Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5549fdb0-617d-43e3-951f-9747f0d27829.roa
File:                     5549fdb0-617d-43e3-951f-9747f0d27829.roa (raw, json)
Hash identifier:          4pPIo8Fbct9xVWLLE//0Ay5Fmclv3t6wAKovgpEZXp4=
Subject key identifier:   6E:59:43:8F:E8:39:A4:4D:AA:FB:57:FD:2B:5E:FC:15:FE:1B:53:9D
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       371F8113FA000618A1603848E41F16BC1D24CBA8
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5549fdb0-617d-43e3-951f-9747f0d27829.roa
Signing time:             Mon 29 Sep 2025 15:23:37 +0000
ROA not before:           Mon 29 Sep 2025 15:23:37 +0000
ROA not after:            Mon 03 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:4140::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:1f:81:13:fa:00:06:18:a1:60:38:48:e4:1f:16:bc:1d:24:cb:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Sep 29 15:23:37 2025 GMT
            Not After : Nov  3 23:59:59 2025 GMT
        Subject: serialNumber=925b1be9d891fdbc1380fc3a9cc433aa3b8f12d82b29cd2596900e6137f5df0d, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:92:0d:8d:71:ba:52:12:e9:a3:45:95:26:06:
                    b4:2b:75:a9:21:c5:8f:52:38:7d:5f:b8:39:aa:5e:
                    66:24:92:bf:d7:ce:87:2b:2e:1e:54:9b:cb:00:80:
                    b3:a4:1f:5e:da:61:5a:90:ea:34:57:9a:f7:d3:8f:
                    d3:42:e0:80:61:2a:4c:40:e1:74:6b:56:1c:12:14:
                    86:42:22:45:0b:e6:89:6c:8b:19:6f:72:8a:51:7e:
                    5d:0d:20:b0:94:f2:d8:84:c6:f2:8c:4b:32:4b:2a:
                    db:89:8d:ca:a3:e9:cb:ba:fc:88:7e:4b:29:bd:ef:
                    e8:5b:c7:80:3c:dd:28:f7:93:73:82:f4:dd:7e:1f:
                    b0:55:9a:ac:a2:91:6e:e6:ff:38:aa:d8:2f:ef:e2:
                    20:40:15:c2:74:0d:b3:4d:34:88:5d:93:8e:37:b0:
                    72:29:07:fd:89:00:02:78:d7:c9:b5:27:d0:0c:67:
                    f6:01:75:0e:bd:d7:b6:d9:1a:15:cb:57:fd:84:59:
                    69:7f:e9:9e:17:09:4c:59:cd:76:ce:25:fa:41:14:
                    36:d3:3e:6c:53:1d:d6:6d:f0:96:80:10:ec:9a:ff:
                    be:9a:fe:de:7e:6b:86:a8:fe:da:2f:e7:f9:d5:ac:
                    bf:b3:a4:5f:05:d0:d3:34:27:3b:ba:72:ba:c9:51:
                    24:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:59:43:8F:E8:39:A4:4D:AA:FB:57:FD:2B:5E:FC:15:FE:1B:53:9D
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5549fdb0-617d-43e3-951f-9747f0d27829.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:4140::/48

    Signature Algorithm: sha256WithRSAEncryption
         29:11:22:5d:56:74:dd:c6:3d:e5:a6:df:eb:71:9c:fa:9e:6a:
         e1:0a:da:04:e6:13:c4:cb:3f:9a:24:39:6d:f4:44:54:9a:2d:
         e8:d1:53:06:7f:19:9d:0a:55:c0:2c:9e:ac:64:29:1c:11:8d:
         58:59:ed:8b:9d:8e:9b:f5:ab:67:e6:df:1a:2d:4f:0e:06:0b:
         0b:de:3e:c6:84:4f:69:4b:43:47:7b:a0:24:ad:37:9d:c2:65:
         e2:a2:13:66:20:13:a3:0f:a8:64:a6:6d:58:ae:73:84:8c:af:
         6e:d4:20:93:4a:2c:9f:aa:16:6e:af:17:76:d1:e9:49:ef:b5:
         5c:89:66:6f:ae:ac:8d:dd:31:c8:5e:f9:a0:e7:f7:2b:a1:c6:
         25:78:b9:1e:e6:e8:fb:45:ab:00:8d:39:6a:e3:37:26:f0:af:
         98:96:68:76:ce:cf:1d:7e:5b:ff:03:ec:6a:d7:27:5e:d1:a2:
         12:3b:63:63:99:9e:7b:f6:51:46:61:02:fb:43:b0:c9:38:18:
         af:b4:13:fe:8e:70:4f:e7:72:e9:1f:5f:a9:31:d4:99:01:6a:
         1d:ef:f2:37:de:ea:4f:00:1e:d8:11:a2:ff:cc:aa:9d:76:c3:
         ce:68:35:d2:cf:7e:4b:47:f7:f9:21:28:28:35:bf:80:ec:04:
         57:66:0e:a7
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUNx+BE/oABhihYDhI5B8WvB0ky6gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwOTI5MTUyMzM3WhcNMjUxMTAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MjViMWJlOWQ4OTFmZGJjMTM4MGZjM2E5Y2M0MzNhYTNi
OGYxMmQ4MmIyOWNkMjU5NjkwMGU2MTM3ZjVkZjBkMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/kg2NcbpSEumjRZUmBrQrdakhxY9SOH1fuDmqXmYkkr/X
zocrLh5Um8sAgLOkH17aYVqQ6jRXmvfTj9NC4IBhKkxA4XRrVhwSFIZCIkUL5ols
ixlvcopRfl0NILCU8tiExvKMSzJLKtuJjcqj6cu6/Ih+Sym97+hbx4A83Sj3k3OC
9N1+H7BVmqyikW7m/ziq2C/v4iBAFcJ0DbNNNIhdk443sHIpB/2JAAJ418m1J9AM
Z/YBdQ6917bZGhXLV/2EWWl/6Z4XCUxZzXbOJfpBFDbTPmxTHdZt8JaAEOya/76a
/t5+a4ao/tov5/nVrL+zpF8F0NM0Jzu6crrJUSTvAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUbllDj+g5pE2q+1f9K178Ff4bU50wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzU1NDlmZGIwLTYxN2QtNDNlMy05NTFmLTk3NDdmMGQyNzgyOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwQUAwDQYJKoZIhvcNAQELBQADggEBACkRIl1WdN3GPeWm3+txnPqe
auEK2gTmE8TLP5okOW30RFSaLejRUwZ/GZ0KVcAsnqxkKRwRjVhZ7Yudjpv1q2fm
3xotTw4GCwvePsaET2lLQ0d7oCStN53CZeKiE2YgE6MPqGSmbViuc4SMr27UIJNK
LJ+qFm6vF3bR6UnvtVyJZm+urI3dMche+aDn9yuhxiV4uR7m6PtFqwCNOWrjNybw
r5iWaHbOzx1+W/8D7GrXJ17RohI7Y2OZnnv2UUZhAvtDsMk4GK+0E/6OcE/ncukf
X6kx1JkBah3v8jfe6k8AHtgRov/Mqp12w85oNdLPfktH9/khKCg1v4DsBFdmDqc=
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:40:16 2025 by rpki-client