Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/cbf43d99-4d01-4d24-ada9-6e34368d1d71.roa
File:                     cbf43d99-4d01-4d24-ada9-6e34368d1d71.roa (raw, json)
Hash identifier:          jEHvKIVPTqnZmldJdzufr0N9ohXzJ5OmsXu8JrBnbzw=
Subject key identifier:   49:05:12:78:C9:C7:5A:A2:A0:CC:54:3A:5A:1D:5A:F8:3D:07:1A:13
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       3D0EEE1E7A865934CF4C86C7BBBCDEAA837800F4
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/cbf43d99-4d01-4d24-ada9-6e34368d1d71.roa
Signing time:             Tue 20 May 2025 18:00:19 +0000
ROA not before:           Tue 20 May 2025 18:00:19 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:5518::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 08 Jun 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:0e:ee:1e:7a:86:59:34:cf:4c:86:c7:bb:bc:de:aa:83:78:00:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: May 20 18:00:19 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=38995d98a9d6bc6a24c274b4c93132f8c852253f603ae7e498a8cee787e52516, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:c1:5f:7c:9b:ed:c2:3f:ee:60:6d:e5:c2:73:
                    9b:d3:33:99:64:a9:f1:3b:39:d2:96:e9:f0:36:5f:
                    d4:cd:e1:bb:6b:ac:3e:e3:1c:d7:ff:1a:8b:4c:c5:
                    64:25:46:89:9a:88:db:c0:2a:9d:dc:74:93:6b:df:
                    3f:1a:80:f5:ae:ca:a2:94:8a:ab:24:98:56:ee:a9:
                    9d:2e:af:69:75:0c:64:ac:8e:7f:e7:bb:b1:e3:37:
                    eb:b3:7c:a1:58:8f:d8:36:f0:5e:3b:af:b8:74:89:
                    6b:e7:da:28:dd:ad:c4:11:fb:c5:6f:c4:2b:1f:ae:
                    6d:9f:13:c4:b6:77:85:3e:e0:f0:41:c7:e4:0d:9f:
                    eb:6d:d6:18:63:c6:d6:00:51:2f:66:bd:c7:ce:4c:
                    58:1a:63:c1:bf:3f:a0:a6:b9:d0:b9:dc:ed:75:64:
                    31:14:ea:6f:82:0c:de:27:de:a6:ee:bc:c2:25:f5:
                    14:ee:e3:7e:a6:af:7e:11:74:07:b0:85:6d:ad:15:
                    8e:05:34:48:05:ea:20:34:76:2a:2c:1d:e7:89:09:
                    7d:9e:5d:96:1f:62:7f:67:29:21:1a:ac:23:a1:83:
                    8e:68:3f:81:f0:a1:f8:9f:97:34:f8:8d:23:45:53:
                    07:f2:09:91:a1:69:24:e7:42:39:66:d7:a7:aa:f7:
                    56:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:05:12:78:C9:C7:5A:A2:A0:CC:54:3A:5A:1D:5A:F8:3D:07:1A:13
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/cbf43d99-4d01-4d24-ada9-6e34368d1d71.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:5518::/48

    Signature Algorithm: sha256WithRSAEncryption
         33:85:a8:d9:ef:ef:0e:81:31:48:fc:55:90:44:34:5e:6f:86:
         ec:94:dc:cb:1c:56:c0:21:0d:42:8c:f5:b3:ad:76:b3:19:94:
         8e:ff:48:62:e5:dd:05:5a:3f:6d:73:1a:6a:9d:13:f0:e6:7f:
         b5:a5:0b:2e:5d:7e:ff:f6:0d:ac:de:c8:17:b2:88:6d:f1:05:
         6b:5a:8c:42:80:84:00:35:f8:dd:81:92:9e:1a:54:08:c3:44:
         c5:3d:59:a1:60:37:c9:70:d8:6c:28:0e:0b:53:a5:4a:88:78:
         0e:78:48:81:bc:15:0c:5a:73:a6:30:e8:05:e3:61:03:c7:85:
         a7:5d:f3:d5:5c:55:4a:d8:64:0d:84:dc:9e:63:f9:44:b5:57:
         b5:8a:d1:7e:43:cf:92:ae:32:7a:a1:59:b8:33:e5:5e:46:8e:
         b0:eb:14:fc:18:be:4b:f4:94:c7:b3:5c:c9:2a:ef:23:1b:4f:
         36:7a:3f:1f:de:0f:28:6b:1a:5b:2e:d6:52:3d:cb:b5:d3:22:
         6e:07:9d:da:0f:2d:4a:8c:95:65:19:34:ce:f6:33:c7:f7:17:
         15:95:d0:e8:02:7c:b1:47:44:7d:9e:33:c9:93:6b:90:cb:0b:
         e9:5c:96:6c:61:c4:9d:12:25:98:97:d5:ae:07:59:f0:8c:93:
         c6:4e:c6:fd
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUPQ7uHnqGWTTPTIbHu7zeqoN4APQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNTIwMTgwMDE5WhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0AzODk5NWQ5OGE5ZDZiYzZhMjRjMjc0YjRjOTMxMzJmOGM4
NTIyNTNmNjAzYWU3ZTQ5OGE4Y2VlNzg3ZTUyNTE2MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDpwV98m+3CP+5gbeXCc5vTM5lkqfE7OdKW6fA2X9TN4btr
rD7jHNf/GotMxWQlRomaiNvAKp3cdJNr3z8agPWuyqKUiqskmFbuqZ0ur2l1DGSs
jn/nu7HjN+uzfKFYj9g28F47r7h0iWvn2ijdrcQR+8VvxCsfrm2fE8S2d4U+4PBB
x+QNn+tt1hhjxtYAUS9mvcfOTFgaY8G/P6CmudC53O11ZDEU6m+CDN4n3qbuvMIl
9RTu436mr34RdAewhW2tFY4FNEgF6iA0diosHeeJCX2eXZYfYn9nKSEarCOhg45o
P4HwofiflzT4jSNFUwfyCZGhaSTnQjlm16eq91Y9AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUSQUSeMnHWqKgzFQ6Wh1a+D0HGhMwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2NiZjQzZDk5LTRkMDEtNGQyNC1hZGE5LTZlMzQzNjhkMWQ3MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVRgwDQYJKoZIhvcNAQELBQADggEBADOFqNnv7w6BMUj8VZBENF5v
huyU3MscVsAhDUKM9bOtdrMZlI7/SGLl3QVaP21zGmqdE/Dmf7WlCy5dfv/2Daze
yBeyiG3xBWtajEKAhAA1+N2Bkp4aVAjDRMU9WaFgN8lw2GwoDgtTpUqIeA54SIG8
FQxac6Yw6AXjYQPHhadd89VcVUrYZA2E3J5j+US1V7WK0X5Dz5KuMnqhWbgz5V5G
jrDrFPwYvkv0lMezXMkq7yMbTzZ6Px/eDyhrGlsu1lI9y7XTIm4HndoPLUqMlWUZ
NM72M8f3FxWV0OgCfLFHRH2eM8mTa5DLC+lclmxhxJ0SJZiX1a4HWfCMk8ZOxv0=
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:10:45 2025 by rpki-client