Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/3d4602c0-9599-4325-ba8d-dc8b19c6c24f.roa
File:                     3d4602c0-9599-4325-ba8d-dc8b19c6c24f.roa (raw, json)
Hash identifier:          Ut34nIxnqEmqbazi48sUkO5frxcPG0hjDZTT/fMakdY=
Subject key identifier:   01:B8:73:AB:1A:9C:74:98:0C:FA:1E:22:B9:2B:46:52:25:52:85:A8
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       580DCF726F57676152321769DBBE07263223AB82
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/3d4602c0-9599-4325-ba8d-dc8b19c6c24f.roa
Signing time:             Mon 06 Oct 2025 17:37:42 +0000
ROA not before:           Mon 06 Oct 2025 17:37:42 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:610b::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:0d:cf:72:6f:57:67:61:52:32:17:69:db:be:07:26:32:23:ab:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Oct  6 17:37:42 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=29a6b83c33f84aa2b8d34941582769306fc5ae917be0a5d037c62719a4632e72, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:32:6d:ef:14:10:f8:6a:85:9b:b0:87:a7:30:
                    95:c6:93:56:a0:c7:ec:d2:59:5a:32:b9:a6:5a:f6:
                    dc:51:2b:e6:7e:50:49:45:b5:d7:e1:61:81:51:20:
                    79:50:d4:36:76:f8:b2:95:db:53:67:7a:95:98:52:
                    b0:90:95:a6:de:68:c6:14:75:c8:1c:8a:38:f6:36:
                    f2:6a:7c:85:b8:5b:d7:77:e4:82:e7:4c:e6:d1:a7:
                    37:0c:ba:29:62:99:a2:8f:7d:5f:e1:e7:9d:fc:b7:
                    d4:06:11:40:00:ef:20:36:4e:f4:c3:10:ae:df:10:
                    8c:41:ca:0b:60:7c:39:a7:46:52:67:91:5e:d2:81:
                    74:ea:c5:ab:bf:80:5e:d8:d3:3f:ff:ea:c4:af:86:
                    77:48:cc:a8:bc:53:75:19:ea:63:58:b0:92:32:ad:
                    90:69:a4:8c:1f:62:62:c2:f7:be:86:cd:9e:6c:d3:
                    f6:94:e2:a2:a2:63:d7:ef:34:c0:64:19:e2:79:af:
                    70:20:09:c0:07:0d:10:b8:a7:62:d9:1e:f9:11:88:
                    5e:90:3c:e9:84:75:76:9a:e7:b2:bf:77:86:11:f5:
                    32:c3:e2:50:3f:56:1a:2c:22:07:30:7c:02:2c:87:
                    72:04:15:64:17:9f:c9:7e:2d:e2:74:d3:b6:59:c5:
                    ea:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:B8:73:AB:1A:9C:74:98:0C:FA:1E:22:B9:2B:46:52:25:52:85:A8
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/3d4602c0-9599-4325-ba8d-dc8b19c6c24f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:610b::/48

    Signature Algorithm: sha256WithRSAEncryption
         01:b8:a9:9d:90:4c:48:af:2f:ef:f1:9d:60:d9:5d:84:35:8c:
         19:5f:fe:3f:22:4b:d2:20:eb:8a:68:34:5c:40:ac:c3:ec:0e:
         5a:f1:c8:78:1a:db:20:fb:83:86:2e:02:da:1a:b9:65:88:3a:
         73:51:9c:5f:65:88:88:8c:ab:56:a9:8c:e2:29:e3:3e:5d:d0:
         88:db:f9:45:8c:18:90:25:11:b3:77:7f:dc:81:48:ab:b7:15:
         30:d0:79:1e:42:ac:ce:54:35:73:b1:72:9e:4d:5b:e4:62:a2:
         c7:6c:f3:47:cb:4f:e6:24:3d:7e:58:c9:e3:25:0d:d5:72:c3:
         48:42:07:c3:65:5c:ce:0c:7d:95:92:10:ce:cc:81:80:dd:49:
         0a:5f:ec:66:1e:d5:57:99:80:54:dc:cb:4d:8c:87:79:8f:7d:
         30:af:f2:fb:08:3c:45:ed:73:50:fe:c0:f2:fb:e6:61:3a:8e:
         08:e3:ee:4a:37:b5:e0:be:c0:ef:59:0a:17:81:4b:6b:1e:1a:
         f9:eb:bb:ee:1f:d4:68:71:52:5d:da:ef:6f:97:88:f2:9f:2a:
         8d:d8:44:b4:70:54:71:11:2b:58:78:59:0c:48:05:ab:66:3a:
         02:35:28:82:65:4b:f1:08:43:35:eb:7f:ed:10:ff:72:a0:2c:
         04:5d:9d:cb
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUWA3Pcm9XZ2FSMhdp274HJjIjq4IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDA2MTczNzQyWhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AyOWE2YjgzYzMzZjg0YWEyYjhkMzQ5NDE1ODI3NjkzMDZm
YzVhZTkxN2JlMGE1ZDAzN2M2MjcxOWE0NjMyZTcyMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDcMm3vFBD4aoWbsIenMJXGk1agx+zSWVoyuaZa9txRK+Z+
UElFtdfhYYFRIHlQ1DZ2+LKV21NnepWYUrCQlabeaMYUdcgcijj2NvJqfIW4W9d3
5ILnTObRpzcMuilimaKPfV/h5538t9QGEUAA7yA2TvTDEK7fEIxBygtgfDmnRlJn
kV7SgXTqxau/gF7Y0z//6sSvhndIzKi8U3UZ6mNYsJIyrZBppIwfYmLC976GzZ5s
0/aU4qKiY9fvNMBkGeJ5r3AgCcAHDRC4p2LZHvkRiF6QPOmEdXaa57K/d4YR9TLD
4lA/VhosIgcwfAIsh3IEFWQXn8l+LeJ007ZZxephAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUAbhzqxqcdJgM+h4iuStGUiVShagwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzNkNDYwMmMwLTk1OTktNDMyNS1iYThkLWRjOGIxOWM2YzI0Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwYQswDQYJKoZIhvcNAQELBQADggEBAAG4qZ2QTEivL+/xnWDZXYQ1
jBlf/j8iS9Ig64poNFxArMPsDlrxyHga2yD7g4YuAtoauWWIOnNRnF9liIiMq1ap
jOIp4z5d0Ijb+UWMGJAlEbN3f9yBSKu3FTDQeR5CrM5UNXOxcp5NW+Riosds80fL
T+YkPX5YyeMlDdVyw0hCB8NlXM4MfZWSEM7MgYDdSQpf7GYe1VeZgFTcy02Mh3mP
fTCv8vsIPEXtc1D+wPL75mE6jgjj7ko3teC+wO9ZCheBS2seGvnru+4f1GhxUl3a
72+XiPKfKo3YRLRwVHERK1h4WQxIBatmOgI1KIJlS/EIQzXrf+0Q/3KgLARdncs=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:53:04 2025 by rpki-client