Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/660f5154-1b49-462f-808c-68d8e6db8edc.roa
File:                     660f5154-1b49-462f-808c-68d8e6db8edc.roa (raw, json)
Hash identifier:          Cm627JSgj3sKiLfBN9Q86OxXI0dTA1450jvluwLVJZo=
Subject key identifier:   A7:57:44:2F:D4:D2:C5:9C:60:16:A1:19:99:AB:87:1D:57:AE:92:B9
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       783A80EE384AE345ED029D60E70CA3FB73534E64
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/660f5154-1b49-462f-808c-68d8e6db8edc.roa
Signing time:             Mon 06 Oct 2025 17:37:48 +0000
ROA not before:           Mon 06 Oct 2025 17:37:48 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:6120::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 22 Oct 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:3a:80:ee:38:4a:e3:45:ed:02:9d:60:e7:0c:a3:fb:73:53:4e:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Oct  6 17:37:48 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=f291482d45ae345761f6962edb081bfd5f5858f65130673875d3fe3181036466, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:48:9d:b4:95:0d:32:11:28:1b:73:04:54:5a:
                    d2:e6:2d:ee:ae:1c:c0:fe:c2:f5:1e:a0:a9:2d:42:
                    ca:40:85:2b:a3:d0:a4:d9:0f:99:6a:49:64:70:d6:
                    55:48:f5:3f:60:71:68:ed:cf:75:7d:94:70:ab:9a:
                    60:4e:5b:27:fc:a7:2b:a0:46:13:41:b5:9c:40:52:
                    b1:6e:8c:40:2c:de:30:07:b7:37:59:41:02:c7:b5:
                    39:bc:36:ab:41:61:48:12:bf:4c:df:b0:80:15:7e:
                    7b:d4:9c:c9:8a:43:c8:01:f0:b6:fb:2a:1b:06:68:
                    ee:16:bc:a4:06:91:41:44:ae:a5:f9:4e:1b:af:32:
                    f3:b4:bc:1e:73:55:e2:85:6f:51:de:c7:12:f2:7f:
                    bc:08:0f:4f:8d:9f:93:44:8c:c2:67:67:f0:77:dd:
                    f5:53:3b:f5:e3:be:8d:62:be:97:3a:b9:5f:b7:2a:
                    74:2b:d6:eb:51:29:06:53:e7:16:75:a2:ee:7f:04:
                    df:89:e5:eb:9a:b3:a4:22:51:c1:3a:18:fe:2d:d1:
                    30:a8:90:62:b3:b4:a1:83:a0:a1:bf:26:c7:57:58:
                    a6:2e:41:fe:66:ed:a8:1c:40:30:13:c7:60:3b:ec:
                    fa:e9:b5:1d:81:09:8d:95:51:d4:3d:94:80:ec:52:
                    8d:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:57:44:2F:D4:D2:C5:9C:60:16:A1:19:99:AB:87:1D:57:AE:92:B9
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/660f5154-1b49-462f-808c-68d8e6db8edc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:6120::/48

    Signature Algorithm: sha256WithRSAEncryption
         1b:be:0d:15:23:9c:89:4f:7b:b1:2e:be:19:02:ee:90:dd:c7:
         7f:fd:9e:95:ce:55:d4:8d:02:7d:04:40:37:33:53:3a:a3:7f:
         29:d3:cc:58:59:af:a3:75:19:87:ad:0a:39:48:2c:3e:19:9f:
         ad:da:84:e1:89:0b:1d:f8:bd:ba:bf:e2:fc:77:1f:d7:b2:92:
         67:44:d7:f1:e3:05:08:be:e4:61:f3:01:87:e1:4c:05:75:cf:
         c6:cb:98:84:14:a6:24:10:1e:41:6a:0f:7a:e8:36:f8:02:7a:
         7a:f2:b7:9a:42:25:9e:72:57:34:ad:db:28:ab:25:d8:ea:3c:
         c8:c0:f2:d5:f8:d7:7e:26:39:bc:56:52:b4:53:7f:9c:ec:9e:
         83:49:72:a7:88:05:05:77:4c:04:82:76:09:21:d9:aa:a9:28:
         32:02:0e:65:a5:9f:af:5f:ac:58:bb:b9:c6:9e:9d:16:a3:00:
         3f:17:14:7d:a7:98:00:6a:40:4f:aa:77:2c:cc:9a:fa:65:ab:
         59:c8:94:e7:5a:40:cb:c4:fb:20:68:7b:d4:46:5e:04:11:52:
         1f:22:d5:42:d5:72:3e:73:fe:78:01:c9:df:96:92:72:ad:99:
         c7:62:84:99:a3:cb:4e:c4:ba:1f:45:89:28:19:43:08:7b:ab:
         45:91:66:5b
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUeDqA7jhK40XtAp1g5wyj+3NTTmQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDA2MTczNzQ4WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BmMjkxNDgyZDQ1YWUzNDU3NjFmNjk2MmVkYjA4MWJmZDVm
NTg1OGY2NTEzMDY3Mzg3NWQzZmUzMTgxMDM2NDY2MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1SJ20lQ0yESgbcwRUWtLmLe6uHMD+wvUeoKktQspAhSuj
0KTZD5lqSWRw1lVI9T9gcWjtz3V9lHCrmmBOWyf8pyugRhNBtZxAUrFujEAs3jAH
tzdZQQLHtTm8NqtBYUgSv0zfsIAVfnvUnMmKQ8gB8Lb7KhsGaO4WvKQGkUFErqX5
ThuvMvO0vB5zVeKFb1HexxLyf7wID0+Nn5NEjMJnZ/B33fVTO/Xjvo1ivpc6uV+3
KnQr1utRKQZT5xZ1ou5/BN+J5euas6QiUcE6GP4t0TCokGKztKGDoKG/JsdXWKYu
Qf5m7agcQDATx2A77PrptR2BCY2VUdQ9lIDsUo1hAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUp1dEL9TSxZxgFqEZmauHHVeukrkwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzY2MGY1MTU0LTFiNDktNDYyZi04MDhjLTY4ZDhlNmRiOGVkYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwYSAwDQYJKoZIhvcNAQELBQADggEBABu+DRUjnIlPe7EuvhkC7pDd
x3/9npXOVdSNAn0EQDczUzqjfynTzFhZr6N1GYetCjlILD4Zn63ahOGJCx34vbq/
4vx3H9eykmdE1/HjBQi+5GHzAYfhTAV1z8bLmIQUpiQQHkFqD3roNvgCenryt5pC
JZ5yVzSt2yirJdjqPMjA8tX4134mObxWUrRTf5zsnoNJcqeIBQV3TASCdgkh2aqp
KDICDmWln69frFi7ucaenRajAD8XFH2nmABqQE+qdyzMmvplq1nIlOdaQMvE+yBo
e9RGXgQRUh8i1ULVcj5z/ngByd+WknKtmcdihJmjy07Euh9FiSgZQwh7q0WRZls=
-----END CERTIFICATE-----
Generated at Mon Oct 20 17:36:11 2025 by rpki-client