Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b711b513-e0f0-4a59-a188-036dda4ade5a.roa
File:                     b711b513-e0f0-4a59-a188-036dda4ade5a.roa (raw, json)
Hash identifier:          ErdHs8CpN17556CCFwfo0D97+TYLNkaSPsXcuvXuJvM=
Subject key identifier:   CF:EB:68:98:D6:65:B9:44:C8:B0:8B:E4:5D:4B:16:B6:B7:B4:1A:3E
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       35C65429A6B9366D885963446D53D15D7F132E14
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b711b513-e0f0-4a59-a188-036dda4ade5a.roa
Signing time:             Fri 26 Sep 2025 18:10:10 +0000
ROA not before:           Fri 26 Sep 2025 18:10:10 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:ef00::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:c6:54:29:a6:b9:36:6d:88:59:63:44:6d:53:d1:5d:7f:13:2e:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Sep 26 18:10:10 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=ba5ce15a173c46524580c663534c7b792d9e6856569423b966d33e66d9f3bb2b, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:3e:36:c7:92:d5:1f:53:1f:e4:a6:10:ac:c0:
                    bf:26:3f:54:37:d2:49:49:8b:cc:56:bd:b6:f4:bc:
                    11:b2:45:a9:bd:1a:4b:bd:58:ff:4e:f3:10:a3:f6:
                    46:26:d2:74:6f:2a:db:d2:76:a1:0d:04:ea:2c:6e:
                    6e:91:bd:1c:9b:c7:e7:e7:e7:82:12:07:8c:ec:b3:
                    db:97:a7:ee:7a:ab:c0:ec:81:28:a1:85:5c:32:f1:
                    f4:82:48:7c:7e:b0:04:92:a0:b0:3d:5a:15:ad:07:
                    64:6d:39:88:d6:a2:c6:d2:bb:5a:e9:c4:3c:18:b2:
                    5a:1e:21:53:4a:77:a5:36:93:32:8c:b0:04:ce:2a:
                    d2:b3:6e:5c:a9:96:51:61:a5:90:e0:45:f0:2a:f2:
                    38:79:85:dc:b2:c3:46:b6:2c:5a:74:84:b7:df:52:
                    59:eb:6d:61:c8:c1:c6:45:9f:14:00:8a:de:1b:b7:
                    4f:5e:3e:57:74:8a:7e:2c:10:f0:85:f8:98:52:2a:
                    80:1f:ee:cb:b9:72:3d:88:5a:3b:56:f2:12:35:7b:
                    ec:24:1b:2d:76:07:1e:d1:08:b5:83:24:df:35:88:
                    d7:08:d9:85:9b:8d:72:78:f9:c1:f4:fc:b2:c8:10:
                    b0:52:ce:bf:01:8f:ba:43:e0:c9:f2:79:ba:2d:f9:
                    67:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:EB:68:98:D6:65:B9:44:C8:B0:8B:E4:5D:4B:16:B6:B7:B4:1A:3E
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b711b513-e0f0-4a59-a188-036dda4ade5a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:ef00::/40

    Signature Algorithm: sha256WithRSAEncryption
         31:3e:2a:7c:d5:ac:19:18:a7:4b:7d:50:01:95:1a:da:ee:8c:
         ed:33:44:ed:20:49:f6:d9:75:ac:91:5a:45:ef:7f:38:37:01:
         77:d3:f4:15:f0:3c:5f:41:98:a6:cf:6d:00:0a:db:00:47:19:
         38:3c:30:aa:46:1f:4a:6d:d5:e7:a4:2b:0b:c1:91:22:da:81:
         a4:0b:07:b4:bf:d8:5d:54:0d:b4:6e:c7:6d:00:c0:48:17:44:
         55:0c:26:83:21:2d:a3:8a:12:a1:de:c1:fe:c0:ea:49:d2:01:
         ad:09:f3:43:4e:83:4e:18:48:61:d8:c2:72:79:9d:39:c8:23:
         99:62:87:2a:ac:be:fd:1f:44:4a:46:39:06:30:43:5a:4f:bb:
         95:ca:b3:ef:ca:55:30:7c:f2:09:48:5b:1e:69:78:b5:1e:8f:
         9d:b7:7b:58:91:b8:8f:31:c1:e6:16:ba:4a:38:c9:c7:2f:62:
         b7:3b:4c:b8:1c:ba:7f:db:95:fb:51:de:6b:38:5e:b6:5a:18:
         f7:9e:d0:64:75:2d:b6:43:02:dd:3a:31:4c:6d:1b:5e:e9:47:
         3f:6e:e7:66:5f:60:b0:96:4a:db:fe:c8:ac:28:04:3a:ad:ce:
         72:b3:5d:f2:9a:07:5f:ba:a0:14:9d:4c:3d:a8:c4:9f:7a:a6:
         88:41:33:e8
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUNcZUKaa5Nm2IWWNEbVPRXX8TLhQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwOTI2MTgxMDEwWhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiYTVjZTE1YTE3M2M0NjUyNDU4MGM2NjM1MzRjN2I3OTJk
OWU2ODU2NTY5NDIzYjk2NmQzM2U2NmQ5ZjNiYjJiMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD3PjbHktUfUx/kphCswL8mP1Q30klJi8xWvbb0vBGyRam9
Gku9WP9O8xCj9kYm0nRvKtvSdqENBOosbm6RvRybx+fn54ISB4zss9uXp+56q8Ds
gSihhVwy8fSCSHx+sASSoLA9WhWtB2RtOYjWosbSu1rpxDwYsloeIVNKd6U2kzKM
sATOKtKzblypllFhpZDgRfAq8jh5hdyyw0a2LFp0hLffUlnrbWHIwcZFnxQAit4b
t09ePld0in4sEPCF+JhSKoAf7su5cj2IWjtW8hI1e+wkGy12Bx7RCLWDJN81iNcI
2YWbjXJ4+cH0/LLIELBSzr8Bj7pD4Mnyebot+Wf/AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUz+tomNZluUTIsIvkXUsWtre0Gj4wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2I3MTFiNTEzLWUwZjAtNGE1OS1hMTg4LTAzNmRkYTRhZGU1YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPD77zANBgkqhkiG9w0BAQsFAAOCAQEAMT4qfNWsGRinS31QAZUa2u6M
7TNE7SBJ9tl1rJFaRe9/ODcBd9P0FfA8X0GYps9tAArbAEcZODwwqkYfSm3V56Qr
C8GRItqBpAsHtL/YXVQNtG7HbQDASBdEVQwmgyEto4oSod7B/sDqSdIBrQnzQ06D
ThhIYdjCcnmdOcgjmWKHKqy+/R9ESkY5BjBDWk+7lcqz78pVMHzyCUhbHml4tR6P
nbd7WJG4jzHB5ha6SjjJxy9itztMuBy6f9uV+1HeazhetloY957QZHUttkMC3Tox
TG0bXulHP27nZl9gsJZK2/7IrCgEOq3OcrNd8poHX7qgFJ1MPajEn3qmiEEz6A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:40:12 2025 by rpki-client