Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ba699c1e-9e17-4134-9d1f-8ba97ffd9f3e.roa
File:                     ba699c1e-9e17-4134-9d1f-8ba97ffd9f3e.roa (raw, json)
Hash identifier:          B4vJNuLZeRlNq8I+m0nF+hZF2n1nbhkunm5Ydif+1cQ=
Subject key identifier:   10:7B:B7:3D:85:FE:CB:94:F2:E3:DE:EA:02:48:76:FE:E9:E2:35:53
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       6819D54879BB22B0FFDDDB150F44A48F1D5DA68B
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ba699c1e-9e17-4134-9d1f-8ba97ffd9f3e.roa
Signing time:             Mon 06 Oct 2025 17:38:10 +0000
ROA not before:           Mon 06 Oct 2025 17:38:10 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:611a::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:19:d5:48:79:bb:22:b0:ff:dd:db:15:0f:44:a4:8f:1d:5d:a6:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Oct  6 17:38:10 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=da0078feb26409396468bc8e5a9b94020859fa24e2728fba8d1fdea3c1249995, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:13:5c:b0:14:e5:af:3f:0d:82:91:19:2f:7a:
                    46:54:b4:da:ac:dd:26:28:1e:03:dc:14:b4:0d:3e:
                    8b:81:d3:8d:a8:6f:ac:56:0b:dd:c6:46:b3:7d:7b:
                    0f:09:f4:4b:48:75:59:4f:dc:90:ff:50:dc:86:12:
                    0a:d3:72:8c:03:24:2e:f1:4a:f1:0a:fa:bd:68:79:
                    33:63:e1:0d:e7:59:3d:1a:60:9c:c2:9b:53:3b:81:
                    df:9c:d4:53:78:3c:73:d7:e4:3f:e8:aa:3c:e4:10:
                    e5:46:e5:c9:be:ea:e9:7d:a8:3b:41:9b:6f:99:57:
                    68:4c:cb:5b:1e:30:e4:81:e4:63:f4:e8:38:f3:77:
                    70:c2:61:77:4e:7b:93:6c:ed:a4:74:aa:23:e5:8a:
                    56:ec:82:d9:b2:bc:89:17:14:2e:ff:00:4f:c1:ed:
                    8e:be:27:61:d2:f2:64:87:c0:5e:39:93:f1:8a:22:
                    03:22:9f:d9:14:15:17:3b:20:4d:19:63:82:e9:89:
                    a8:69:94:a7:92:9e:de:9b:f8:ed:32:5c:51:6c:0d:
                    e2:f4:49:f8:fa:f3:ca:ba:37:92:82:ed:50:8c:b4:
                    49:45:cc:c1:bd:99:de:fd:71:1c:46:34:15:37:a5:
                    86:e4:86:74:66:e8:63:de:51:ea:2a:c6:73:f9:dd:
                    5b:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:7B:B7:3D:85:FE:CB:94:F2:E3:DE:EA:02:48:76:FE:E9:E2:35:53
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ba699c1e-9e17-4134-9d1f-8ba97ffd9f3e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:611a::/48

    Signature Algorithm: sha256WithRSAEncryption
         04:a1:22:3f:6b:ce:c9:37:71:e8:14:c0:9a:e9:00:fd:26:7d:
         5f:2e:4d:b7:77:f9:b4:21:1e:32:6f:4c:f0:d6:20:57:64:46:
         0b:d7:96:c3:24:56:6d:c5:0b:ed:02:99:0e:cd:7f:f8:95:98:
         c8:c4:a0:95:38:47:ae:84:a3:48:07:5d:40:d4:7b:f0:70:48:
         08:d5:20:9f:a5:b2:bd:1a:0c:b9:a3:b8:c1:0f:a8:48:33:dc:
         aa:13:b7:f8:df:5d:da:11:22:27:a9:b1:ce:6c:f2:6d:8d:1c:
         c3:6d:78:0b:39:c8:8d:a4:0d:74:89:1a:34:69:71:3e:34:7a:
         ec:38:4d:e4:1f:d5:00:14:e0:c0:36:5a:aa:d1:71:a0:e4:f0:
         0c:19:00:b3:da:a5:3d:a9:da:8a:f8:1f:aa:1d:4c:46:9f:8a:
         df:41:62:60:5f:6d:db:26:12:ae:71:96:35:32:80:89:3f:36:
         bb:b8:0e:c7:ac:ab:bf:aa:f5:52:cf:38:42:73:4f:2f:43:4c:
         c6:14:91:be:d6:75:de:6c:65:b5:3a:34:34:68:07:60:e4:76:
         05:fa:f3:51:e6:06:64:bb:05:8c:76:dd:58:36:f4:40:ea:d6:
         c0:d3:28:08:7a:ac:f7:ce:90:5c:ec:c5:3d:d4:d0:f8:c9:de:
         b6:bf:0e:15
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUaBnVSHm7IrD/3dsVD0Skjx1dposwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDA2MTczODEwWhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkYTAwNzhmZWIyNjQwOTM5NjQ2OGJjOGU1YTliOTQwMjA4
NTlmYTI0ZTI3MjhmYmE4ZDFmZGVhM2MxMjQ5OTk1MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDoE1ywFOWvPw2CkRkvekZUtNqs3SYoHgPcFLQNPouB042o
b6xWC93GRrN9ew8J9EtIdVlP3JD/UNyGEgrTcowDJC7xSvEK+r1oeTNj4Q3nWT0a
YJzCm1M7gd+c1FN4PHPX5D/oqjzkEOVG5cm+6ul9qDtBm2+ZV2hMy1seMOSB5GP0
6Djzd3DCYXdOe5Ns7aR0qiPlilbsgtmyvIkXFC7/AE/B7Y6+J2HS8mSHwF45k/GK
IgMin9kUFRc7IE0ZY4LpiahplKeSnt6b+O0yXFFsDeL0Sfj688q6N5KC7VCMtElF
zMG9md79cRxGNBU3pYbkhnRm6GPeUeoqxnP53VtbAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUEHu3PYX+y5Ty497qAkh2/uniNVMwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2JhNjk5YzFlLTllMTctNDEzNC05ZDFmLThiYTk3ZmZkOWYzZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwYRowDQYJKoZIhvcNAQELBQADggEBAAShIj9rzsk3cegUwJrpAP0m
fV8uTbd3+bQhHjJvTPDWIFdkRgvXlsMkVm3FC+0CmQ7Nf/iVmMjEoJU4R66Eo0gH
XUDUe/BwSAjVIJ+lsr0aDLmjuMEPqEgz3KoTt/jfXdoRIiepsc5s8m2NHMNteAs5
yI2kDXSJGjRpcT40euw4TeQf1QAU4MA2WqrRcaDk8AwZALPapT2p2or4H6odTEaf
it9BYmBfbdsmEq5xljUygIk/Nru4Dsesq7+q9VLPOEJzTy9DTMYUkb7Wdd5sZbU6
NDRoB2DkdgX681HmBmS7BYx23Vg29EDq1sDTKAh6rPfOkFzsxT3U0PjJ3ra/DhU=
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:40:44 2025 by rpki-client