Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a6c96c42-4344-44c8-a194-4c87f0ade3c9.roa
File:                     a6c96c42-4344-44c8-a194-4c87f0ade3c9.roa (raw, json)
Hash identifier:          rjNhgqfiAd81xyIvIAyaiHpQ2w8keR9y2p6FzozF0yg=
Subject key identifier:   F5:65:E2:5E:75:7B:E9:42:79:46:4D:52:21:E9:FF:C4:AA:C3:E0:67
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       57E4CAEA8949E4D2422DD087DCBA6FA617D5DFE9
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a6c96c42-4344-44c8-a194-4c87f0ade3c9.roa
Signing time:             Fri 26 Sep 2025 18:11:25 +0000
ROA not before:           Fri 26 Sep 2025 18:11:25 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:eb00::/42 maxlen: 42
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:e4:ca:ea:89:49:e4:d2:42:2d:d0:87:dc:ba:6f:a6:17:d5:df:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Sep 26 18:11:25 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=4b71d5885f3f9988a4bbdd13412fb1e11b8219dbb472dc9237f2e7558850a6e0, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:7c:e3:ea:1e:08:9d:22:58:1d:88:4a:19:91:
                    55:86:18:fe:19:71:59:f3:d5:1f:2c:90:39:2e:1a:
                    bc:6d:63:c0:7d:8e:09:03:0c:f5:4e:af:ea:91:1d:
                    f9:71:66:6d:b6:05:b9:b8:f3:61:b3:44:c0:d2:73:
                    63:c1:fa:8c:da:55:95:dd:50:17:90:13:e2:96:98:
                    1a:fc:ca:35:37:95:0c:49:df:0f:27:41:3f:5a:e8:
                    5f:48:ea:ff:6c:c7:0c:d2:48:c2:22:18:6a:a0:4b:
                    8e:0e:a9:45:bc:bd:57:04:5f:42:f0:53:0e:0b:9c:
                    27:7d:f0:3f:9b:df:db:67:e2:a1:e5:ff:19:86:80:
                    5c:6f:b8:c8:ad:b3:a2:62:95:b1:5f:d1:18:e2:66:
                    44:f1:8e:cb:a7:a0:40:e2:fb:09:d9:bb:f8:3f:dc:
                    b5:dc:66:52:f1:1d:95:9d:49:e9:93:1a:57:e6:43:
                    8d:3e:e4:9a:59:d7:56:e4:96:73:33:05:c0:27:d8:
                    f5:0c:08:1c:94:7b:bc:71:6e:00:f5:41:77:44:84:
                    1b:7e:c5:ee:42:dc:77:ce:99:db:1c:59:59:85:52:
                    f6:c3:b7:6f:8e:6d:df:75:7c:36:8e:7d:25:f8:02:
                    96:16:0e:0a:f0:85:fe:ba:12:0f:ad:f8:71:38:08:
                    90:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:65:E2:5E:75:7B:E9:42:79:46:4D:52:21:E9:FF:C4:AA:C3:E0:67
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a6c96c42-4344-44c8-a194-4c87f0ade3c9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:eb00::/42

    Signature Algorithm: sha256WithRSAEncryption
         5e:69:a8:85:df:9c:30:19:fd:11:0d:ed:ad:17:20:68:61:21:
         4f:4e:14:75:41:17:77:2d:92:4f:2a:a1:0c:69:af:8e:aa:d8:
         5d:48:fb:7d:73:a0:1b:6d:fd:a5:6e:e1:62:aa:ab:23:14:17:
         58:5f:f4:c0:e8:ef:95:eb:60:e6:81:c9:6a:2a:45:58:05:bf:
         2e:5a:70:c1:f0:26:c6:70:03:5f:c9:dc:fd:4e:22:c4:f2:81:
         fd:9b:d8:18:5b:e0:84:0b:f4:43:e1:86:4d:df:ff:c4:be:29:
         81:8a:a2:87:84:a6:10:10:e2:0c:69:f5:6b:f2:5d:46:c0:0b:
         2e:38:d9:d5:b0:ff:7c:25:19:af:ba:c5:53:61:f8:ed:17:18:
         9a:34:f5:4a:fa:c3:83:66:b7:87:17:cf:43:76:1b:e9:2c:14:
         dc:a8:4d:e3:c0:4a:cc:dd:6f:60:cb:50:13:73:fd:59:d0:3c:
         fd:ec:93:2d:62:00:8f:f6:c1:fa:40:75:08:18:b9:4e:10:cd:
         bb:cd:72:ea:c2:c3:2d:77:f2:94:ec:e8:70:17:9d:ee:b4:c0:
         fc:b5:fd:1e:8f:2f:bf:42:82:7e:9f:04:20:37:f2:7d:f7:75:
         5e:cc:7e:22:86:86:c8:52:1d:46:a7:19:fe:06:67:09:3e:e3:
         c1:98:8e:d9
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUV+TK6olJ5NJCLdCH3LpvphfV3+kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwOTI2MTgxMTI1WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A0YjcxZDU4ODVmM2Y5OTg4YTRiYmRkMTM0MTJmYjFlMTFi
ODIxOWRiYjQ3MmRjOTIzN2YyZTc1NTg4NTBhNmUwMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyfOPqHgidIlgdiEoZkVWGGP4ZcVnz1R8skDkuGrxtY8B9
jgkDDPVOr+qRHflxZm22Bbm482GzRMDSc2PB+ozaVZXdUBeQE+KWmBr8yjU3lQxJ
3w8nQT9a6F9I6v9sxwzSSMIiGGqgS44OqUW8vVcEX0LwUw4LnCd98D+b39tn4qHl
/xmGgFxvuMits6JilbFf0RjiZkTxjsunoEDi+wnZu/g/3LXcZlLxHZWdSemTGlfm
Q40+5JpZ11bklnMzBcAn2PUMCByUe7xxbgD1QXdEhBt+xe5C3HfOmdscWVmFUvbD
t2+Obd91fDaOfSX4ApYWDgrwhf66Eg+t+HE4CJB1AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU9WXiXnV76UJ5Rk1SIen/xKrD4GcwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2E2Yzk2YzQyLTQzNDQtNDRjOC1hMTk0LTRjODdmMGFkZTNjOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwYmAPD76wAwDQYJKoZIhvcNAQELBQADggEBAF5pqIXfnDAZ/REN7a0XIGhh
IU9OFHVBF3ctkk8qoQxpr46q2F1I+31zoBtt/aVu4WKqqyMUF1hf9MDo75XrYOaB
yWoqRVgFvy5acMHwJsZwA1/J3P1OIsTygf2b2Bhb4IQL9EPhhk3f/8S+KYGKooeE
phAQ4gxp9WvyXUbACy442dWw/3wlGa+6xVNh+O0XGJo09Ur6w4Nmt4cXz0N2G+ks
FNyoTePASszdb2DLUBNz/VnQPP3sky1iAI/2wfpAdQgYuU4QzbvNcurCwy138pTs
6HAXne60wPy1/R6PL79Cgn6fBCA38n33dV7MfiKGhshSHUanGf4GZwk+48GYjtk=
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:41:03 2025 by rpki-client