Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b7bbafbf-e6d4-4487-9ebb-cbd72b3d6c73.roa
File:                     b7bbafbf-e6d4-4487-9ebb-cbd72b3d6c73.roa (raw, json)
Hash identifier:          KWCsuYF1cdBVAtlQCsQMCl2oi7qSBWfiKwlI5zSZ1Yw=
Subject key identifier:   7C:6B:3F:10:05:9C:67:C1:E3:44:A1:84:69:9B:DC:2B:3C:15:3E:0A
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       40EF556C61BE5AD6BD757437CDBEE14CD7057010
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b7bbafbf-e6d4-4487-9ebb-cbd72b3d6c73.roa
Signing time:             Mon 13 Oct 2025 17:55:15 +0000
ROA not before:           Mon 13 Oct 2025 17:55:15 +0000
ROA not after:            Mon 17 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0::/28 maxlen: 28
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:ef:55:6c:61:be:5a:d6:bd:75:74:37:cd:be:e1:4c:d7:05:70:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Oct 13 17:55:15 2025 GMT
            Not After : Nov 17 23:59:59 2025 GMT
        Subject: serialNumber=003736a114acfc64de9aa3874aef0315b12359fa1c5df703558e42daefbb8d95, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:9f:3f:d4:ed:95:09:c1:a4:30:c9:0d:30:a6:
                    a0:07:60:d8:57:e8:c7:41:da:8b:f6:22:41:1f:34:
                    16:3c:3a:52:19:1f:56:78:32:b8:e1:75:fd:7e:41:
                    26:80:69:23:a9:d7:76:a9:94:cc:c7:4f:17:1b:c9:
                    d6:a5:b5:c8:42:21:f8:8d:19:1e:48:d8:d7:e3:1c:
                    bc:a0:37:07:34:cc:50:31:c7:91:f5:11:d3:c6:61:
                    5b:f1:46:bc:2f:dc:b9:6c:0f:1b:6d:b4:c8:86:b7:
                    e5:fe:bf:4f:bf:e4:e0:76:b4:65:11:07:7a:0d:c4:
                    05:fd:b0:35:24:27:d3:f3:5d:1a:63:03:94:94:1b:
                    f8:ce:a5:10:1b:f4:d6:41:fe:b4:ce:45:b9:50:22:
                    9d:08:12:75:3f:fb:4e:9a:36:94:fb:8b:ff:aa:ae:
                    58:a5:2c:55:eb:01:56:9f:17:60:74:05:d8:27:77:
                    31:8b:3a:0d:0e:61:91:ed:04:cd:15:97:b2:28:71:
                    4d:24:81:0c:da:07:c7:df:d2:1a:d3:d1:28:95:96:
                    c6:02:0d:09:3e:f1:b5:59:1f:40:25:30:99:6e:53:
                    1c:97:c5:5d:f3:60:07:7e:0f:13:3c:a0:23:c1:8e:
                    93:c5:8b:21:37:57:ed:33:eb:3a:47:a9:47:fa:7a:
                    95:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:6B:3F:10:05:9C:67:C1:E3:44:A1:84:69:9B:DC:2B:3C:15:3E:0A
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b7bbafbf-e6d4-4487-9ebb-cbd72b3d6c73.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0::/28

    Signature Algorithm: sha256WithRSAEncryption
         8a:4b:6f:93:a8:1a:db:b4:6d:1d:76:e9:16:25:39:e1:c5:91:
         4a:83:fd:41:0a:d1:83:bb:19:a8:bb:b6:df:ee:fe:9c:59:3e:
         f5:f9:be:b9:46:b8:70:21:a3:8b:22:f9:c2:ed:48:89:fd:13:
         13:37:0f:f0:11:0d:08:d4:2b:bd:a6:c8:90:8f:3e:26:bb:82:
         d3:d3:62:8c:f1:af:65:d1:e4:3e:f1:5a:e9:e5:86:73:3c:6c:
         95:a2:25:6c:4d:ed:a9:4a:e3:50:8c:7b:78:39:00:79:b6:a6:
         86:04:ad:50:64:85:75:30:c9:10:77:a5:5b:4c:3c:8d:44:40:
         a0:2b:d6:e0:17:2f:0f:2b:48:4a:1c:88:31:8e:07:6b:b1:80:
         51:07:c2:fa:2e:94:42:c4:0c:fa:ca:26:ed:4c:07:48:41:49:
         b1:01:2a:58:d5:9e:81:39:e3:58:81:52:62:ab:61:8b:e6:35:
         b8:14:c8:2e:db:71:07:ed:79:72:d4:b6:6f:39:3e:8b:cb:db:
         cc:f9:e3:88:ec:cd:4e:24:52:44:bc:a8:ba:5f:35:cc:12:f0:
         2b:2b:dc:54:7c:7c:a8:c6:6b:51:f5:ae:bf:05:6b:bf:4f:dc:
         0e:03:c6:87:6a:94:e0:f4:c8:37:4b:be:44:4e:82:0b:11:3f:
         41:25:38:c2
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUQO9VbGG+Wta9dXQ3zb7hTNcFcBAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDEzMTc1NTE1WhcNMjUxMTE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMDM3MzZhMTE0YWNmYzY0ZGU5YWEzODc0YWVmMDMxNWIx
MjM1OWZhMWM1ZGY3MDM1NThlNDJkYWVmYmI4ZDk1MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXnz/U7ZUJwaQwyQ0wpqAHYNhX6MdB2ov2IkEfNBY8OlIZ
H1Z4Mrjhdf1+QSaAaSOp13aplMzHTxcbydaltchCIfiNGR5I2NfjHLygNwc0zFAx
x5H1EdPGYVvxRrwv3LlsDxtttMiGt+X+v0+/5OB2tGURB3oNxAX9sDUkJ9PzXRpj
A5SUG/jOpRAb9NZB/rTORblQIp0IEnU/+06aNpT7i/+qrlilLFXrAVafF2B0Bdgn
dzGLOg0OYZHtBM0Vl7IocU0kgQzaB8ff0hrT0SiVlsYCDQk+8bVZH0AlMJluUxyX
xV3zYAd+DxM8oCPBjpPFiyE3V+0z6zpHqUf6epXRAgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQUfGs/EAWcZ8HjRKGEaZvcKzwVPgowHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2I3YmJhZmJmLWU2ZDQtNDQ4Ny05ZWJiLWNiZDcyYjNkNmM3My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQQmAPDwMA0GCSqGSIb3DQEBCwUAA4IBAQCKS2+TqBrbtG0ddukWJTnhxZFK
g/1BCtGDuxmou7bf7v6cWT71+b65RrhwIaOLIvnC7UiJ/RMTNw/wEQ0I1Cu9psiQ
jz4mu4LT02KM8a9l0eQ+8Vrp5YZzPGyVoiVsTe2pSuNQjHt4OQB5tqaGBK1QZIV1
MMkQd6VbTDyNRECgK9bgFy8PK0hKHIgxjgdrsYBRB8L6LpRCxAz6yibtTAdIQUmx
ASpY1Z6BOeNYgVJiq2GL5jW4FMgu23EH7Xly1LZvOT6Ly9vM+eOI7M1OJFJEvKi6
XzXMEvArK9xUfHyoxmtR9a6/BWu/T9wOA8aHapTg9Mg3S75EToILET9BJTjC
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:40:32 2025 by rpki-client