Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/1ad26571-c674-4a73-b205-77cb32fe83bd.roa
File:                     1ad26571-c674-4a73-b205-77cb32fe83bd.roa (raw, json)
Hash identifier:          fwaZL+VT5YtJm4hIJHAX4zf/USNke/pPLmHpUl35Q2U=
Subject key identifier:   5E:9A:DF:52:51:28:D9:02:52:E9:26:FF:82:10:89:54:EF:72:DE:09
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       2E91ED72113ED6BCD8E7FA64A56EBDA2460B5B7E
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/1ad26571-c674-4a73-b205-77cb32fe83bd.roa
Signing time:             Mon 16 Jun 2025 19:21:08 +0000
ROA not before:           Mon 16 Jun 2025 19:21:08 +0000
ROA not after:            Mon 21 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:10::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 07 Jul 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:91:ed:72:11:3e:d6:bc:d8:e7:fa:64:a5:6e:bd:a2:46:0b:5b:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jun 16 19:21:08 2025 GMT
            Not After : Jul 21 23:59:59 2025 GMT
        Subject: serialNumber=ac76de4472262e6fedd6036db4e1cf7250b2f7a33b75f919c44421500938e5d0, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:df:b4:b5:7d:13:d0:62:23:7e:ae:96:f6:d9:
                    3f:16:c8:48:45:31:54:37:00:fd:96:7c:13:4c:f5:
                    b8:ae:d3:ff:5c:a6:8b:e6:ec:69:5e:bf:9d:13:02:
                    53:ac:b7:c8:ab:22:96:24:e9:0e:b0:2e:92:e1:2b:
                    27:3d:84:97:39:ec:12:a9:89:7c:d0:d3:96:45:a2:
                    e9:83:d1:49:50:f8:d0:31:75:15:a5:bc:5e:7b:b8:
                    9d:ac:d3:ec:75:fb:0a:87:d9:6c:0f:29:c6:69:46:
                    e8:62:7d:c5:00:ca:f5:66:ff:05:d0:6b:b4:b6:6a:
                    fd:60:79:8f:93:04:9d:50:9f:e8:6d:c5:cf:34:fb:
                    b5:cb:53:0d:9f:81:b9:fb:24:a3:20:32:c4:91:8e:
                    6b:b7:9c:6e:5a:0a:40:cf:c4:8c:0d:dd:4f:1a:e4:
                    a8:70:59:c1:7e:b9:30:91:f7:c6:fc:ca:83:3d:56:
                    11:ec:7c:30:20:d0:ba:87:57:8b:cc:03:60:6a:15:
                    e6:d6:60:cd:74:ad:62:f3:93:31:6e:07:59:79:c3:
                    b7:c8:78:fe:2d:cc:74:88:87:04:3a:72:9d:85:da:
                    2a:b9:c5:ef:30:28:51:23:4b:60:c4:19:c8:44:ca:
                    98:95:31:58:7e:80:7c:8b:f8:05:c7:19:2f:a1:39:
                    08:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:9A:DF:52:51:28:D9:02:52:E9:26:FF:82:10:89:54:EF:72:DE:09
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/1ad26571-c674-4a73-b205-77cb32fe83bd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:10::/48

    Signature Algorithm: sha256WithRSAEncryption
         15:50:de:29:26:e3:ad:9d:c2:27:63:c0:70:2c:99:da:f4:0d:
         2a:c7:ee:43:78:37:f6:50:81:0d:5e:c4:b1:c2:21:8c:f5:07:
         bd:0a:6d:a1:a3:7d:5a:21:48:e5:11:a8:b6:5c:89:6b:3f:0b:
         41:fe:4f:45:fa:2d:ef:3a:07:59:7c:10:01:cc:ed:5b:4c:92:
         8d:6d:fd:28:7c:33:99:82:c2:cb:16:15:5c:08:6f:96:a2:e1:
         99:77:d5:f4:b0:c8:ce:4e:86:70:f7:cc:55:79:d0:51:6d:50:
         95:30:ed:b9:b8:18:dd:66:0e:fa:4e:22:e8:74:2e:1a:ee:d3:
         e8:df:b4:e9:07:86:7e:79:a0:1d:bc:c9:15:5d:a4:be:9e:48:
         e6:06:26:3c:db:44:64:2e:88:2c:89:c6:96:3e:24:8e:66:db:
         9e:34:f7:44:fd:9e:ea:a4:ed:15:74:62:b1:f8:71:91:1c:fc:
         ca:03:46:8c:38:cd:e8:e9:bb:8f:82:88:56:65:f4:07:5d:9a:
         32:c7:70:5c:e6:d1:2d:55:1e:6d:ff:d6:46:69:ac:e6:30:76:
         c7:f6:ae:69:27:d4:e7:db:21:4c:53:04:54:53:c6:c0:be:50:
         4e:35:5f:26:5d:c9:b7:38:ba:64:cf:3a:e2:16:37:ad:cd:23:
         3c:ba:8b:20
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIULpHtchE+1rzY5/pkpW69okYLW34wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNjE2MTkyMTA4WhcNMjUwNzIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BhYzc2ZGU0NDcyMjYyZTZmZWRkNjAzNmRiNGUxY2Y3MjUw
YjJmN2EzM2I3NWY5MTljNDQ0MjE1MDA5MzhlNWQwMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCm37S1fRPQYiN+rpb22T8WyEhFMVQ3AP2WfBNM9biu0/9c
povm7Glev50TAlOst8irIpYk6Q6wLpLhKyc9hJc57BKpiXzQ05ZFoumD0UlQ+NAx
dRWlvF57uJ2s0+x1+wqH2WwPKcZpRuhifcUAyvVm/wXQa7S2av1geY+TBJ1Qn+ht
xc80+7XLUw2fgbn7JKMgMsSRjmu3nG5aCkDPxIwN3U8a5KhwWcF+uTCR98b8yoM9
VhHsfDAg0LqHV4vMA2BqFebWYM10rWLzkzFuB1l5w7fIeP4tzHSIhwQ6cp2F2iq5
xe8wKFEjS2DEGchEypiVMVh+gHyL+AXHGS+hOQiBAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUXprfUlEo2QJS6Sb/ghCJVO9y3gkwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzFhZDI2NTcxLWM2NzQtNGE3My1iMjA1LTc3Y2IzMmZlODNiZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwABAwDQYJKoZIhvcNAQELBQADggEBABVQ3ikm462dwidjwHAsmdr0
DSrH7kN4N/ZQgQ1exLHCIYz1B70KbaGjfVohSOURqLZciWs/C0H+T0X6Le86B1l8
EAHM7VtMko1t/Sh8M5mCwssWFVwIb5ai4Zl31fSwyM5OhnD3zFV50FFtUJUw7bm4
GN1mDvpOIuh0Lhru0+jftOkHhn55oB28yRVdpL6eSOYGJjzbRGQuiCyJxpY+JI5m
254090T9nuqk7RV0YrH4cZEc/MoDRow4zejpu4+CiFZl9AddmjLHcFzm0S1VHm3/
1kZprOYwdsf2rmkn1OfbIUxTBFRTxsC+UE41XyZdybc4umTPOuIWN63NIzy6iyA=
-----END CERTIFICATE-----
Generated at Sun Jul 6 04:25:58 2025 by rpki-client