Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/455cc001-6d98-49b1-ab73-9a1e06726f9f.roa
File:                     455cc001-6d98-49b1-ab73-9a1e06726f9f.roa (raw, json)
Hash identifier:          Iu021DLbEnleDXcUzSMWGkOFmh+PNNOCG97hPaYp11E=
Subject key identifier:   E9:01:51:30:29:71:12:09:63:04:98:CE:ED:D6:DF:E5:D3:64:72:5E
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       43CC6EBE79F555D7AB6C88BCEF1C3D17E5115D23
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/455cc001-6d98-49b1-ab73-9a1e06726f9f.roa
Signing time:             Fri 10 Oct 2025 17:04:20 +0000
ROA not before:           Fri 10 Oct 2025 17:04:20 +0000
ROA not after:            Fri 14 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:11::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:cc:6e:be:79:f5:55:d7:ab:6c:88:bc:ef:1c:3d:17:e5:11:5d:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Oct 10 17:04:20 2025 GMT
            Not After : Nov 14 23:59:59 2025 GMT
        Subject: serialNumber=62d3794ea983f4878677f524e480f0a0313cafffbcdbce07cb64cb508c278869, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:e5:06:e6:19:5f:47:48:2e:ff:20:38:38:fb:
                    75:8a:13:3a:49:93:93:e2:86:4c:64:3c:f8:25:97:
                    9f:f1:23:c3:9a:8b:49:5f:11:96:c9:15:a3:05:ec:
                    f3:28:c5:5f:35:72:0b:5f:20:55:74:3b:8a:e3:f8:
                    dd:01:9f:d2:68:36:f3:cf:41:49:ce:c8:ab:cc:b0:
                    b6:de:df:82:e5:60:12:39:2f:b8:35:d4:68:35:73:
                    36:c6:5d:77:e9:99:77:8a:5d:e3:8f:05:64:09:79:
                    02:04:25:25:26:d3:d5:2d:b1:68:c4:34:61:f2:6b:
                    0b:39:35:7a:40:ae:46:72:15:38:dc:f8:80:aa:07:
                    75:53:94:ee:ad:03:e6:2c:6c:06:2c:3d:a8:23:89:
                    86:e7:a9:22:db:f7:e0:98:86:37:10:84:f4:5c:62:
                    4d:db:75:f4:1b:a8:0d:53:1b:31:6c:a9:a6:40:1d:
                    26:8b:fc:97:94:6d:20:2d:7d:00:77:f8:5b:53:d4:
                    d5:72:c1:3b:a5:cf:6f:b0:59:03:61:37:22:1f:6b:
                    1e:df:af:81:57:c5:00:77:65:2b:cc:2c:6b:60:62:
                    c9:e7:34:89:0b:1a:26:35:10:5d:8c:d2:cd:93:03:
                    f5:5a:2b:99:7a:60:e5:6a:8a:ea:98:8c:cc:f6:36:
                    2e:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:01:51:30:29:71:12:09:63:04:98:CE:ED:D6:DF:E5:D3:64:72:5E
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/455cc001-6d98-49b1-ab73-9a1e06726f9f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:11::/48

    Signature Algorithm: sha256WithRSAEncryption
         84:25:27:64:08:d3:0f:27:1a:a8:00:b1:72:b8:93:16:a2:46:
         de:fb:b8:4b:1e:69:ba:e3:b1:ad:51:c2:12:2c:aa:9f:4e:d7:
         73:f7:7a:7f:80:97:4f:bd:bc:4c:a0:2c:4a:b3:6a:72:68:6e:
         5e:5f:ad:d5:13:34:76:5c:df:01:51:54:70:88:68:46:7c:fc:
         13:99:78:0f:87:69:2e:7a:15:17:f3:9a:b7:c5:54:c9:05:c3:
         42:19:ca:3f:e7:9f:98:32:5b:b8:c0:c4:cc:c7:5a:89:af:5f:
         6c:26:02:df:96:52:35:98:f3:14:b4:78:8a:6c:86:90:42:9b:
         40:72:4e:fa:93:33:00:df:d6:90:ec:84:74:4c:73:3a:50:a6:
         a0:37:74:da:68:e4:7b:35:cd:04:93:10:4f:30:2c:d9:63:9b:
         3f:ae:ad:a1:06:15:8c:ba:b2:dc:d6:ce:d0:5e:d9:a3:8e:ff:
         db:d4:10:24:ac:10:e2:95:e9:81:51:d4:46:58:b8:cb:f4:b2:
         65:d0:e3:54:5e:4c:9d:48:89:dc:e7:65:77:61:7d:57:80:e4:
         50:56:46:b7:eb:e7:15:62:f5:16:3e:74:cc:8d:51:01:9c:26:
         22:46:05:0f:19:bf:1f:e1:d1:e7:93:bd:bc:15:c9:23:2f:23:
         8c:4e:77:1d
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUQ8xuvnn1VderbIi87xw9F+URXSMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDEwMTcwNDIwWhcNMjUxMTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MmQzNzk0ZWE5ODNmNDg3ODY3N2Y1MjRlNDgwZjBhMDMx
M2NhZmZmYmNkYmNlMDdjYjY0Y2I1MDhjMjc4ODY5MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC75QbmGV9HSC7/IDg4+3WKEzpJk5PihkxkPPgll5/xI8Oa
i0lfEZbJFaMF7PMoxV81cgtfIFV0O4rj+N0Bn9JoNvPPQUnOyKvMsLbe34LlYBI5
L7g11Gg1czbGXXfpmXeKXeOPBWQJeQIEJSUm09UtsWjENGHyaws5NXpArkZyFTjc
+ICqB3VTlO6tA+YsbAYsPagjiYbnqSLb9+CYhjcQhPRcYk3bdfQbqA1TGzFsqaZA
HSaL/JeUbSAtfQB3+FtT1NVywTulz2+wWQNhNyIfax7fr4FXxQB3ZSvMLGtgYsnn
NIkLGiY1EF2M0s2TA/VaK5l6YOVqiuqYjMz2Ni5nAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU6QFRMClxEgljBJjO7dbf5dNkcl4wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzQ1NWNjMDAxLTZkOTgtNDliMS1hYjczLTlhMWUwNjcyNmY5Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwABEwDQYJKoZIhvcNAQELBQADggEBAIQlJ2QI0w8nGqgAsXK4kxai
Rt77uEseabrjsa1RwhIsqp9O13P3en+Al0+9vEygLEqzanJobl5frdUTNHZc3wFR
VHCIaEZ8/BOZeA+HaS56FRfzmrfFVMkFw0IZyj/nn5gyW7jAxMzHWomvX2wmAt+W
UjWY8xS0eIpshpBCm0ByTvqTMwDf1pDshHRMczpQpqA3dNpo5Hs1zQSTEE8wLNlj
mz+uraEGFYy6stzWztBe2aOO/9vUECSsEOKV6YFR1EZYuMv0smXQ41ReTJ1Iidzn
ZXdhfVeA5FBWRrfr5xVi9RY+dMyNUQGcJiJGBQ8Zvx/h0eeTvbwVySMvI4xOdx0=
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:33:47 2025 by rpki-client