Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5ae357e1-ef95-4f5f-a6c3-8ad4f4fa3014.roa
File:                     5ae357e1-ef95-4f5f-a6c3-8ad4f4fa3014.roa (raw, json)
Hash identifier:          CHM9fPNBsKcqWCm4OJVD/FfVj/82zNRu8kAVUZrr1io=
Subject key identifier:   44:36:FB:5D:65:6C:C4:6F:F1:0D:77:77:8B:50:07:D7:97:89:CC:08
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       0C5C22AD209B3E618ACB3E90FA255BD558C38A23
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5ae357e1-ef95-4f5f-a6c3-8ad4f4fa3014.roa
Signing time:             Tue 20 May 2025 18:00:14 +0000
ROA not before:           Tue 20 May 2025 18:00:14 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:551a::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 10 Jun 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:5c:22:ad:20:9b:3e:61:8a:cb:3e:90:fa:25:5b:d5:58:c3:8a:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: May 20 18:00:14 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=f8a185a5356b103e3f0eff66712d9faca815c4f1c8f833dd0df7deccc1b815c7, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:eb:21:41:5b:32:d0:ab:c4:1f:0f:d2:91:68:
                    25:1e:f1:40:7a:a3:99:59:8a:00:9d:38:4d:68:ee:
                    b5:cb:d6:c4:3f:89:7d:b3:e3:86:a0:a1:77:70:b1:
                    d1:f0:35:c1:25:59:5c:fb:42:be:3d:81:89:b1:23:
                    df:55:03:78:71:08:e7:24:6e:2f:11:70:5d:2d:b1:
                    b7:a4:82:c8:0a:f3:32:39:d6:56:3f:a0:e5:81:95:
                    8b:89:57:3b:ec:39:6a:d3:7e:c5:a9:c4:9e:85:3e:
                    de:64:8b:0f:3c:3f:30:68:13:d7:43:2b:f7:19:f1:
                    ba:21:a1:90:67:fa:c4:a4:5d:5f:af:4a:d6:67:ae:
                    d0:14:6d:20:fe:db:0f:8c:3c:ba:21:ca:0b:ce:92:
                    22:0b:fd:a8:79:a2:85:93:eb:3e:6c:08:fb:b2:30:
                    fa:eb:d3:0b:8e:1b:51:c6:19:19:62:49:a2:91:fa:
                    65:e1:94:06:8a:8a:bd:18:2a:c4:9b:02:ad:a7:d6:
                    bb:43:d2:f6:9e:bf:09:e1:60:8a:37:a0:dd:81:32:
                    08:4d:74:4b:ad:ca:64:0c:64:82:63:84:f6:73:1d:
                    c4:af:4a:ea:3f:df:15:d4:47:ca:ab:63:51:3a:33:
                    76:07:31:d2:8a:ff:5e:78:a6:29:70:16:9e:df:88:
                    0d:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:36:FB:5D:65:6C:C4:6F:F1:0D:77:77:8B:50:07:D7:97:89:CC:08
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5ae357e1-ef95-4f5f-a6c3-8ad4f4fa3014.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:551a::/48

    Signature Algorithm: sha256WithRSAEncryption
         92:8b:92:a6:97:1f:b2:8f:f1:20:11:09:bd:4c:c7:1c:31:39:
         06:92:db:7b:f9:d8:2e:b9:60:b9:c7:b0:fc:2d:08:0a:96:3e:
         24:d4:b5:8f:99:3f:52:fb:6a:5a:82:48:c5:61:9c:07:1d:95:
         89:fe:3c:7a:51:18:a9:6a:5a:ab:cd:82:8f:8b:49:c8:8a:01:
         94:d5:0c:26:30:d4:1c:59:23:8f:4c:1a:16:90:c7:3b:fd:30:
         ab:e9:74:3a:35:19:ab:f6:99:e9:e2:98:1f:9a:2b:a7:3f:d2:
         80:1f:2f:95:61:4c:77:f5:85:d0:86:be:3f:46:be:37:3b:39:
         2f:d4:c8:99:0b:0d:b0:55:f6:5f:e6:a2:19:71:79:c9:bf:5d:
         fd:13:c8:52:19:a9:59:f5:3e:88:dd:75:76:5e:31:ba:a9:42:
         1a:f4:79:a7:0c:5e:43:6d:73:d7:43:c4:30:14:f6:66:24:a8:
         73:a2:5d:91:3a:6a:ca:44:a2:09:32:e0:2f:43:a2:cf:c2:2e:
         0d:b7:44:0a:a3:06:95:e6:22:e1:98:8e:20:0b:bc:95:e7:49:
         31:89:47:e1:48:90:f6:0a:ed:ee:69:fe:21:e0:e7:26:48:20:
         a7:53:db:38:ef:2a:26:68:f3:64:9d:f7:e4:cd:5e:5a:ee:48:
         68:bf:c1:f5
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUDFwirSCbPmGKyz6Q+iVb1VjDiiMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNTIwMTgwMDE0WhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BmOGExODVhNTM1NmIxMDNlM2YwZWZmNjY3MTJkOWZhY2E4
MTVjNGYxYzhmODMzZGQwZGY3ZGVjY2MxYjgxNWM3MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCF6yFBWzLQq8QfD9KRaCUe8UB6o5lZigCdOE1o7rXL1sQ/
iX2z44agoXdwsdHwNcElWVz7Qr49gYmxI99VA3hxCOckbi8RcF0tsbekgsgK8zI5
1lY/oOWBlYuJVzvsOWrTfsWpxJ6FPt5kiw88PzBoE9dDK/cZ8bohoZBn+sSkXV+v
StZnrtAUbSD+2w+MPLohygvOkiIL/ah5ooWT6z5sCPuyMPrr0wuOG1HGGRliSaKR
+mXhlAaKir0YKsSbAq2n1rtD0vaevwnhYIo3oN2BMghNdEutymQMZIJjhPZzHcSv
Suo/3xXUR8qrY1E6M3YHMdKK/154pilwFp7fiA2vAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQURDb7XWVsxG/xDXd3i1AH15eJzAgwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzVhZTM1N2UxLWVmOTUtNGY1Zi1hNmMzLThhZDRmNGZhMzAxNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVRowDQYJKoZIhvcNAQELBQADggEBAJKLkqaXH7KP8SARCb1Mxxwx
OQaS23v52C65YLnHsPwtCAqWPiTUtY+ZP1L7alqCSMVhnAcdlYn+PHpRGKlqWqvN
go+LSciKAZTVDCYw1BxZI49MGhaQxzv9MKvpdDo1Gav2menimB+aK6c/0oAfL5Vh
THf1hdCGvj9Gvjc7OS/UyJkLDbBV9l/mohlxecm/Xf0TyFIZqVn1PojddXZeMbqp
Qhr0eacMXkNtc9dDxDAU9mYkqHOiXZE6aspEogky4C9Dos/CLg23RAqjBpXmIuGY
jiALvJXnSTGJR+FIkPYK7e5p/iHg5yZIIKdT2zjvKiZo82Sd9+TNXlruSGi/wfU=
-----END CERTIFICATE-----
Generated at Mon Jun 9 10:36:46 2025 by rpki-client