Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ec42dc47-0cc9-474a-9470-19700f756d36.roa
File:                     ec42dc47-0cc9-474a-9470-19700f756d36.roa (raw, json)
Hash identifier:          xpcdsaDo2otg53hvdghbxD1IFQC0rkIKABUGLYM2LlI=
Subject key identifier:   DF:3B:AF:CE:E2:59:DA:5F:7C:45:4C:86:DB:5A:B2:2B:0D:34:C9:7C
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       161DFB8C096E9EDC5115D845DB487232A96DBE0F
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ec42dc47-0cc9-474a-9470-19700f756d36.roa
Signing time:             Mon 01 Sep 2025 19:10:22 +0000
ROA not before:           Mon 01 Sep 2025 19:10:22 +0000
ROA not after:            Mon 06 Oct 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f0:551c::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 16 Sep 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:1d:fb:8c:09:6e:9e:dc:51:15:d8:45:db:48:72:32:a9:6d:be:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Sep  1 19:10:22 2025 GMT
            Not After : Oct  6 23:59:59 2025 GMT
        Subject: serialNumber=5851fb34f2c98430251a41c0c41946d5e77eba2b885faeb6f049fdd61c021213, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:e5:4d:17:ec:c1:ea:4c:eb:ec:ee:f7:96:19:
                    f7:05:4f:44:2b:a2:2d:85:30:30:a2:dd:ed:70:18:
                    3e:a4:8e:d0:71:fc:c8:25:73:e7:a8:9a:60:94:1d:
                    b0:7b:28:7c:2e:77:fe:77:30:bd:3c:cf:fd:72:c3:
                    9e:0e:61:13:5d:de:87:a7:e6:d7:7a:96:14:e0:d7:
                    de:bf:37:7a:7d:cc:f3:d7:26:ca:b6:53:90:67:2b:
                    14:d6:87:70:97:ae:4d:de:3b:7a:81:5b:25:6e:8b:
                    05:37:2e:a7:ab:73:3b:25:a9:0d:52:ba:d4:79:2e:
                    ad:bc:25:af:5a:18:d7:01:41:51:a0:e1:a7:f8:82:
                    82:88:6c:14:59:c7:27:4d:df:5a:32:7e:e3:4c:12:
                    fe:7d:64:8f:72:72:90:95:23:c0:de:69:46:c3:d9:
                    e8:0e:e8:9a:2f:d0:da:fc:f4:e6:89:26:a3:5c:bf:
                    20:c9:96:68:7b:ea:ea:26:31:76:6a:9d:53:24:70:
                    ec:ab:9e:bb:47:d5:e2:a9:95:6d:a4:d3:1e:f1:e3:
                    32:ba:76:7f:83:50:cb:58:38:ee:b6:14:0a:91:31:
                    4f:f1:73:e8:eb:38:be:f5:a4:82:72:8f:2f:ea:1d:
                    cb:3a:13:5e:ea:cf:ed:ad:6b:20:5b:b3:e6:22:98:
                    2f:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:3B:AF:CE:E2:59:DA:5F:7C:45:4C:86:DB:5A:B2:2B:0D:34:C9:7C
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ec42dc47-0cc9-474a-9470-19700f756d36.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:551c::/48

    Signature Algorithm: sha256WithRSAEncryption
         14:84:25:ad:8e:bf:12:24:e1:33:ea:51:af:f5:71:ff:d3:e8:
         97:a1:d8:ee:d0:b3:14:67:ba:44:bb:43:10:59:72:d8:4d:3b:
         fa:84:9f:40:9b:fd:5f:d5:8e:ef:39:21:60:3a:ad:65:9d:ab:
         80:50:f7:1b:9c:e9:67:1c:56:de:89:ef:16:82:c0:84:9f:2f:
         d5:a9:2e:62:6d:44:44:32:e1:41:87:30:5b:71:cc:ab:d2:94:
         9f:37:05:88:dd:a3:f7:04:64:79:b0:c0:35:29:c4:35:e9:f2:
         8b:09:03:64:7d:59:b8:d8:19:b1:cf:7b:f9:da:c1:5b:82:7c:
         c1:9a:2b:da:48:69:a7:1b:45:02:84:9e:8c:ff:3e:49:e8:b0:
         f1:85:c5:01:3d:c2:71:42:e6:67:6f:62:c5:4e:1a:de:db:c6:
         7d:ef:05:65:f2:37:9c:5d:79:ba:d2:cc:f1:7c:5c:23:e6:35:
         bc:97:2e:de:28:61:b1:7b:46:d7:a2:7a:85:f6:67:92:b4:42:
         c6:8b:3a:da:4a:1c:fb:1b:73:e9:54:60:77:72:98:bd:7b:15:
         18:92:97:e6:99:1b:4e:af:70:ac:99:5b:d2:0a:6f:b6:ac:f2:
         b2:55:44:ff:fb:f6:d7:51:90:8f:9d:84:f9:9a:13:bf:03:a6:
         02:0b:fb:78
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUFh37jAluntxRFdhF20hyMqltvg8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwOTAxMTkxMDIyWhcNMjUxMDA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A1ODUxZmIzNGYyYzk4NDMwMjUxYTQxYzBjNDE5NDZkNWU3
N2ViYTJiODg1ZmFlYjZmMDQ5ZmRkNjFjMDIxMjEzMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDP5U0X7MHqTOvs7veWGfcFT0Qroi2FMDCi3e1wGD6kjtBx
/Mglc+eommCUHbB7KHwud/53ML08z/1yw54OYRNd3oen5td6lhTg196/N3p9zPPX
Jsq2U5BnKxTWh3CXrk3eO3qBWyVuiwU3LqerczslqQ1SutR5Lq28Ja9aGNcBQVGg
4af4goKIbBRZxydN31oyfuNMEv59ZI9ycpCVI8DeaUbD2egO6Jov0Nr89OaJJqNc
vyDJlmh76uomMXZqnVMkcOyrnrtH1eKplW2k0x7x4zK6dn+DUMtYOO62FAqRMU/x
c+jrOL71pIJyjy/qHcs6E17qz+2tayBbs+YimC8hAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU3zuvzuJZ2l98RUyG21qyKw00yXwwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2VjNDJkYzQ3LTBjYzktNDc0YS05NDcwLTE5NzAwZjc1NmQzNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVRwwDQYJKoZIhvcNAQELBQADggEBABSEJa2OvxIk4TPqUa/1cf/T
6Jeh2O7QsxRnukS7QxBZcthNO/qEn0Cb/V/Vju85IWA6rWWdq4BQ9xuc6WccVt6J
7xaCwISfL9WpLmJtREQy4UGHMFtxzKvSlJ83BYjdo/cEZHmwwDUpxDXp8osJA2R9
WbjYGbHPe/nawVuCfMGaK9pIaacbRQKEnoz/PknosPGFxQE9wnFC5mdvYsVOGt7b
xn3vBWXyN5xdebrSzPF8XCPmNbyXLt4oYbF7RteieoX2Z5K0QsaLOtpKHPsbc+lU
YHdymL17FRiSl+aZG06vcKyZW9IKb7as8rJVRP/79tdRkI+dhPmaE78DpgIL+3g=
-----END CERTIFICATE-----
Generated at Mon Sep 15 14:14:42 2025 by rpki-client