wqB+VsG/35izKPGwYsDlbSGovBpDYqG4E3QZJA9B1ERk0J2Wd7EaVJ0xCKbcn2/t
+HPE2Kw+RrwzyrVQZ/sAubOY7zmp14zj0kFuYMDQWta3NeidJQTsLiVKtqUOueHa
O5CCm6djcCM4fjhztodsXtj4zBeosXkhgciOjpjV87XOUuXKnXL48EwXD719LI/Q
zAGvO6352KUaxaVEsVgwYTHijUsnVdUz/4QmDJP3gHSammi6XXaMy/8IqTHCXuU=
-----END CERTIFICATE-----
Generated at Tue Nov 18 08:24:45 2025 by rpki-client