Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/720f42c5-101d-41af-abc8-bd64d6f08fe0.roa
File:                     720f42c5-101d-41af-abc8-bd64d6f08fe0.roa (raw, json)
Hash identifier:          IksoHTY0xlov2oDYGggxiePRDxMDh2vBJtDv42J3S3Y=
Subject key identifier:   C1:57:3D:59:18:6D:39:65:A5:B7:36:C1:06:45:61:D0:FA:E6:C0:3C
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       4C9E92DD629E65A19D39DC60FE72AA6A2CD3EE5F
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/720f42c5-101d-41af-abc8-bd64d6f08fe0.roa
Signing time:             Mon 13 Oct 2025 17:55:16 +0000
ROA not before:           Mon 13 Oct 2025 17:55:16 +0000
ROA not after:            Mon 17 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f2:7011::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:9e:92:dd:62:9e:65:a1:9d:39:dc:60:fe:72:aa:6a:2c:d3:ee:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Oct 13 17:55:16 2025 GMT
            Not After : Nov 17 23:59:59 2025 GMT
        Subject: serialNumber=373c6bad681412b4bf691604671ae8da0c73fe185dd9cc785df6b4627b72fe29, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:81:50:71:55:94:d0:c8:2e:75:5e:2d:7d:a0:
                    db:23:d9:98:28:56:9e:03:e9:d3:dd:9b:65:a9:87:
                    1f:90:04:8b:5d:e0:a9:d8:55:de:73:d9:85:f3:e8:
                    ff:a0:c7:9d:da:8a:1c:f7:f8:d3:b7:54:af:8d:a1:
                    7a:8a:bb:45:42:33:64:a2:ba:4a:fa:be:2c:40:f8:
                    8d:71:f7:b0:f9:4f:00:18:b7:5c:8c:4f:b3:69:9f:
                    1f:cf:8f:c9:e9:a7:87:ef:41:a6:4d:c3:9b:b1:bc:
                    f9:48:ca:67:d1:3a:0b:7d:8b:37:61:5e:a8:44:09:
                    ba:af:cb:87:05:b7:2a:1b:d1:08:33:c5:5e:c2:42:
                    15:ad:ae:e0:b0:ce:8f:86:b6:dc:4a:64:b8:3a:57:
                    bf:d7:5e:3f:4d:1e:c4:6d:72:12:7a:47:3e:f2:28:
                    ee:55:09:46:78:53:79:1f:ed:f3:41:79:e0:87:d9:
                    eb:8b:a0:0e:f9:e5:69:1d:98:06:ed:75:16:2f:a5:
                    0b:7f:f4:20:ec:98:e0:bb:46:93:b9:6c:19:9d:9e:
                    84:44:e1:69:6b:a9:15:5c:35:f1:8e:0e:8a:a7:ef:
                    ba:ca:f9:4f:09:18:48:4c:c9:d6:99:73:b0:c5:8a:
                    c9:2e:a4:b0:8a:9a:92:c4:81:15:ad:0b:54:16:68:
                    ae:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:57:3D:59:18:6D:39:65:A5:B7:36:C1:06:45:61:D0:FA:E6:C0:3C
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/720f42c5-101d-41af-abc8-bd64d6f08fe0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f2:7011::/48

    Signature Algorithm: sha256WithRSAEncryption
         69:29:81:78:55:6c:ca:3f:f7:32:d3:42:39:4e:64:ff:69:1f:
         b7:ed:08:5e:4a:d6:13:45:ae:ab:89:a3:44:4c:e1:5b:f1:10:
         9c:e5:0b:3e:17:34:3a:2a:c0:94:6e:29:c1:a4:4c:bf:2e:e4:
         ee:83:e7:3c:7f:05:35:38:e1:3e:a9:1d:1c:19:f2:d6:76:a7:
         1b:91:11:21:0b:f8:38:da:ea:11:c2:d2:1a:fe:77:99:90:cd:
         d6:a8:2e:d8:29:dc:02:14:ec:da:84:87:d1:f8:0e:9e:cc:20:
         c2:35:f0:90:5d:eb:b3:bf:86:8d:10:27:8f:80:a8:a0:d0:93:
         23:d5:6b:32:f3:c3:9d:81:d3:c2:40:ac:61:c1:6f:3f:52:25:
         90:9a:91:22:69:a4:e0:b0:8d:4b:5c:32:94:1e:54:24:b1:1b:
         e7:d9:eb:55:ac:d8:d6:9e:2f:11:c1:70:90:ca:73:1e:99:33:
         00:29:6e:44:11:27:74:97:7f:b5:39:36:b6:40:1b:7e:b9:9e:
         53:ad:03:9d:58:c9:b2:7d:8f:a8:8f:e7:c7:19:4f:b6:ce:0d:
         07:7f:1c:3c:17:49:cf:01:77:4d:a7:d3:c8:72:6c:4a:50:e6:
         8b:4a:29:40:86:c5:4d:4d:c4:e7:ef:ac:d8:40:fa:de:33:c9:
         16:2e:5e:42
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUTJ6S3WKeZaGdOdxg/nKqaizT7l8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDEzMTc1NTE2WhcNMjUxMTE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNzNjNmJhZDY4MTQxMmI0YmY2OTE2MDQ2NzFhZThkYTBj
NzNmZTE4NWRkOWNjNzg1ZGY2YjQ2MjdiNzJmZTI5MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmgVBxVZTQyC51Xi19oNsj2ZgoVp4D6dPdm2Wphx+QBItd
4KnYVd5z2YXz6P+gx53aihz3+NO3VK+NoXqKu0VCM2Siukr6vixA+I1x97D5TwAY
t1yMT7Npnx/Pj8npp4fvQaZNw5uxvPlIymfROgt9izdhXqhECbqvy4cFtyob0Qgz
xV7CQhWtruCwzo+GttxKZLg6V7/XXj9NHsRtchJ6Rz7yKO5VCUZ4U3kf7fNBeeCH
2euLoA755WkdmAbtdRYvpQt/9CDsmOC7RpO5bBmdnoRE4WlrqRVcNfGODoqn77rK
+U8JGEhMydaZc7DFiskupLCKmpLEgRWtC1QWaK5BAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUwVc9WRhtOWWltzbBBkVh0PrmwDwwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzcyMGY0MmM1LTEwMWQtNDFhZi1hYmM4LWJkNjRkNmYwOGZlMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDycBEwDQYJKoZIhvcNAQELBQADggEBAGkpgXhVbMo/9zLTQjlOZP9p
H7ftCF5K1hNFrquJo0RM4VvxEJzlCz4XNDoqwJRuKcGkTL8u5O6D5zx/BTU44T6p
HRwZ8tZ2pxuRESEL+Dja6hHC0hr+d5mQzdaoLtgp3AIU7NqEh9H4Dp7MIMI18JBd
67O/ho0QJ4+AqKDQkyPVazLzw52B08JArGHBbz9SJZCakSJppOCwjUtcMpQeVCSx
G+fZ61Ws2NaeLxHBcJDKcx6ZMwApbkQRJ3SXf7U5NrZAG365nlOtA51YybJ9j6iP
58cZT7bODQd/HDwXSc8Bd02n08hybEpQ5otKKUCGxU1NxOfvrNhA+t4zyRYuXkI=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:37:39 2025 by rpki-client