Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/058b2723-0749-41cb-992b-215b81ddf36a.roa
File:                     058b2723-0749-41cb-992b-215b81ddf36a.roa (raw, json)
Hash identifier:          cJ+1aCL6Q4p0/q561/nZ0SI8OBSD7GlmI3R0+91fvGI=
Subject key identifier:   71:58:D6:51:17:38:0E:BB:61:91:59:D9:94:09:93:B3:71:EE:D7:1E
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       62EB0E72C8227FFA740FCAAC6C1B0F7C070BDFE1
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/058b2723-0749-41cb-992b-215b81ddf36a.roa
Signing time:             Fri 08 Aug 2025 00:30:49 +0000
ROA not before:           Fri 08 Aug 2025 00:30:49 +0000
ROA not after:            Fri 12 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f2:7000::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:eb:0e:72:c8:22:7f:fa:74:0f:ca:ac:6c:1b:0f:7c:07:0b:df:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Aug  8 00:30:49 2025 GMT
            Not After : Sep 12 23:59:59 2025 GMT
        Subject: serialNumber=1ff6613185b002135ca502013fddb256c616d6456e3c6d695530cbadf253f185, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:cc:6e:22:d1:c1:46:3e:2f:2f:d7:43:cb:f6:
                    10:ca:9c:6a:bf:03:82:19:7e:e8:0c:6a:80:76:6c:
                    b6:f6:c3:bd:5c:0b:f8:4c:4b:96:8f:f0:cf:46:4b:
                    8a:74:39:4e:07:4f:7c:b6:d2:4f:01:92:4a:d4:e1:
                    ef:69:0f:d7:05:d7:6a:26:a7:e7:ee:ca:e1:a9:98:
                    37:ed:a0:0b:f9:c3:1c:c1:37:e9:bc:43:b6:60:f5:
                    a3:f0:cd:5f:5b:30:4f:3b:75:2e:3b:14:dc:e0:72:
                    44:6b:34:11:69:79:c6:23:b8:9f:a8:d0:b8:4d:e6:
                    5f:ff:ff:da:18:a8:40:37:1e:46:be:c8:07:81:4b:
                    b6:c7:37:00:87:b4:b2:73:6e:08:ff:dc:74:50:4c:
                    e0:3c:e5:91:75:0a:a1:d8:f6:1e:b4:d8:fd:d9:da:
                    74:e3:43:58:ce:ee:36:bb:f8:3f:ab:4d:27:4f:9d:
                    66:67:f9:71:0a:fd:d6:fb:11:e2:31:62:08:14:e2:
                    38:1c:b6:80:5d:8b:de:e7:72:f7:e5:41:ec:7b:59:
                    47:10:2a:12:45:09:22:ab:93:fc:1d:a0:13:48:63:
                    8a:a8:a7:67:28:02:5b:a9:59:bd:2c:b0:a6:3c:1b:
                    bb:1c:3b:60:6c:88:7d:1e:13:b6:e3:54:4c:06:5a:
                    2f:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:58:D6:51:17:38:0E:BB:61:91:59:D9:94:09:93:B3:71:EE:D7:1E
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/058b2723-0749-41cb-992b-215b81ddf36a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f2:7000::/44

    Signature Algorithm: sha256WithRSAEncryption
         8b:67:c7:56:3f:9b:79:14:b7:f4:c2:88:fa:5e:12:8c:49:f3:
         96:c2:f2:dc:7a:9c:31:04:de:c4:59:68:24:be:e3:bb:60:83:
         18:1f:8c:25:7b:d4:f0:99:e7:d6:ba:69:94:b4:c6:d7:89:1b:
         c2:4c:93:57:c7:dc:2f:0d:97:bb:96:1c:b0:0b:1d:e8:b7:af:
         d9:92:0a:75:90:cc:33:44:0c:6f:7d:05:91:d4:6d:9e:f7:37:
         3e:11:e1:f7:bb:55:4e:a3:d2:b1:2f:ce:ad:ba:ad:13:ff:62:
         d4:13:d2:98:a3:be:8e:97:21:af:89:59:6b:40:68:89:c6:08:
         d9:0d:08:7c:83:9b:bb:4c:ca:38:01:ea:e2:60:db:46:45:a8:
         b4:8b:ea:f2:d5:7f:80:14:3a:e5:f5:f7:69:28:b8:6d:43:a9:
         92:42:ca:d2:06:e5:f7:c2:c1:ce:bb:aa:6d:cb:76:ce:a0:aa:
         0b:90:3c:53:b4:53:72:2c:2f:87:80:2d:27:e4:d2:09:8e:df:
         e4:ed:09:34:e4:1f:38:ff:fa:2a:07:13:dc:d2:ff:ae:bb:08:
         8b:e4:d2:b5:d3:c2:f8:29:c3:26:8e:89:05:c6:93:60:c8:34:
         13:6e:d5:d5:49:8f:4d:36:1e:16:c6:1d:ef:a3:45:79:fc:dc:
         4c:d0:ea:b6
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUYusOcsgif/p0D8qsbBsPfAcL3+EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwODA4MDAzMDQ5WhcNMjUwOTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AxZmY2NjEzMTg1YjAwMjEzNWNhNTAyMDEzZmRkYjI1NmM2
MTZkNjQ1NmUzYzZkNjk1NTMwY2JhZGYyNTNmMTg1MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2zG4i0cFGPi8v10PL9hDKnGq/A4IZfugMaoB2bLb2w71c
C/hMS5aP8M9GS4p0OU4HT3y20k8BkkrU4e9pD9cF12omp+fuyuGpmDftoAv5wxzB
N+m8Q7Zg9aPwzV9bME87dS47FNzgckRrNBFpecYjuJ+o0LhN5l///9oYqEA3Hka+
yAeBS7bHNwCHtLJzbgj/3HRQTOA85ZF1CqHY9h602P3Z2nTjQ1jO7ja7+D+rTSdP
nWZn+XEK/db7EeIxYggU4jgctoBdi97ncvflQex7WUcQKhJFCSKrk/wdoBNIY4qo
p2coAlupWb0ssKY8G7scO2BsiH0eE7bjVEwGWi91AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUcVjWURc4DrthkVnZlAmTs3Hu1x4wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzA1OGIyNzIzLTA3NDktNDFjYi05OTJiLTIxNWI4MWRkZjM2YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmAPDycAAwDQYJKoZIhvcNAQELBQADggEBAItnx1Y/m3kUt/TCiPpeEoxJ
85bC8tx6nDEE3sRZaCS+47tggxgfjCV71PCZ59a6aZS0xteJG8JMk1fH3C8Nl7uW
HLALHei3r9mSCnWQzDNEDG99BZHUbZ73Nz4R4fe7VU6j0rEvzq26rRP/YtQT0pij
vo6XIa+JWWtAaInGCNkNCHyDm7tMyjgB6uJg20ZFqLSL6vLVf4AUOuX192kouG1D
qZJCytIG5ffCwc67qm3Lds6gqguQPFO0U3IsL4eALSfk0gmO3+TtCTTkHzj/+ioH
E9zS/667CIvk0rXTwvgpwyaOiQXGk2DINBNu1dVJj002HhbGHe+jRXn83EzQ6rY=
-----END CERTIFICATE-----