Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a1083a01-360a-4b23-a3a3-630df82536fc.roa
File:                     a1083a01-360a-4b23-a3a3-630df82536fc.roa (raw, json)
Hash identifier:          UdaDqlwcrO7Dgcg2DNtB3+H77KX+O2/nFIST86IiqNg=
Subject key identifier:   DC:55:E3:DF:FC:DB:5F:5A:A4:A0:0C:9E:8D:77:70:B5:2A:A1:0E:0D
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       268B40A940308AC39D9526DFB9E91E86C8CAA642
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a1083a01-360a-4b23-a3a3-630df82536fc.roa
Signing time:             Fri 26 Sep 2025 18:00:10 +0000
ROA not before:           Fri 26 Sep 2025 18:00:10 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:80::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:8b:40:a9:40:30:8a:c3:9d:95:26:df:b9:e9:1e:86:c8:ca:a6:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Sep 26 18:00:10 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=116c91b569fed21595d8c9615bb8ec88b64b775911eb2272c4725961d1495b84, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:07:eb:df:d3:7e:d6:00:26:f6:f2:ea:c5:67:
                    9f:74:37:83:46:fa:66:30:e5:34:f0:8c:f2:5e:0f:
                    fc:f2:a0:5e:87:ce:1c:d2:39:2b:8a:6c:d1:12:fd:
                    c4:9c:f7:ca:52:e7:2d:2d:c2:07:78:91:76:3c:cf:
                    ec:26:0e:bd:d9:6e:32:a2:8e:02:be:7d:2e:9b:bc:
                    d9:01:9d:2a:21:cd:e6:1b:db:d9:d8:71:e9:ed:e2:
                    58:4b:95:f3:9b:d5:f1:1d:81:27:10:b9:ed:d1:a1:
                    01:de:bb:a0:4c:7d:74:b1:fc:52:93:56:63:c1:c3:
                    05:78:fe:28:41:51:6d:96:bb:b0:39:5d:d3:f3:2b:
                    6b:64:33:22:3a:35:07:33:7c:2a:99:7b:38:72:40:
                    19:80:94:e5:02:65:f1:79:3d:18:b6:1b:87:05:7e:
                    a2:af:07:b2:86:cf:26:83:5a:5e:70:56:60:9f:a2:
                    da:fd:a1:92:55:7e:11:43:9c:bf:8b:6c:aa:c6:7f:
                    17:8f:b2:bc:8f:b9:f8:aa:76:11:be:59:9f:cb:42:
                    30:05:1c:68:ce:d4:99:1c:44:09:06:00:21:2c:15:
                    e3:03:03:a4:b8:02:63:9b:c6:5f:1c:28:2d:4d:ad:
                    08:5a:a0:fc:89:1f:de:06:29:42:4c:09:e0:2c:51:
                    15:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:55:E3:DF:FC:DB:5F:5A:A4:A0:0C:9E:8D:77:70:B5:2A:A1:0E:0D
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a1083a01-360a-4b23-a3a3-630df82536fc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:80::/48

    Signature Algorithm: sha256WithRSAEncryption
         58:31:70:ee:d7:68:f0:41:3f:88:d9:c7:a0:1b:64:43:4c:e3:
         78:ff:da:ac:61:3c:14:78:fe:82:6f:48:09:bf:80:24:0f:46:
         c7:3c:89:dd:4e:b9:a4:dd:0a:f5:a7:12:61:8d:97:2f:0f:25:
         f9:20:66:25:6b:8b:75:4f:43:d4:53:86:65:0c:22:cb:fd:e3:
         89:aa:be:7a:97:73:ef:be:97:3f:e9:03:48:c8:73:9a:b9:8d:
         5e:d8:3f:c2:35:4d:68:36:ff:32:34:28:3a:be:78:a8:c1:5e:
         fa:52:50:fd:da:70:5a:3f:64:82:e2:5c:88:70:47:d6:d8:a7:
         2a:8c:c2:a4:ea:5d:b9:0f:d7:76:34:83:88:ab:ce:ec:0a:96:
         b5:d7:4d:ab:96:20:62:ea:a6:b4:c4:eb:52:fb:f8:18:67:a9:
         93:58:35:a2:2b:9b:93:b8:03:28:3c:7a:4d:12:5a:e2:0a:77:
         65:6d:c7:6f:8e:84:94:40:e5:bc:5e:b5:1d:84:d0:92:fb:51:
         93:31:7d:42:78:ca:0b:34:fd:f9:ac:bd:d3:3e:a8:f0:1b:e6:
         98:b8:de:d4:ae:4b:d6:7c:41:ff:a1:6e:02:1b:17:f4:b5:25:
         03:79:0a:5f:39:51:5b:e1:ee:20:84:3a:9f:2c:bb:3d:3b:9d:
         6e:16:bc:70
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUJotAqUAwisOdlSbfuekehsjKpkIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwOTI2MTgwMDEwWhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AxMTZjOTFiNTY5ZmVkMjE1OTVkOGM5NjE1YmI4ZWM4OGI2
NGI3NzU5MTFlYjIyNzJjNDcyNTk2MWQxNDk1Yjg0MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLB+vf037WACb28urFZ590N4NG+mYw5TTwjPJeD/zyoF6H
zhzSOSuKbNES/cSc98pS5y0twgd4kXY8z+wmDr3ZbjKijgK+fS6bvNkBnSohzeYb
29nYcent4lhLlfOb1fEdgScQue3RoQHeu6BMfXSx/FKTVmPBwwV4/ihBUW2Wu7A5
XdPzK2tkMyI6NQczfCqZezhyQBmAlOUCZfF5PRi2G4cFfqKvB7KGzyaDWl5wVmCf
otr9oZJVfhFDnL+LbKrGfxePsryPufiqdhG+WZ/LQjAFHGjO1JkcRAkGACEsFeMD
A6S4AmObxl8cKC1NrQhaoPyJH94GKUJMCeAsURUPAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU3FXj3/zbX1qkoAyejXdwtSqhDg0wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2ExMDgzYTAxLTM2MGEtNGIyMy1hM2EzLTYzMGRmODI1MzZmYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwAIAwDQYJKoZIhvcNAQELBQADggEBAFgxcO7XaPBBP4jZx6AbZENM
43j/2qxhPBR4/oJvSAm/gCQPRsc8id1OuaTdCvWnEmGNly8PJfkgZiVri3VPQ9RT
hmUMIsv944mqvnqXc+++lz/pA0jIc5q5jV7YP8I1TWg2/zI0KDq+eKjBXvpSUP3a
cFo/ZILiXIhwR9bYpyqMwqTqXbkP13Y0g4irzuwKlrXXTauWIGLqprTE61L7+Bhn
qZNYNaIrm5O4Ayg8ek0SWuIKd2Vtx2+OhJRA5bxetR2E0JL7UZMxfUJ4ygs0/fms
vdM+qPAb5pi43tSuS9Z8Qf+hbgIbF/S1JQN5Cl85UVvh7iCEOp8suz07nW4WvHA=
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:40:53 2025 by rpki-client