Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/639cf60f-b659-495a-ad4a-265220ddbe5d.roa
File:                     639cf60f-b659-495a-ad4a-265220ddbe5d.roa (raw, json)
Hash identifier:          f4M1QCqR9rKw5tQk2KcTOQ8T5xrR5tbux+bzK3/S988=
Subject key identifier:   8B:A7:75:69:5B:E9:CC:08:56:B7:AB:8F:78:F5:56:A4:FD:3C:C9:19
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       36021F6FEE4C7EEE7ADEA70F55A68AEB0B61D0C7
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/639cf60f-b659-495a-ad4a-265220ddbe5d.roa
Signing time:             Fri 26 Sep 2025 18:00:05 +0000
ROA not before:           Fri 26 Sep 2025 18:00:05 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:551b::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:02:1f:6f:ee:4c:7e:ee:7a:de:a7:0f:55:a6:8a:eb:0b:61:d0:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Sep 26 18:00:05 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=c88208caf3fd1825975b91b9b4c29f8cfa0a1f007d728f1d962eab0d7e79a4a0, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:93:84:3d:b5:f8:67:d6:65:80:6f:92:41:10:
                    ab:8a:28:ca:f5:cd:ec:fc:0e:7a:8d:66:36:b2:25:
                    6e:11:ea:3d:d9:e3:47:7d:b7:2b:eb:10:f8:68:19:
                    75:74:80:e9:2c:69:0f:73:8b:42:cd:98:f3:6f:55:
                    52:04:10:6a:4f:7a:b7:e5:61:9a:34:7d:5b:66:8d:
                    c3:73:a5:6c:a6:67:e5:d0:82:12:61:65:de:a7:62:
                    fa:32:03:8e:fa:8a:3f:90:2b:89:2b:20:99:ab:fc:
                    b0:52:6b:a1:25:9d:68:2d:c8:2f:56:17:8b:90:69:
                    f7:6b:df:48:47:70:1f:fa:08:a6:33:a0:0d:29:83:
                    ed:e8:7c:db:c6:bb:80:d5:04:5e:40:8a:c4:49:0b:
                    09:4d:ec:29:78:19:e9:15:63:6d:41:c7:a8:f9:c3:
                    22:27:f2:42:6e:64:40:4d:68:62:65:28:7e:dc:86:
                    99:fd:f1:38:a2:99:a6:b5:33:5d:10:ea:db:38:56:
                    7c:fc:2f:aa:92:3a:4a:20:3f:3f:a7:26:49:ca:01:
                    07:44:ff:b9:5a:37:ce:89:e3:9a:ca:c9:83:5d:c6:
                    8f:fa:c9:46:1f:c2:f2:00:0e:c6:f8:10:74:c1:1e:
                    d9:70:40:ae:b5:97:d8:61:7e:a8:65:f3:f1:5d:d1:
                    6e:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:A7:75:69:5B:E9:CC:08:56:B7:AB:8F:78:F5:56:A4:FD:3C:C9:19
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/639cf60f-b659-495a-ad4a-265220ddbe5d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:551b::/48

    Signature Algorithm: sha256WithRSAEncryption
         8f:0c:16:de:c9:2b:b8:7d:19:b7:6b:3c:07:db:1f:56:83:7b:
         2e:fd:2a:07:c7:a5:92:b4:3d:ba:16:09:3e:e4:34:6a:c9:f2:
         f3:4f:75:fb:8f:7e:1f:be:c5:59:75:19:3d:19:ea:b1:1b:28:
         9d:3a:a1:0e:fb:97:10:cd:3e:1b:f3:3e:81:7e:17:d6:dc:be:
         9e:44:64:70:e3:58:8c:5a:5d:cb:9c:fe:72:e1:87:ad:ff:10:
         2e:c3:fd:72:0a:3a:18:3e:c6:d3:63:28:e6:86:76:37:41:bf:
         f4:b9:fb:74:3f:b1:a1:6e:5b:27:29:de:81:92:e9:73:7b:2a:
         d7:27:14:78:15:0d:30:4f:f2:17:41:a3:80:3e:32:5d:de:c6:
         92:dd:92:26:5d:91:dd:d9:82:25:a9:0a:77:f1:85:51:83:0e:
         b9:fa:9a:e1:70:3a:d1:f5:34:d7:d4:af:ee:92:28:d6:8d:21:
         fd:ee:aa:2c:19:f8:ca:1d:08:c3:05:42:30:79:a3:37:4a:0f:
         57:30:ab:5a:4f:0f:6d:6e:dc:19:0f:87:3a:ad:b5:3e:78:60:
         ce:04:29:44:e6:1a:f2:05:e1:5c:60:77:53:20:46:a0:14:99:
         1c:af:fd:0a:9a:fa:97:f8:f7:d2:71:37:c2:b3:d4:31:df:fa:
         44:d9:63:e5
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUNgIfb+5Mfu563qcPVaaK6wth0McwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwOTI2MTgwMDA1WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BjODgyMDhjYWYzZmQxODI1OTc1YjkxYjliNGMyOWY4Y2Zh
MGExZjAwN2Q3MjhmMWQ5NjJlYWIwZDdlNzlhNGEwMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDkk4Q9tfhn1mWAb5JBEKuKKMr1zez8DnqNZjayJW4R6j3Z
40d9tyvrEPhoGXV0gOksaQ9zi0LNmPNvVVIEEGpPerflYZo0fVtmjcNzpWymZ+XQ
ghJhZd6nYvoyA476ij+QK4krIJmr/LBSa6ElnWgtyC9WF4uQafdr30hHcB/6CKYz
oA0pg+3ofNvGu4DVBF5AisRJCwlN7Cl4GekVY21Bx6j5wyIn8kJuZEBNaGJlKH7c
hpn98Tiimaa1M10Q6ts4Vnz8L6qSOkogPz+nJknKAQdE/7laN86J45rKyYNdxo/6
yUYfwvIADsb4EHTBHtlwQK61l9hhfqhl8/Fd0W5bAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUi6d1aVvpzAhWt6uPePVWpP08yRkwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzYzOWNmNjBmLWI2NTktNDk1YS1hZDRhLTI2NTIyMGRkYmU1ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVRswDQYJKoZIhvcNAQELBQADggEBAI8MFt7JK7h9GbdrPAfbH1aD
ey79KgfHpZK0PboWCT7kNGrJ8vNPdfuPfh++xVl1GT0Z6rEbKJ06oQ77lxDNPhvz
PoF+F9bcvp5EZHDjWIxaXcuc/nLhh63/EC7D/XIKOhg+xtNjKOaGdjdBv/S5+3Q/
saFuWycp3oGS6XN7KtcnFHgVDTBP8hdBo4A+Ml3expLdkiZdkd3ZgiWpCnfxhVGD
Drn6muFwOtH1NNfUr+6SKNaNIf3uqiwZ+ModCMMFQjB5ozdKD1cwq1pPD21u3BkP
hzqttT54YM4EKUTmGvIF4Vxgd1MgRqAUmRyv/Qqa+pf499JxN8Kz1DHf+kTZY+U=
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:40:19 2025 by rpki-client