Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/7ef9d80d-500c-4762-aefe-0aa07f82b263.roa
File:                     7ef9d80d-500c-4762-aefe-0aa07f82b263.roa (raw, json)
Hash identifier:          DxjLtmklkuillDDX2+7ZQhX/pW4nE6cNIchosa5pyxo=
Subject key identifier:   0E:7D:29:0D:40:28:BA:66:C8:66:E9:D0:DC:96:87:BE:AD:9A:E0:06
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       548D41F4C563B9D2202E187469E14AE84EEC9686
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/7ef9d80d-500c-4762-aefe-0aa07f82b263.roa
Signing time:             Fri 26 Sep 2025 18:10:14 +0000
ROA not before:           Fri 26 Sep 2025 18:10:14 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:e400::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 22 Oct 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:8d:41:f4:c5:63:b9:d2:20:2e:18:74:69:e1:4a:e8:4e:ec:96:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Sep 26 18:10:14 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=a7bb9695a0f860e31b1dd6ba98216956ed99a06fa9fa1b92817627880ac63c7c, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:f2:fe:29:9a:8f:d7:ec:0e:8c:b8:05:38:dc:
                    86:14:5e:36:24:f1:45:83:89:a3:8c:3d:67:76:13:
                    22:0d:d2:8e:96:15:bf:ed:76:d3:81:99:23:92:2b:
                    00:d3:0d:1d:01:d5:55:27:08:2e:55:95:52:e5:29:
                    51:cd:9e:c6:36:a9:8a:9c:cd:d1:ff:f5:aa:a6:6b:
                    0f:78:64:65:c3:76:11:32:78:4e:24:66:6a:01:f3:
                    a8:4d:c3:59:58:59:9f:d2:46:7d:ba:be:2c:ac:6c:
                    8e:59:8f:12:7d:74:ca:1b:77:a4:34:88:89:49:7f:
                    90:64:54:29:34:54:07:78:c9:fa:b9:92:be:53:9a:
                    32:db:b2:d1:d7:3d:3e:2f:a6:a0:c3:a9:46:dd:de:
                    ac:77:87:95:da:7d:d1:6a:12:0b:62:4a:94:c1:28:
                    13:14:a2:d1:d5:77:2a:cb:e8:65:8f:4b:de:6a:4a:
                    64:b0:9a:e6:e1:34:4e:1d:58:07:d0:d4:59:b1:b7:
                    19:97:be:e1:ff:95:98:05:db:4b:90:e2:b9:77:31:
                    5a:8a:bd:76:26:17:63:e2:d5:f4:fa:97:db:15:ed:
                    39:e2:df:6b:a4:ee:0e:b4:79:5a:c6:67:49:18:b7:
                    66:20:9a:19:2b:18:7a:f3:e3:06:fc:30:e7:74:4f:
                    e7:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:7D:29:0D:40:28:BA:66:C8:66:E9:D0:DC:96:87:BE:AD:9A:E0:06
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/7ef9d80d-500c-4762-aefe-0aa07f82b263.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:e400::/40

    Signature Algorithm: sha256WithRSAEncryption
         43:a6:b1:50:45:04:28:d9:4d:7d:24:bf:cb:75:38:14:e0:bf:
         74:d4:3d:39:a6:21:e7:b8:83:2e:d4:db:45:7a:cc:4f:e3:25:
         2c:d2:61:1d:3f:04:aa:2e:fc:88:6b:87:cc:19:a2:a1:c6:dc:
         9d:6d:56:70:e4:af:68:69:97:ec:dc:43:54:19:bb:8a:30:d0:
         14:fd:1f:fc:27:b8:40:6a:eb:0d:ac:95:36:48:fb:11:48:96:
         d0:91:12:34:4e:37:22:1e:81:d5:19:3f:d0:57:36:c6:9f:78:
         a4:c6:fc:c7:0f:bf:6b:bc:d5:52:15:09:84:e4:7b:82:d4:b0:
         ed:68:12:26:9e:f5:a5:d8:6f:6d:30:f5:6c:4f:25:1a:50:fb:
         96:d0:27:7a:02:d8:56:32:5f:ec:6d:3b:a5:a1:b2:92:c1:87:
         29:2b:a4:ad:96:be:51:fb:6a:18:47:82:fb:a3:ab:12:66:81:
         74:af:97:ec:38:bc:2c:ba:a0:11:ec:e9:af:c3:99:fe:36:c7:
         d1:cf:e8:69:8d:b4:70:69:29:10:04:77:11:8c:9f:24:0f:01:
         ba:5e:26:96:a1:15:2b:3f:1e:61:6a:0b:84:3c:26:ee:fc:37:
         b2:fe:a5:fc:ea:6b:45:3a:59:c3:3b:b3:3b:40:4d:13:94:a3:
         9e:37:c2:ee
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUVI1B9MVjudIgLhh0aeFK6E7sloYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwOTI2MTgxMDE0WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BhN2JiOTY5NWEwZjg2MGUzMWIxZGQ2YmE5ODIxNjk1NmVk
OTlhMDZmYTlmYTFiOTI4MTc2Mjc4ODBhYzYzYzdjMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCz8v4pmo/X7A6MuAU43IYUXjYk8UWDiaOMPWd2EyIN0o6W
Fb/tdtOBmSOSKwDTDR0B1VUnCC5VlVLlKVHNnsY2qYqczdH/9aqmaw94ZGXDdhEy
eE4kZmoB86hNw1lYWZ/SRn26viysbI5ZjxJ9dMobd6Q0iIlJf5BkVCk0VAd4yfq5
kr5TmjLbstHXPT4vpqDDqUbd3qx3h5XafdFqEgtiSpTBKBMUotHVdyrL6GWPS95q
SmSwmubhNE4dWAfQ1FmxtxmXvuH/lZgF20uQ4rl3MVqKvXYmF2Pi1fT6l9sV7Tni
32uk7g60eVrGZ0kYt2YgmhkrGHrz4wb8MOd0T+cPAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUDn0pDUAoumbIZunQ3JaHvq2a4AYwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzdlZjlkODBkLTUwMGMtNDc2Mi1hZWZlLTBhYTA3ZjgyYjI2My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPD75DANBgkqhkiG9w0BAQsFAAOCAQEAQ6axUEUEKNlNfSS/y3U4FOC/
dNQ9OaYh57iDLtTbRXrMT+MlLNJhHT8Eqi78iGuHzBmiocbcnW1WcOSvaGmX7NxD
VBm7ijDQFP0f/Ce4QGrrDayVNkj7EUiW0JESNE43Ih6B1Rk/0Fc2xp94pMb8xw+/
a7zVUhUJhOR7gtSw7WgSJp71pdhvbTD1bE8lGlD7ltAnegLYVjJf7G07paGyksGH
KSukrZa+UftqGEeC+6OrEmaBdK+X7Di8LLqgEezpr8OZ/jbH0c/oaY20cGkpEAR3
EYyfJA8Bul4mlqEVKz8eYWoLhDwm7vw3sv6l/OprRTpZwzuzO0BNE5SjnjfC7g==
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:04:48 2025 by rpki-client