Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/71593b3e-c097-4475-95c0-8a064df47fc0.roa
File:                     71593b3e-c097-4475-95c0-8a064df47fc0.roa (raw, json)
Hash identifier:          bJSbc+70dcyhSl7PldespjKEhQJ8Qd/G+JPiG5+xI6w=
Subject key identifier:   4C:C0:C6:03:39:E9:AD:97:45:91:86:B1:A3:62:E6:4F:EF:3C:76:8D
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       29F3B88E8397CF5B3FEEA8D8D9A185FAC3EC9FB1
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/71593b3e-c097-4475-95c0-8a064df47fc0.roa
Signing time:             Fri 15 Aug 2025 21:22:20 +0000
ROA not before:           Fri 15 Aug 2025 21:22:20 +0000
ROA not after:            Fri 19 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:6110::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 21 Aug 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:f3:b8:8e:83:97:cf:5b:3f:ee:a8:d8:d9:a1:85:fa:c3:ec:9f:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Aug 15 21:22:20 2025 GMT
            Not After : Sep 19 23:59:59 2025 GMT
        Subject: serialNumber=33f916b1639a1d1bd544e1b6763b9123d1267ca05a7ea6d79b158dfeac740fa2, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:42:c4:e7:49:2e:63:0a:9b:44:72:a6:32:c6:
                    4a:33:67:78:00:be:64:b5:32:08:22:d2:45:e6:bd:
                    24:0f:44:3c:21:af:9c:03:57:b0:4e:5f:e1:ab:8b:
                    02:7b:6f:bf:5a:3f:4d:27:55:98:ad:f7:db:ec:69:
                    77:76:a7:db:c0:b6:de:cf:dd:b6:8e:53:bc:4a:5e:
                    9c:15:46:63:4c:2a:17:b5:ce:91:35:66:42:c5:1f:
                    e8:5d:1d:ec:17:94:f5:c2:b6:fe:90:9a:94:cd:bd:
                    18:53:2b:6f:70:d2:8a:26:9c:f4:b5:f8:89:d8:c6:
                    63:88:56:ee:91:0d:29:be:ff:ef:1c:e2:0c:8e:36:
                    dc:1c:a3:a8:cd:37:21:9b:c6:b6:32:55:57:77:f7:
                    0a:55:fc:77:51:2e:f3:1a:c8:bd:0f:32:ba:18:fe:
                    7d:f2:31:5f:eb:81:00:00:1d:42:66:98:eb:11:fd:
                    7c:91:02:69:f9:7c:14:f9:1c:fa:24:4f:c6:77:ae:
                    07:97:32:42:2c:e6:bf:ba:4d:27:90:de:02:85:db:
                    1e:50:66:c1:d5:6c:27:f9:ee:d3:3b:30:89:0d:75:
                    e0:28:09:1a:05:32:6d:74:f2:a0:fe:82:a1:aa:3d:
                    26:6c:c0:3b:75:0d:19:ce:a1:f1:39:c5:dd:e2:a2:
                    ba:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:C0:C6:03:39:E9:AD:97:45:91:86:B1:A3:62:E6:4F:EF:3C:76:8D
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/71593b3e-c097-4475-95c0-8a064df47fc0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:6110::/48

    Signature Algorithm: sha256WithRSAEncryption
         46:98:24:77:17:0b:44:02:26:45:b7:c0:f1:0f:ba:53:a0:69:
         39:3a:b8:90:ab:3d:a6:15:e7:51:50:87:c8:7b:cc:f9:7c:be:
         f3:79:6c:3b:b2:a1:96:7a:b6:48:a1:3b:cb:71:6b:fe:6d:76:
         c6:6d:dd:ef:0a:fb:42:5b:ec:03:65:b2:f5:64:b5:89:32:59:
         7a:96:b3:c6:fb:80:ce:43:3c:8d:29:e8:f1:3d:8d:62:83:1b:
         50:93:87:6b:eb:e1:32:67:5e:fa:88:80:f1:ce:4d:63:ab:20:
         6d:2c:26:41:63:b0:87:71:c7:cf:e3:f8:76:13:b3:c3:58:cd:
         f2:2d:10:6a:6e:2c:d4:d9:5a:48:01:60:ef:bd:aa:74:88:dc:
         8d:56:a0:9c:d6:3f:85:63:a4:fa:a4:ac:9a:d0:e9:6e:bd:53:
         39:ee:a1:5c:e9:01:5a:35:e4:7e:01:61:38:43:0e:9f:89:62:
         86:d1:a7:bc:be:66:d9:d4:e7:f1:27:09:45:6c:41:a9:31:d6:
         40:a6:bb:b7:44:b8:b4:d5:cd:03:cd:2c:1f:77:18:3a:02:7c:
         9e:ca:0f:77:e9:73:9c:49:90:22:5e:33:ef:fe:84:18:9c:0b:
         20:fd:af:85:1d:7b:f9:25:ea:50:d1:bb:a1:cc:22:2e:f7:c5:
         ff:68:7b:af
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUKfO4joOXz1s/7qjY2aGF+sPsn7EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwODE1MjEyMjIwWhcNMjUwOTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0AzM2Y5MTZiMTYzOWExZDFiZDU0NGUxYjY3NjNiOTEyM2Qx
MjY3Y2EwNWE3ZWE2ZDc5YjE1OGRmZWFjNzQwZmEyMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCnQsTnSS5jCptEcqYyxkozZ3gAvmS1Mggi0kXmvSQPRDwh
r5wDV7BOX+GriwJ7b79aP00nVZit99vsaXd2p9vAtt7P3baOU7xKXpwVRmNMKhe1
zpE1ZkLFH+hdHewXlPXCtv6QmpTNvRhTK29w0oomnPS1+InYxmOIVu6RDSm+/+8c
4gyONtwco6jNNyGbxrYyVVd39wpV/HdRLvMayL0PMroY/n3yMV/rgQAAHUJmmOsR
/XyRAmn5fBT5HPokT8Z3rgeXMkIs5r+6TSeQ3gKF2x5QZsHVbCf57tM7MIkNdeAo
CRoFMm108qD+gqGqPSZswDt1DRnOofE5xd3iorqnAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUTMDGAznprZdFkYaxo2LmT+88do0wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzcxNTkzYjNlLWMwOTctNDQ3NS05NWMwLThhMDY0ZGY0N2ZjMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwYRAwDQYJKoZIhvcNAQELBQADggEBAEaYJHcXC0QCJkW3wPEPulOg
aTk6uJCrPaYV51FQh8h7zPl8vvN5bDuyoZZ6tkihO8txa/5tdsZt3e8K+0Jb7ANl
svVktYkyWXqWs8b7gM5DPI0p6PE9jWKDG1CTh2vr4TJnXvqIgPHOTWOrIG0sJkFj
sIdxx8/j+HYTs8NYzfItEGpuLNTZWkgBYO+9qnSI3I1WoJzWP4VjpPqkrJrQ6W69
UznuoVzpAVo15H4BYThDDp+JYobRp7y+ZtnU5/EnCUVsQakx1kCmu7dEuLTVzQPN
LB93GDoCfJ7KD3fpc5xJkCJeM+/+hBicCyD9r4Ude/kl6lDRu6HMIi73xf9oe68=
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:46:41 2025 by rpki-client