Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c0b0b880-e632-4ca7-8b61-0658e8846f8b.roa
File:                     c0b0b880-e632-4ca7-8b61-0658e8846f8b.roa (raw, json)
Hash identifier:          njgMnxpxUYuhUS28BdJs0ZyqvI0UKj3vGF+l+/s7W1s=
Subject key identifier:   9E:D8:EC:87:50:70:24:69:77:AE:F9:9A:9A:A4:D7:D0:08:28:D3:C8
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       0BC4FE66AA396BB0789E46996F289F5433AB654C
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c0b0b880-e632-4ca7-8b61-0658e8846f8b.roa
Signing time:             Mon 18 Aug 2025 18:22:18 +0000
ROA not before:           Mon 18 Aug 2025 18:22:18 +0000
ROA not after:            Mon 22 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f0:6109::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:c4:fe:66:aa:39:6b:b0:78:9e:46:99:6f:28:9f:54:33:ab:65:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Aug 18 18:22:18 2025 GMT
            Not After : Sep 22 23:59:59 2025 GMT
        Subject: serialNumber=4b32d0df2745a067e26c226e88db0852a20886998b82103ceb2364b564f87a98, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:42:57:1c:c8:73:3d:8f:a9:6e:ca:60:10:55:
                    fb:8e:6f:a3:68:c7:9e:c9:01:2b:ca:9f:58:5d:d7:
                    bd:b2:d2:0c:92:08:87:db:e5:e4:bd:fb:c5:58:23:
                    85:3a:84:bd:2d:e2:68:17:4a:6b:eb:92:e9:c9:6b:
                    33:06:ef:5b:23:04:56:43:2f:c4:93:ea:52:6b:45:
                    7f:aa:77:58:47:75:9e:1d:cd:4d:eb:ab:a7:cb:4d:
                    e4:ca:fe:3e:3a:e2:dc:9e:ee:b2:2a:47:72:c5:21:
                    86:63:9b:6c:8e:b8:bc:de:37:17:7c:90:81:ff:cd:
                    0b:4f:ae:8e:ac:07:e6:7a:b9:e6:fc:c6:91:e6:c7:
                    e9:c9:5b:91:7a:1c:b4:53:3d:32:d2:87:4a:6d:c2:
                    7d:9b:f3:7a:2e:14:a6:2f:c2:0c:ca:fe:50:53:6d:
                    bb:15:c3:52:60:8c:4a:f9:f5:19:46:73:ff:1a:51:
                    94:57:cd:b5:8f:a1:14:a0:b9:02:67:1d:1d:4f:1e:
                    34:bf:1b:56:59:d7:82:93:fd:60:68:d9:58:d3:93:
                    3c:a3:1d:57:5d:01:98:ba:91:5b:96:f7:1d:21:c6:
                    a6:80:f3:72:89:36:11:db:ff:a8:ee:7e:b0:9e:80:
                    2d:49:e7:f9:66:c2:0b:64:c2:bf:20:57:b8:46:e6:
                    05:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:D8:EC:87:50:70:24:69:77:AE:F9:9A:9A:A4:D7:D0:08:28:D3:C8
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c0b0b880-e632-4ca7-8b61-0658e8846f8b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:6109::/48

    Signature Algorithm: sha256WithRSAEncryption
         8e:d8:67:ca:f2:60:94:b0:83:ce:a8:55:16:0e:01:37:c9:f3:
         fd:74:d8:8e:78:4c:97:df:91:e7:f9:7e:52:cc:35:b9:ce:2c:
         bc:42:11:4b:7f:43:66:22:7e:dd:3d:33:11:56:dd:5f:d1:57:
         d3:3a:97:c6:59:3d:3a:0d:90:ad:4e:44:9f:60:6b:f4:8b:c3:
         27:c6:17:bc:2a:fb:17:e8:c6:a8:2b:bd:53:21:79:16:07:69:
         56:a3:b7:bf:3b:68:13:92:5f:64:3d:b7:c8:a3:35:78:d1:bd:
         f2:8f:7a:f8:6c:3e:32:fb:4b:57:3d:d8:ec:bb:77:81:71:9b:
         c7:8b:8d:4f:ab:a7:ce:84:f9:24:09:09:ab:02:1c:89:13:c9:
         3a:da:b4:d8:cb:a6:85:84:4c:37:71:3a:4b:07:af:87:7a:ea:
         2b:59:32:86:06:51:e6:d0:31:a0:16:a4:ad:cf:cd:ce:09:6b:
         77:07:d8:ad:03:da:c6:10:06:c7:ce:ad:3a:b0:3b:1c:a6:9a:
         a5:c3:e8:17:90:b2:ca:42:bb:2e:bd:bb:c2:4a:41:97:9b:50:
         ef:fd:22:a3:fa:93:c6:cc:04:77:70:1e:52:ad:b0:ab:6a:c0:
         03:14:d3:23:40:39:48:0a:a4:72:74:5d:29:50:2c:86:64:b3:
         57:5e:61:55
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUC8T+Zqo5a7B4nkaZbyifVDOrZUwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwODE4MTgyMjE4WhcNMjUwOTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A0YjMyZDBkZjI3NDVhMDY3ZTI2YzIyNmU4OGRiMDg1MmEy
MDg4Njk5OGI4MjEwM2NlYjIzNjRiNTY0Zjg3YTk4MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyQlccyHM9j6luymAQVfuOb6Nox57JASvKn1hd172y0gyS
CIfb5eS9+8VYI4U6hL0t4mgXSmvrkunJazMG71sjBFZDL8ST6lJrRX+qd1hHdZ4d
zU3rq6fLTeTK/j464tye7rIqR3LFIYZjm2yOuLzeNxd8kIH/zQtPro6sB+Z6ueb8
xpHmx+nJW5F6HLRTPTLSh0ptwn2b83ouFKYvwgzK/lBTbbsVw1JgjEr59RlGc/8a
UZRXzbWPoRSguQJnHR1PHjS/G1ZZ14KT/WBo2VjTkzyjHVddAZi6kVuW9x0hxqaA
83KJNhHb/6jufrCegC1J5/lmwgtkwr8gV7hG5gVTAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUntjsh1BwJGl3rvmamqTX0Ago08gwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2MwYjBiODgwLWU2MzItNGNhNy04YjYxLTA2NThlODg0NmY4Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwYQkwDQYJKoZIhvcNAQELBQADggEBAI7YZ8ryYJSwg86oVRYOATfJ
8/102I54TJffkef5flLMNbnOLLxCEUt/Q2Yift09MxFW3V/RV9M6l8ZZPToNkK1O
RJ9ga/SLwyfGF7wq+xfoxqgrvVMheRYHaVajt787aBOSX2Q9t8ijNXjRvfKPevhs
PjL7S1c92Oy7d4Fxm8eLjU+rp86E+SQJCasCHIkTyTratNjLpoWETDdxOksHr4d6
6itZMoYGUebQMaAWpK3Pzc4Ja3cH2K0D2sYQBsfOrTqwOxymmqXD6BeQsspCuy69
u8JKQZebUO/9IqP6k8bMBHdwHlKtsKtqwAMU0yNAOUgKpHJ0XSlQLIZks1deYVU=
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:01:49 2025 by rpki-client