Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa
File:                     dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa (raw, json)
Hash identifier:          oD9ZB915/QXa/WhHijgYuldaj2mic20qc7VtJZ+qv5s=
Subject key identifier:   07:BE:DF:9E:C1:35:36:CB:B0:A6:83:DB:88:65:4F:68:FE:E8:E9:85
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       4E65EB847F320773A195EFFCC97D40B9388B60D5
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa
Signing time:             Tue 20 May 2025 18:10:55 +0000
ROA not before:           Tue 20 May 2025 18:10:55 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:e000::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 10 Jun 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:65:eb:84:7f:32:07:73:a1:95:ef:fc:c9:7d:40:b9:38:8b:60:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: May 20 18:10:55 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=a16d4dfcf14c95102493926f34bf7306450080e7d82adaa179ec9a9cfdbfdd2a, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ef:53:90:77:1a:09:f7:be:37:75:c8:4d:2d:
                    8f:78:d5:c4:4c:39:d1:09:44:2f:95:70:9b:4f:ef:
                    64:6e:08:8e:27:4a:f6:59:4d:22:dc:0e:2b:38:b6:
                    44:44:c4:ee:79:2c:f1:78:72:8c:37:a8:83:90:f2:
                    c3:36:7f:ec:2b:aa:8d:e3:6e:2d:0d:87:2a:79:c5:
                    76:ce:de:6d:8f:f4:47:6c:b6:1f:b3:a4:3b:3b:18:
                    86:d7:d4:dd:b6:76:ee:cb:22:bd:78:fc:33:7b:c4:
                    39:1b:b2:fc:5e:b0:f0:62:cb:b2:df:19:21:29:16:
                    cb:68:2b:75:80:bf:3e:99:44:58:f8:5e:b6:e2:74:
                    3e:2f:d4:64:d6:a2:c0:6e:9d:19:a6:e6:d7:50:8c:
                    c4:42:d6:8f:e3:d8:01:9a:1c:46:56:c2:84:a8:29:
                    02:22:12:9a:2d:52:ed:d2:6e:11:31:2c:7f:5b:94:
                    c0:f3:31:34:bf:83:54:39:9a:aa:fb:a4:41:3e:be:
                    d9:80:fa:1f:2c:22:e2:a5:ae:1f:72:0c:30:7c:bc:
                    be:3f:fe:ee:44:e3:03:f1:27:e1:26:b9:69:99:19:
                    e2:66:d9:3c:13:06:40:ec:a7:c7:3a:62:c8:7c:3d:
                    e1:e0:94:8c:14:19:d8:95:9d:b2:af:f8:c6:16:0a:
                    4b:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:BE:DF:9E:C1:35:36:CB:B0:A6:83:DB:88:65:4F:68:FE:E8:E9:85
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:e000::/40

    Signature Algorithm: sha256WithRSAEncryption
         61:78:64:ae:58:c3:16:6d:33:c3:51:6e:59:03:34:8b:74:f5:
         ac:84:83:73:58:af:35:8c:76:28:92:0b:00:d4:42:4e:f1:f2:
         9e:2c:46:de:02:73:0a:98:19:79:6b:e6:7c:b4:ec:fb:07:c9:
         c2:a6:09:db:55:89:dd:81:dd:33:b7:09:b9:87:bd:4d:ee:e8:
         4d:ea:4d:8e:2f:2f:a9:45:e4:8c:5b:47:bc:10:36:15:a4:cc:
         46:0a:62:61:15:3f:5a:46:2c:96:4c:0f:5a:91:87:8d:73:46:
         ba:d3:17:2c:d1:f9:b6:fa:36:cf:f1:5f:43:23:3a:92:bd:70:
         bd:db:48:06:cd:e8:eb:00:7c:b6:51:bd:2a:b7:8a:c1:7f:9d:
         e4:39:7e:7d:b5:d6:4d:bc:e0:a0:b4:8e:ad:76:a9:af:3f:b0:
         6e:bf:8b:7e:58:53:55:ed:09:96:a3:aa:d5:33:24:5b:d0:4f:
         30:70:74:7b:54:82:25:6c:c0:8c:f4:cd:07:3d:72:00:76:86:
         d0:a7:dc:03:7a:d3:58:7a:89:59:8a:88:41:b5:85:3d:ba:09:
         72:0b:35:44:4f:e7:90:06:f7:49:a8:1d:60:8c:11:ae:d3:c2:
         c9:89:f9:d1:4a:51:d8:79:72:11:7a:ff:19:25:8a:31:1a:44:
         79:5b:81:7f
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUTmXrhH8yB3Ohle/8yX1AuTiLYNUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNTIwMTgxMDU1WhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BhMTZkNGRmY2YxNGM5NTEwMjQ5MzkyNmYzNGJmNzMwNjQ1
MDA4MGU3ZDgyYWRhYTE3OWVjOWE5Y2ZkYmZkZDJhMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCu71OQdxoJ9743dchNLY941cRMOdEJRC+VcJtP72RuCI4n
SvZZTSLcDis4tkRExO55LPF4cow3qIOQ8sM2f+wrqo3jbi0Nhyp5xXbO3m2P9Eds
th+zpDs7GIbX1N22du7LIr14/DN7xDkbsvxesPBiy7LfGSEpFstoK3WAvz6ZRFj4
XrbidD4v1GTWosBunRmm5tdQjMRC1o/j2AGaHEZWwoSoKQIiEpotUu3SbhExLH9b
lMDzMTS/g1Q5mqr7pEE+vtmA+h8sIuKlrh9yDDB8vL4//u5E4wPxJ+EmuWmZGeJm
2TwTBkDsp8c6Ysh8PeHglIwUGdiVnbKv+MYWCkuHAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUB77fnsE1NsuwpoPbiGVPaP7o6YUwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2RjMGUwZTczLWJiYmUtNDE3MC1iNzMzLTQ5MDRlY2MyN2Y5OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPD74DANBgkqhkiG9w0BAQsFAAOCAQEAYXhkrljDFm0zw1FuWQM0i3T1
rISDc1ivNYx2KJILANRCTvHynixG3gJzCpgZeWvmfLTs+wfJwqYJ21WJ3YHdM7cJ
uYe9Te7oTepNji8vqUXkjFtHvBA2FaTMRgpiYRU/WkYslkwPWpGHjXNGutMXLNH5
tvo2z/FfQyM6kr1wvdtIBs3o6wB8tlG9KreKwX+d5Dl+fbXWTbzgoLSOrXaprz+w
br+LflhTVe0JlqOq1TMkW9BPMHB0e1SCJWzAjPTNBz1yAHaG0KfcA3rTWHqJWYqI
QbWFPboJcgs1RE/nkAb3SagdYIwRrtPCyYn50UpR2HlyEXr/GSWKMRpEeVuBfw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:47:10 2025 by rpki-client