Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b711b513-e0f0-4a59-a188-036dda4ade5a.roa
File:                     b711b513-e0f0-4a59-a188-036dda4ade5a.roa (raw, json)
Hash identifier:          MkMpEa0XMMsYyFxHHYKo+ZP0Ez/nEy93Lq6e3rFRIJc=
Subject key identifier:   27:7D:E1:3B:F4:6D:22:7F:DE:13:B8:3F:4D:E2:5B:EE:93:2E:41:5C
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       0A8EECC5B0BCE222B4118C070C4E079A750F3159
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b711b513-e0f0-4a59-a188-036dda4ade5a.roa
Signing time:             Mon 16 Jun 2025 19:20:47 +0000
ROA not before:           Mon 16 Jun 2025 19:20:47 +0000
ROA not after:            Mon 21 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:ef00::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 02 Jul 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:8e:ec:c5:b0:bc:e2:22:b4:11:8c:07:0c:4e:07:9a:75:0f:31:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jun 16 19:20:47 2025 GMT
            Not After : Jul 21 23:59:59 2025 GMT
        Subject: serialNumber=fa82a69a034cf7534b4910045b935914834eb0308e88cc62ad3be5e2632c988c, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:76:f7:f0:61:7e:5e:49:dc:e6:6f:b1:61:bf:
                    78:22:c0:0c:d2:3e:9e:bd:b7:da:85:c8:c4:17:2a:
                    fd:d2:89:04:2f:01:2b:51:dd:b6:bd:73:a4:6e:8d:
                    f6:48:78:61:49:59:d9:75:d7:6c:be:31:3c:0b:80:
                    70:9e:f4:3d:9f:d5:23:49:71:61:e9:07:6d:66:bb:
                    d7:12:1c:0f:86:f3:c9:aa:ca:7a:43:b8:aa:d6:33:
                    0b:f3:06:99:35:51:7b:56:51:c3:bd:f3:38:b2:3c:
                    4d:3c:fb:37:34:69:64:c1:3f:d3:d0:04:97:34:0f:
                    93:89:60:75:6d:20:6b:48:2d:c2:cf:11:6c:ca:c2:
                    5d:6a:d2:c3:db:47:74:35:ca:56:33:a7:af:bf:f2:
                    de:01:0d:f0:02:2e:d1:41:5e:a9:03:a1:8a:d4:8c:
                    ad:cd:9b:87:68:f9:e3:27:31:a6:e5:fa:39:5c:35:
                    ae:b3:a8:34:b9:2a:72:ba:7b:05:8b:64:31:3d:91:
                    75:fe:39:25:90:90:68:9f:44:b0:38:85:59:ce:7a:
                    7a:dc:2d:b5:28:4b:db:8e:f0:01:25:62:e7:8c:35:
                    50:0b:68:cb:d7:db:e8:70:74:ee:c7:ef:a2:b2:e4:
                    e3:21:41:e5:35:4b:ae:5c:59:57:04:70:20:a7:92:
                    8f:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:7D:E1:3B:F4:6D:22:7F:DE:13:B8:3F:4D:E2:5B:EE:93:2E:41:5C
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b711b513-e0f0-4a59-a188-036dda4ade5a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:ef00::/40

    Signature Algorithm: sha256WithRSAEncryption
         0f:f9:85:27:7c:bf:70:4a:bb:b8:b5:74:a0:a8:45:b9:54:b4:
         c0:83:08:f9:98:e1:2d:fe:7f:65:e0:53:dc:b8:43:c5:11:9f:
         57:fb:2d:45:34:24:dc:4d:ca:0f:9d:dd:5f:8d:14:73:c2:98:
         b4:c5:ff:8c:4f:e8:74:67:a9:c7:b8:18:d5:ca:7d:29:0d:c6:
         ae:54:fb:b6:45:97:30:53:f6:8f:31:0e:10:4b:9f:5e:29:7d:
         3b:7a:01:9a:61:02:0a:ab:0a:aa:0f:2f:1f:1e:a1:10:1c:15:
         eb:ef:ed:44:f1:c9:ff:43:79:23:ca:9d:f9:c2:ec:77:62:52:
         62:f4:96:30:b3:29:43:f7:1d:8a:e0:8c:1a:8e:e9:bf:c8:5f:
         c0:3f:3a:eb:64:6a:93:3e:47:3d:df:53:51:35:dd:73:d3:5d:
         60:37:f9:9b:61:85:d4:49:d4:2a:a8:1a:67:de:ce:34:6d:62:
         a3:0a:fc:30:4f:ed:6a:e0:72:dd:e1:ac:0b:91:85:de:1f:95:
         40:bd:98:d3:ef:b8:b1:83:9c:4b:d0:6f:ed:fd:da:0a:38:86:
         5b:84:7e:8e:f9:6c:d8:38:38:6b:cf:0a:97:63:5e:28:69:ac:
         73:cc:2a:72:d2:b3:4f:b5:72:21:35:91:10:c3:42:3b:24:18:
         5a:4e:57:02
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUCo7sxbC84iK0EYwHDE4HmnUPMVkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNjE2MTkyMDQ3WhcNMjUwNzIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BmYTgyYTY5YTAzNGNmNzUzNGI0OTEwMDQ1YjkzNTkxNDgz
NGViMDMwOGU4OGNjNjJhZDNiZTVlMjYzMmM5ODhjMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCPdvfwYX5eSdzmb7Fhv3giwAzSPp69t9qFyMQXKv3SiQQv
AStR3ba9c6RujfZIeGFJWdl112y+MTwLgHCe9D2f1SNJcWHpB21mu9cSHA+G88mq
ynpDuKrWMwvzBpk1UXtWUcO98ziyPE08+zc0aWTBP9PQBJc0D5OJYHVtIGtILcLP
EWzKwl1q0sPbR3Q1ylYzp6+/8t4BDfACLtFBXqkDoYrUjK3Nm4do+eMnMabl+jlc
Na6zqDS5KnK6ewWLZDE9kXX+OSWQkGifRLA4hVnOenrcLbUoS9uO8AElYueMNVAL
aMvX2+hwdO7H76Ky5OMhQeU1S65cWVcEcCCnko8XAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUJ33hO/RtIn/eE7g/TeJb7pMuQVwwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2I3MTFiNTEzLWUwZjAtNGE1OS1hMTg4LTAzNmRkYTRhZGU1YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPD77zANBgkqhkiG9w0BAQsFAAOCAQEAD/mFJ3y/cEq7uLV0oKhFuVS0
wIMI+ZjhLf5/ZeBT3LhDxRGfV/stRTQk3E3KD53dX40Uc8KYtMX/jE/odGepx7gY
1cp9KQ3GrlT7tkWXMFP2jzEOEEufXil9O3oBmmECCqsKqg8vHx6hEBwV6+/tRPHJ
/0N5I8qd+cLsd2JSYvSWMLMpQ/cdiuCMGo7pv8hfwD8662Rqkz5HPd9TUTXdc9Nd
YDf5m2GF1EnUKqgaZ97ONG1iowr8ME/tauBy3eGsC5GF3h+VQL2Y0++4sYOcS9Bv
7f3aCjiGW4R+jvls2Dg4a88Kl2NeKGmsc8wqctKzT7VyITWREMNCOyQYWk5XAg==
-----END CERTIFICATE-----