Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/23b8e089-1979-42f1-9d4e-ed7428a25f0f.roa
File:                     23b8e089-1979-42f1-9d4e-ed7428a25f0f.roa (raw, json)
Hash identifier:          W+7ci64Z5MUTqmiw5jAtOefXEoCc6s5Urwy1PIcI3lA=
Subject key identifier:   D7:7F:76:FF:34:1A:F2:32:10:46:C8:83:5E:4F:11:5E:22:53:02:0A
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       3CCDE971D9BA881CDB2B0AB8A7EA2993A5A26A57
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/23b8e089-1979-42f1-9d4e-ed7428a25f0f.roa
Signing time:             Wed 22 Oct 2025 00:40:11 +0000
ROA not before:           Wed 22 Oct 2025 00:40:11 +0000
ROA not after:            Wed 26 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:f107::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:cd:e9:71:d9:ba:88:1c:db:2b:0a:b8:a7:ea:29:93:a5:a2:6a:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Oct 22 00:40:11 2025 GMT
            Not After : Nov 26 23:59:59 2025 GMT
        Subject: serialNumber=1dd9ba1f659532b297e9e617925b3ffa69f3db5add79b16dc89c9417a19681af, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:d6:a9:7a:5b:f0:c5:98:d9:84:2c:98:13:a3:
                    7c:64:15:f1:67:3c:cd:25:22:06:d8:6e:e0:41:48:
                    06:60:86:c5:bc:31:cf:58:6d:d3:a6:9d:5e:02:9d:
                    53:a5:14:de:e9:f9:40:2d:16:db:a6:d3:6a:dd:60:
                    77:40:e9:20:71:03:a1:64:20:64:a8:4f:3b:82:0c:
                    f7:cc:66:5b:b6:22:4d:41:f1:3d:46:fb:14:a4:f7:
                    33:1f:fb:08:73:01:5f:53:76:e7:cb:9f:3a:4c:ae:
                    e7:ec:2b:e2:a6:d2:1b:69:f6:74:80:2f:0f:e7:2b:
                    79:4a:2c:36:a0:c5:ce:e4:da:3f:35:fa:30:c8:8b:
                    5e:c3:7e:cd:8b:8c:a2:d8:a0:f0:f0:27:60:8a:18:
                    50:08:78:0b:94:3f:8f:d5:af:f3:34:bf:e3:ec:8e:
                    1b:3a:62:20:92:29:cd:a4:17:98:5d:e3:92:29:45:
                    f6:ae:be:13:6f:82:9d:fb:6d:e4:1a:68:6d:9b:f5:
                    d9:e9:bc:26:2c:27:7c:2a:a8:b5:f3:00:81:18:4d:
                    e3:e1:7c:9d:b8:7d:40:0c:c0:8f:df:33:e8:69:0e:
                    62:86:9b:3e:68:58:26:49:99:0c:bb:d4:ba:3c:04:
                    45:bb:9e:89:a5:d2:7f:ec:1d:54:b4:e2:f7:67:c2:
                    8e:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:7F:76:FF:34:1A:F2:32:10:46:C8:83:5E:4F:11:5E:22:53:02:0A
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/23b8e089-1979-42f1-9d4e-ed7428a25f0f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:f107::/48

    Signature Algorithm: sha256WithRSAEncryption
         1a:e5:5b:b1:bb:eb:03:29:c2:15:13:76:2d:e4:9b:e5:95:48:
         1f:c8:00:b9:02:d4:09:51:b6:7b:97:a8:c0:c6:b2:a3:dc:a9:
         36:54:1a:e6:12:b8:5a:8a:8a:42:c8:d9:59:6f:0b:49:b4:57:
         96:9f:d5:be:cf:be:56:20:66:1a:fc:4d:e3:4a:48:bf:8e:9e:
         47:1a:83:c7:db:99:2c:a4:5a:9d:e6:72:6e:40:af:8f:b7:1c:
         fa:8b:e6:56:e1:1d:7c:70:18:10:4f:e2:32:28:54:03:6a:e3:
         e8:8b:ee:a7:f9:e0:9a:df:2b:66:cf:e2:97:ca:f1:bc:0b:b8:
         76:7d:24:f7:bd:83:08:8c:d6:8f:fa:4d:f9:b1:f1:a4:6a:c9:
         64:cd:16:bb:47:2e:c2:5b:37:d7:1f:39:2d:c3:b0:c7:a3:2a:
         75:26:79:9f:07:62:66:05:ab:db:5c:44:2a:ae:51:f1:be:0c:
         6b:39:17:d9:4d:9e:c5:8b:ce:5d:a7:ea:c9:89:14:30:65:6d:
         cd:d9:1e:05:40:1c:99:32:d6:ad:94:52:a2:75:81:50:0f:6d:
         88:5b:29:38:c1:0c:3c:25:b1:62:1c:fc:1f:b5:80:4c:af:5b:
         72:02:39:2f:8b:03:2a:5b:f9:16:19:7c:7c:4a:f6:5c:91:84:
         5a:d3:d9:03
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUPM3pcdm6iBzbKwq4p+opk6WialcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDIyMDA0MDExWhcNMjUxMTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0AxZGQ5YmExZjY1OTUzMmIyOTdlOWU2MTc5MjViM2ZmYTY5
ZjNkYjVhZGQ3OWIxNmRjODljOTQxN2ExOTY4MWFmMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC01ql6W/DFmNmELJgTo3xkFfFnPM0lIgbYbuBBSAZghsW8
Mc9YbdOmnV4CnVOlFN7p+UAtFtum02rdYHdA6SBxA6FkIGSoTzuCDPfMZlu2Ik1B
8T1G+xSk9zMf+whzAV9TdufLnzpMrufsK+Km0htp9nSALw/nK3lKLDagxc7k2j81
+jDIi17Dfs2LjKLYoPDwJ2CKGFAIeAuUP4/Vr/M0v+Psjhs6YiCSKc2kF5hd45Ip
RfauvhNvgp37beQaaG2b9dnpvCYsJ3wqqLXzAIEYTePhfJ24fUAMwI/fM+hpDmKG
mz5oWCZJmQy71Lo8BEW7noml0n/sHVS04vdnwo5tAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU1392/zQa8jIQRsiDXk8RXiJTAgowHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzIzYjhlMDg5LTE5NzktNDJmMS05ZDRlLWVkNzQyOGEyNWYwZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPD78QcwDQYJKoZIhvcNAQELBQADggEBABrlW7G76wMpwhUTdi3km+WV
SB/IALkC1AlRtnuXqMDGsqPcqTZUGuYSuFqKikLI2VlvC0m0V5af1b7PvlYgZhr8
TeNKSL+Onkcag8fbmSykWp3mcm5Ar4+3HPqL5lbhHXxwGBBP4jIoVANq4+iL7qf5
4JrfK2bP4pfK8bwLuHZ9JPe9gwiM1o/6Tfmx8aRqyWTNFrtHLsJbN9cfOS3DsMej
KnUmeZ8HYmYFq9tcRCquUfG+DGs5F9lNnsWLzl2n6smJFDBlbc3ZHgVAHJky1q2U
UqJ1gVAPbYhbKTjBDDwlsWIc/B+1gEyvW3ICOS+LAypb+RYZfHxK9lyRhFrT2QM=
-----END CERTIFICATE-----
Generated at Tue Nov 4 04:43:51 2025 by rpki-client