Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c14c44b6-0c28-4093-ae5c-7b5be88653a3.roa
File:                     c14c44b6-0c28-4093-ae5c-7b5be88653a3.roa (raw, json)
Hash identifier:          YAW2Dq4U/ac1f2i36uprG0s4vnOpdUZSLyiFCNjUwQ4=
Subject key identifier:   63:87:8A:2B:AE:83:8D:D7:40:B8:64:C2:B0:FB:25:02:41:4B:13:E8
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       0640B98ECA1F393BA93F00F4779230ECB79BE6CB
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c14c44b6-0c28-4093-ae5c-7b5be88653a3.roa
Signing time:             Fri 15 Aug 2025 21:22:12 +0000
ROA not before:           Fri 15 Aug 2025 21:22:12 +0000
ROA not after:            Fri 19 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f0:610a::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:40:b9:8e:ca:1f:39:3b:a9:3f:00:f4:77:92:30:ec:b7:9b:e6:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Aug 15 21:22:12 2025 GMT
            Not After : Sep 19 23:59:59 2025 GMT
        Subject: serialNumber=26122f3157be6aea38d1e34ffd4f232eed34986d59d7356b3b34588033d2741f, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:d6:cb:df:93:b1:4f:95:0d:16:67:6c:f7:46:
                    ca:3c:76:57:8e:b2:28:c7:38:64:bc:73:70:1c:8e:
                    04:49:7c:81:50:00:8f:59:d7:25:f5:b6:04:2c:01:
                    44:13:6c:40:9b:94:31:d1:79:ae:0d:41:23:75:9f:
                    32:fd:ca:1a:6c:41:04:a1:b0:fd:eb:65:3c:64:80:
                    80:7d:0b:0a:21:dd:59:bc:b6:cb:06:d0:bf:bf:c5:
                    99:7d:65:52:fb:79:1c:84:39:d1:d5:d8:3d:18:22:
                    95:03:3e:00:d4:66:64:d8:1a:ab:41:b4:3f:fb:c8:
                    ca:bd:cd:df:98:31:d5:9e:e6:1a:10:b6:a1:ab:a9:
                    0b:2b:09:d3:43:39:d3:b8:fc:91:9c:56:db:14:a0:
                    bc:80:cc:52:51:ae:44:90:89:2b:d2:ca:b1:a3:f3:
                    8c:d7:f3:3f:14:8c:69:b9:71:a0:01:c5:d9:0c:77:
                    79:11:a1:89:7f:e9:1f:7d:ad:5a:03:03:19:04:69:
                    48:ec:62:6d:b7:e4:ba:03:04:9c:5e:7c:a4:ae:95:
                    9a:86:ec:51:f7:03:a2:b0:60:ab:10:b5:4d:3a:57:
                    f1:6a:6e:a6:0f:94:e0:73:8b:f2:2f:79:f6:77:cc:
                    40:98:82:31:64:17:8e:16:b2:8e:f8:ad:a0:fb:89:
                    da:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:87:8A:2B:AE:83:8D:D7:40:B8:64:C2:B0:FB:25:02:41:4B:13:E8
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c14c44b6-0c28-4093-ae5c-7b5be88653a3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:610a::/48

    Signature Algorithm: sha256WithRSAEncryption
         53:c7:23:8e:c2:96:a8:74:e0:89:93:76:c1:e4:3a:64:e3:b8:
         21:d2:bf:9c:43:05:fb:89:ff:0a:4a:6e:25:d7:93:1d:8e:eb:
         c6:58:5f:ff:5b:52:24:7d:e0:bf:9c:32:d4:63:dc:30:86:25:
         c9:8f:ad:39:a9:5d:32:44:53:3a:d2:40:a1:b8:a0:48:e9:df:
         46:f3:29:7d:bf:88:46:56:47:7f:38:cf:31:8e:33:be:91:8d:
         cc:3e:8c:f8:ff:e1:b7:a8:44:43:3d:b9:a8:37:3a:4f:9c:a2:
         27:91:c3:d5:bd:12:68:31:9e:5c:30:c9:af:20:6a:06:e0:c3:
         99:25:6d:2d:0c:5c:65:d4:c6:06:b4:ef:0a:5f:5d:d4:25:04:
         28:ec:66:67:19:c5:7c:5c:b6:3a:95:db:70:ff:f2:5d:94:56:
         bb:40:8a:5a:28:2b:67:79:28:03:33:a6:04:b2:00:57:2f:d0:
         cb:f3:ce:4b:13:ee:0e:dc:41:f3:24:bd:ed:ac:c4:e2:d3:a3:
         01:21:8f:f1:81:16:8b:02:6a:f8:ee:a5:ee:5a:e3:ca:ec:20:
         e2:ce:69:34:17:78:12:01:6a:91:33:3c:7c:da:88:68:1c:f2:
         80:1a:ad:0a:20:fc:8f:5f:c1:19:91:f2:8a:6f:29:8e:be:27:
         c0:1d:7f:50
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUBkC5jsofOTupPwD0d5Iw7Leb5sswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwODE1MjEyMjEyWhcNMjUwOTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNjEyMmYzMTU3YmU2YWVhMzhkMWUzNGZmZDRmMjMyZWVk
MzQ5ODZkNTlkNzM1NmIzYjM0NTg4MDMzZDI3NDFmMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDN1svfk7FPlQ0WZ2z3Rso8dleOsijHOGS8c3AcjgRJfIFQ
AI9Z1yX1tgQsAUQTbECblDHRea4NQSN1nzL9yhpsQQShsP3rZTxkgIB9Cwoh3Vm8
tssG0L+/xZl9ZVL7eRyEOdHV2D0YIpUDPgDUZmTYGqtBtD/7yMq9zd+YMdWe5hoQ
tqGrqQsrCdNDOdO4/JGcVtsUoLyAzFJRrkSQiSvSyrGj84zX8z8UjGm5caABxdkM
d3kRoYl/6R99rVoDAxkEaUjsYm235LoDBJxefKSulZqG7FH3A6KwYKsQtU06V/Fq
bqYPlOBzi/IvefZ3zECYgjFkF44Wso74raD7idoNAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUY4eKK66DjddAuGTCsPslAkFLE+gwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2MxNGM0NGI2LTBjMjgtNDA5My1hZTVjLTdiNWJlODg2NTNhMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwYQowDQYJKoZIhvcNAQELBQADggEBAFPHI47Clqh04ImTdsHkOmTj
uCHSv5xDBfuJ/wpKbiXXkx2O68ZYX/9bUiR94L+cMtRj3DCGJcmPrTmpXTJEUzrS
QKG4oEjp30bzKX2/iEZWR384zzGOM76Rjcw+jPj/4beoREM9uag3Ok+coieRw9W9
Emgxnlwwya8gagbgw5klbS0MXGXUxga07wpfXdQlBCjsZmcZxXxctjqV23D/8l2U
VrtAilooK2d5KAMzpgSyAFcv0MvzzksT7g7cQfMkve2sxOLTowEhj/GBFosCavju
pe5a48rsIOLOaTQXeBIBapEzPHzaiGgc8oAarQog/I9fwRmR8opvKY6+J8Adf1A=
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:15:45 2025 by rpki-client