Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/7789e577-d458-4bf2-9fdd-d815202ea397.roa
File:                     7789e577-d458-4bf2-9fdd-d815202ea397.roa (raw, json)
Hash identifier:          EotoOtRK9crpzfVGo97tma74HDdsbiMRzAYMDjmeY1c=
Subject key identifier:   1F:80:0D:BE:CF:28:1E:0A:C2:FC:4C:50:0C:84:D5:6E:67:EF:84:55
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       48B485211C9D1DF9A0F1C9D3F712E3C0D00AFB60
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/7789e577-d458-4bf2-9fdd-d815202ea397.roa
Signing time:             Fri 17 Oct 2025 20:10:19 +0000
ROA not before:           Fri 17 Oct 2025 20:10:19 +0000
ROA not after:            Fri 21 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f2:7400::/38 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:b4:85:21:1c:9d:1d:f9:a0:f1:c9:d3:f7:12:e3:c0:d0:0a:fb:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Oct 17 20:10:19 2025 GMT
            Not After : Nov 21 23:59:59 2025 GMT
        Subject: serialNumber=ea20af413977ab856e0ca0c83621f30584bd9e8f4982779355c4209e1055e769, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:28:38:46:d7:40:75:4b:d8:65:30:56:88:15:
                    f9:94:19:c3:2a:7c:bb:1d:18:a4:84:56:48:f4:9d:
                    e5:2b:ea:a6:e2:40:3b:ca:a3:b7:61:4c:c9:ee:43:
                    36:46:2e:a8:0a:78:54:04:57:18:77:39:b5:65:a4:
                    d5:04:cc:9e:2e:73:29:84:e5:df:d8:5a:68:60:1c:
                    44:a5:0d:cc:2e:5a:bf:b8:82:9d:e2:1e:f6:fd:f9:
                    be:1b:6c:9e:cd:d5:2e:1e:8a:87:62:8c:31:d3:db:
                    56:30:93:df:cc:33:f7:5d:d5:1d:d6:65:34:88:08:
                    6a:55:15:a7:c3:98:19:08:12:d9:ab:eb:0e:37:96:
                    c8:78:52:0b:9b:bc:d0:a9:cc:c6:cb:18:fc:21:66:
                    7d:a4:21:a7:a4:be:a9:3d:27:19:53:29:39:e0:72:
                    7c:54:67:ff:61:56:28:83:40:4a:7a:99:34:51:4f:
                    66:2a:be:61:2c:ac:3f:e4:8f:4f:80:54:9f:7a:ee:
                    a5:de:6c:1b:ea:56:21:5d:e3:db:10:ad:da:8b:73:
                    25:e8:f4:03:b2:92:9b:0e:72:e1:c1:4f:48:a6:f5:
                    7a:2e:98:23:e3:8a:cc:36:4f:ed:21:03:cc:27:88:
                    5a:22:d9:d6:56:a7:e0:8b:a6:fa:b9:d4:00:c8:95:
                    b8:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:80:0D:BE:CF:28:1E:0A:C2:FC:4C:50:0C:84:D5:6E:67:EF:84:55
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/7789e577-d458-4bf2-9fdd-d815202ea397.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f2:7400::/38

    Signature Algorithm: sha256WithRSAEncryption
         11:e7:18:7d:7f:25:b3:9b:66:69:dc:20:ab:c6:cb:85:89:15:
         60:3c:62:48:78:dc:a7:72:ed:a1:b2:3a:51:c9:9e:50:d4:09:
         04:81:70:34:52:09:33:7f:be:68:e2:a0:ba:b5:1c:70:16:36:
         16:b3:dc:57:76:e5:46:b7:ca:7a:91:04:7c:a7:57:83:98:e3:
         c7:9f:20:2f:da:bd:13:1f:bc:03:11:a7:6a:20:a5:cc:2b:ee:
         96:c7:a2:a3:e7:67:66:cf:ea:38:88:d1:c8:f0:0c:dd:25:e9:
         8c:58:5c:cd:f8:95:c6:1f:d3:d1:07:14:e5:e4:b7:f9:b3:d4:
         7d:ff:f2:b6:a7:a4:b6:29:9e:49:22:fb:6b:5f:8e:d4:2c:79:
         8c:54:c2:2a:c1:d4:52:db:f9:14:0c:d6:fa:a8:65:24:8e:3b:
         d9:f7:be:19:d4:11:32:3d:74:8f:7e:d9:08:fa:e6:5a:7e:d6:
         a4:4d:0e:16:10:b3:44:bb:ca:8f:c7:2d:5f:4b:96:1c:63:69:
         6c:8a:47:a7:e4:c3:03:91:b7:19:e6:15:4e:d9:69:44:57:64:
         be:b4:c7:03:2c:d5:09:51:fa:79:69:e7:a2:c3:80:da:59:9d:
         59:51:73:05:c9:de:3b:01:ad:a0:af:66:a2:de:8c:c2:2b:d1:
         f6:c2:75:ec
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUSLSFIRydHfmg8cnT9xLjwNAK+2AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDE3MjAxMDE5WhcNMjUxMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BlYTIwYWY0MTM5NzdhYjg1NmUwY2EwYzgzNjIxZjMwNTg0
YmQ5ZThmNDk4Mjc3OTM1NWM0MjA5ZTEwNTVlNzY5MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgKDhG10B1S9hlMFaIFfmUGcMqfLsdGKSEVkj0neUr6qbi
QDvKo7dhTMnuQzZGLqgKeFQEVxh3ObVlpNUEzJ4ucymE5d/YWmhgHESlDcwuWr+4
gp3iHvb9+b4bbJ7N1S4eiodijDHT21Ywk9/MM/dd1R3WZTSICGpVFafDmBkIEtmr
6w43lsh4UgubvNCpzMbLGPwhZn2kIaekvqk9JxlTKTngcnxUZ/9hViiDQEp6mTRR
T2YqvmEsrD/kj0+AVJ967qXebBvqViFd49sQrdqLcyXo9AOykpsOcuHBT0im9Xou
mCPjisw2T+0hA8wniFoi2dZWp+CLpvq51ADIlbg1AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUH4ANvs8oHgrC/ExQDITVbmfvhFUwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2Lzc3ODllNTc3LWQ0NTgtNGJmMi05ZmRkLWQ4MTUyMDJlYTM5Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgImAPDydDANBgkqhkiG9w0BAQsFAAOCAQEAEecYfX8ls5tmadwgq8bLhYkV
YDxiSHjcp3LtobI6UcmeUNQJBIFwNFIJM3++aOKgurUccBY2FrPcV3blRrfKepEE
fKdXg5jjx58gL9q9Ex+8AxGnaiClzCvulseio+dnZs/qOIjRyPAM3SXpjFhczfiV
xh/T0QcU5eS3+bPUff/ytqektimeSSL7a1+O1Cx5jFTCKsHUUtv5FAzW+qhlJI47
2fe+GdQRMj10j37ZCPrmWn7WpE0OFhCzRLvKj8ctX0uWHGNpbIpHp+TDA5G3GeYV
TtlpRFdkvrTHAyzVCVH6eWnnosOA2lmdWVFzBcneOwGtoK9mot6MwivR9sJ17A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:42:04 2025 by rpki-client