Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b11f31cd-336e-4434-8174-6a90ba67bb58.roa
File:                     b11f31cd-336e-4434-8174-6a90ba67bb58.roa (raw, json)
Hash identifier:          NDUPCeYZUX+QA1lKxbhxiY3HVNLg6jjJjCzMWJwv14w=
Subject key identifier:   FB:B2:A4:10:F8:B6:9C:92:58:06:82:F3:13:4E:3D:2C:F8:AE:37:73
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       031C14675704C0D14F2E8BE240356D0D2B1810B8
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b11f31cd-336e-4434-8174-6a90ba67bb58.roa
Signing time:             Tue 20 May 2025 18:00:53 +0000
ROA not before:           Tue 20 May 2025 18:00:53 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:5519::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Jun 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:1c:14:67:57:04:c0:d1:4f:2e:8b:e2:40:35:6d:0d:2b:18:10:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: May 20 18:00:53 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=f3ce2a10d9cecf7d979662e9552fe774f1a2a798c816d19455f8a169ccc06e23, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:d9:29:a4:84:17:3e:bb:0f:0a:ec:ad:a7:df:
                    ed:34:1c:29:2a:14:36:5d:27:92:54:09:1f:d1:a3:
                    55:b3:a7:5a:e3:60:c1:19:1b:e4:ea:48:47:7b:09:
                    97:7b:7b:5f:ec:89:b0:86:c2:d3:21:c9:96:cd:5b:
                    29:9f:0c:91:b2:21:23:18:a6:5b:01:0b:b4:91:19:
                    a6:9a:de:63:21:9c:c6:3e:ea:4f:31:9e:03:17:55:
                    10:8d:79:0c:11:38:50:a8:4c:1a:ae:23:4d:e7:c4:
                    99:a2:9f:73:06:ef:52:eb:1b:f6:fd:49:90:fd:6b:
                    3a:e9:d7:c4:79:b2:fd:8f:8d:d2:6c:7f:b2:53:a8:
                    19:ea:d6:83:b8:07:34:b6:c8:ae:7c:65:47:50:32:
                    db:78:93:35:3e:14:0e:d8:ed:d6:62:03:5f:95:88:
                    0a:07:f3:f6:52:11:51:a9:13:c6:d9:9b:2a:a6:69:
                    9c:79:15:3a:a2:25:7d:4a:be:70:94:58:9f:fb:19:
                    30:c3:03:63:aa:dd:ce:88:7d:da:f5:28:84:45:ae:
                    0d:81:1b:76:86:2d:ad:60:18:6d:86:8e:18:3a:26:
                    48:f9:5b:d2:b9:7b:ec:40:06:54:11:a4:85:c5:a7:
                    31:0f:c5:b6:03:9a:32:08:e9:49:8e:bb:4a:fc:fc:
                    4b:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:B2:A4:10:F8:B6:9C:92:58:06:82:F3:13:4E:3D:2C:F8:AE:37:73
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b11f31cd-336e-4434-8174-6a90ba67bb58.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:5519::/48

    Signature Algorithm: sha256WithRSAEncryption
         a5:ee:b1:e4:3e:ea:49:73:58:45:82:29:85:c9:51:91:b7:ee:
         4a:e1:62:b8:4b:e3:9f:df:51:80:a7:2b:ac:a2:80:18:1c:6f:
         49:18:f6:5b:fa:59:0e:6f:fd:d3:07:c8:c2:a3:f5:fe:0d:a7:
         a8:b9:ea:97:37:8e:ab:6d:e1:ff:6e:0c:7c:ca:2a:a6:73:c9:
         44:86:97:08:b8:5e:54:87:32:5c:d6:64:35:1a:b9:71:c8:db:
         30:96:2a:72:32:50:cf:04:7a:9a:66:4f:ee:b7:14:cf:c9:d0:
         9a:f3:d0:90:01:62:ab:bc:0f:ca:5c:58:be:e0:66:7b:9c:8c:
         3b:6c:98:c4:72:2d:3a:32:32:eb:cf:34:43:b5:ef:b4:77:d4:
         77:1d:cd:2a:e9:79:97:33:bb:d4:af:e9:6c:4e:a2:e7:74:bc:
         20:8e:a1:01:98:97:85:82:39:17:63:32:bf:d4:8e:e9:65:d1:
         41:1d:bf:12:1b:16:d4:46:8b:68:30:52:94:4d:92:48:dd:3c:
         e2:fd:ea:a5:65:d0:55:3f:32:7a:9b:d2:3d:29:db:19:a7:df:
         2f:dd:be:bd:f9:19:c6:e1:cc:7f:83:ea:3e:30:18:c7:68:c2:
         4b:70:18:f1:f4:5f:e1:3b:b0:34:24:0a:2c:d4:bf:00:25:31:
         1d:d7:25:03
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUAxwUZ1cEwNFPLoviQDVtDSsYELgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNTIwMTgwMDUzWhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BmM2NlMmExMGQ5Y2VjZjdkOTc5NjYyZTk1NTJmZTc3NGYx
YTJhNzk4YzgxNmQxOTQ1NWY4YTE2OWNjYzA2ZTIzMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDV2SmkhBc+uw8K7K2n3+00HCkqFDZdJ5JUCR/Ro1Wzp1rj
YMEZG+TqSEd7CZd7e1/sibCGwtMhyZbNWymfDJGyISMYplsBC7SRGaaa3mMhnMY+
6k8xngMXVRCNeQwROFCoTBquI03nxJmin3MG71LrG/b9SZD9azrp18R5sv2PjdJs
f7JTqBnq1oO4BzS2yK58ZUdQMtt4kzU+FA7Y7dZiA1+ViAoH8/ZSEVGpE8bZmyqm
aZx5FTqiJX1KvnCUWJ/7GTDDA2Oq3c6Ifdr1KIRFrg2BG3aGLa1gGG2Gjhg6Jkj5
W9K5e+xABlQRpIXFpzEPxbYDmjII6UmOu0r8/EtNAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU+7KkEPi2nJJYBoLzE049LPiuN3MwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2IxMWYzMWNkLTMzNmUtNDQzNC04MTc0LTZhOTBiYTY3YmI1OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVRkwDQYJKoZIhvcNAQELBQADggEBAKXuseQ+6klzWEWCKYXJUZG3
7krhYrhL45/fUYCnK6yigBgcb0kY9lv6WQ5v/dMHyMKj9f4Np6i56pc3jqtt4f9u
DHzKKqZzyUSGlwi4XlSHMlzWZDUauXHI2zCWKnIyUM8EeppmT+63FM/J0Jrz0JAB
Yqu8D8pcWL7gZnucjDtsmMRyLToyMuvPNEO177R31HcdzSrpeZczu9Sv6WxOoud0
vCCOoQGYl4WCORdjMr/Ujull0UEdvxIbFtRGi2gwUpRNkkjdPOL96qVl0FU/Mnqb
0j0p2xmn3y/dvr35GcbhzH+D6j4wGMdowktwGPH0X+E7sDQkCizUvwAlMR3XJQM=
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:52:54 2025 by rpki-client