Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a4c99211-8489-4968-bb5b-fa10b298aaaf.roa
File:                     a4c99211-8489-4968-bb5b-fa10b298aaaf.roa (raw, json)
Hash identifier:          wsZrBESXFxhzdmUDl3+2+kbIvW2qkXbOGKZ/pfAM/YY=
Subject key identifier:   0C:CD:6B:56:A2:D3:35:D5:55:F9:B7:7F:98:29:B7:19:8D:92:64:DE
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       7D9068D618E72AAE1E4BF4CB056E3B5F927010F7
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a4c99211-8489-4968-bb5b-fa10b298aaaf.roa
Signing time:             Fri 20 Jun 2025 00:10:14 +0000
ROA not before:           Fri 20 Jun 2025 00:10:14 +0000
ROA not after:            Fri 25 Jul 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0fb:f000::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 02 Jul 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:90:68:d6:18:e7:2a:ae:1e:4b:f4:cb:05:6e:3b:5f:92:70:10:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jun 20 00:10:14 2025 GMT
            Not After : Jul 25 23:59:59 2025 GMT
        Subject: serialNumber=7efff10486fef9eebab99421aaba9a47a092b11bb25961a2df7d9cb9826f9a55, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:b9:d1:d7:75:ff:40:7c:93:ea:5a:95:1f:70:
                    98:56:fa:dd:27:2b:a7:e0:b6:cd:1a:b7:c6:5d:09:
                    a5:65:db:f8:20:5d:68:7c:a4:2d:86:2d:3b:19:30:
                    90:08:46:1c:cb:5c:7e:f3:b9:7f:47:42:de:de:34:
                    d4:a5:cc:97:11:96:9a:ca:ef:c3:85:ec:e7:8c:15:
                    a6:e5:7c:29:2a:72:55:c1:bd:52:42:e1:f4:c3:f9:
                    d7:f6:20:20:90:f8:ea:75:cd:b2:dd:c9:6c:9a:13:
                    3a:f6:31:75:b1:9e:f9:c8:21:6d:06:24:ad:ed:87:
                    d5:ed:c5:14:53:56:ea:05:2d:6d:76:60:1b:a2:c8:
                    63:d8:ac:40:4c:ef:8c:42:a9:97:6c:b4:f9:13:2f:
                    29:35:bd:40:26:c0:bd:c4:b0:bf:6a:29:69:0e:b4:
                    eb:88:e4:7a:7a:13:84:53:47:28:1b:3d:cf:c7:a9:
                    17:c6:bb:c4:25:64:e6:f8:24:f3:3c:bf:94:65:d1:
                    41:de:16:21:27:e2:a5:fc:51:24:d7:b4:96:85:2f:
                    e9:e5:e2:c9:58:d8:64:02:3f:51:01:18:40:c3:66:
                    18:bd:0c:0f:ec:52:99:dd:e1:1c:7a:e3:c1:a8:6c:
                    73:6e:3f:eb:c3:97:2f:b8:ef:a6:83:03:0b:e3:5a:
                    4b:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:CD:6B:56:A2:D3:35:D5:55:F9:B7:7F:98:29:B7:19:8D:92:64:DE
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a4c99211-8489-4968-bb5b-fa10b298aaaf.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:f000::/44

    Signature Algorithm: sha256WithRSAEncryption
         30:07:76:c4:77:cb:78:88:ee:e3:1a:e2:d1:22:d5:02:a2:b8:
         b2:65:43:b2:a7:12:91:80:b4:be:5b:36:18:de:57:c1:53:f9:
         22:83:bd:6b:3b:65:92:ba:95:8a:88:ac:30:5d:28:24:9a:31:
         4a:3a:47:95:8f:bc:33:47:b9:12:03:b0:30:88:d3:72:e3:06:
         44:40:cc:f2:23:64:b3:27:d6:3d:b1:44:b1:eb:b2:ed:12:02:
         1c:40:90:03:8d:0f:84:80:2c:6c:99:f2:17:50:0b:ef:6c:da:
         93:b4:22:91:d1:4f:74:99:43:86:a8:59:bb:23:8e:67:32:9d:
         16:4c:d6:ab:08:ad:16:99:71:a8:1e:2b:40:2a:74:da:2f:2f:
         7b:22:6a:c9:f7:16:19:63:cd:6f:19:66:64:c0:8b:cf:94:2f:
         17:90:37:85:b7:cf:5a:64:90:32:19:01:dc:12:19:0e:20:f9:
         cb:20:fc:bf:91:65:34:6f:41:75:31:7e:bf:6e:80:1d:9c:ab:
         84:40:75:cc:93:6e:d8:51:71:ac:72:96:68:ce:27:d6:8b:4b:
         89:21:18:6a:56:d4:9b:04:47:01:7c:b7:13:07:50:07:e7:bd:
         3f:f1:b4:b3:e7:94:14:44:03:11:28:c2:80:6d:7f:95:b0:24:
         6e:6c:0b:b8
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUfZBo1hjnKq4eS/TLBW47X5JwEPcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNjIwMDAxMDE0WhcNMjUwNzI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZWZmZjEwNDg2ZmVmOWVlYmFiOTk0MjFhYWJhOWE0N2Ew
OTJiMTFiYjI1OTYxYTJkZjdkOWNiOTgyNmY5YTU1MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDrudHXdf9AfJPqWpUfcJhW+t0nK6fgts0at8ZdCaVl2/gg
XWh8pC2GLTsZMJAIRhzLXH7zuX9HQt7eNNSlzJcRlprK78OF7OeMFablfCkqclXB
vVJC4fTD+df2ICCQ+Op1zbLdyWyaEzr2MXWxnvnIIW0GJK3th9XtxRRTVuoFLW12
YBuiyGPYrEBM74xCqZdstPkTLyk1vUAmwL3EsL9qKWkOtOuI5Hp6E4RTRygbPc/H
qRfGu8QlZOb4JPM8v5Rl0UHeFiEn4qX8USTXtJaFL+nl4slY2GQCP1EBGEDDZhi9
DA/sUpnd4Rx648GobHNuP+vDly+476aDAwvjWkunAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUDM1rVqLTNdVV+bd/mCm3GY2SZN4wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2E0Yzk5MjExLTg0ODktNDk2OC1iYjViLWZhMTBiMjk4YWFhZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmAPD78AAwDQYJKoZIhvcNAQELBQADggEBADAHdsR3y3iI7uMa4tEi1QKi
uLJlQ7KnEpGAtL5bNhjeV8FT+SKDvWs7ZZK6lYqIrDBdKCSaMUo6R5WPvDNHuRID
sDCI03LjBkRAzPIjZLMn1j2xRLHrsu0SAhxAkAOND4SALGyZ8hdQC+9s2pO0IpHR
T3SZQ4aoWbsjjmcynRZM1qsIrRaZcageK0AqdNovL3siasn3FhljzW8ZZmTAi8+U
LxeQN4W3z1pkkDIZAdwSGQ4g+csg/L+RZTRvQXUxfr9ugB2cq4RAdcyTbthRcaxy
lmjOJ9aLS4khGGpW1JsERwF8txMHUAfnvT/xtLPnlBREAxEowoBtf5WwJG5sC7g=
-----END CERTIFICATE-----