Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c2745679-db1e-409b-9051-e4eb09db7fe3.roa
File:                     c2745679-db1e-409b-9051-e4eb09db7fe3.roa (raw, json)
Hash identifier:          bRLsJyfFXM+MoV/PAs60YBLUEuo4MyLyNx6xiBvOAE0=
Subject key identifier:   23:65:3E:9D:D3:7B:4E:B1:0C:A2:F8:2F:A8:01:A7:17:F9:4A:4C:B4
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       19AC64850136A5339647CEF6CB82BD9A41A4301D
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c2745679-db1e-409b-9051-e4eb09db7fe3.roa
Signing time:             Mon 06 Oct 2025 17:40:45 +0000
ROA not before:           Mon 06 Oct 2025 17:40:45 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:611d::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:ac:64:85:01:36:a5:33:96:47:ce:f6:cb:82:bd:9a:41:a4:30:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Oct  6 17:40:45 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=d4eafc4ffd669fd0ff5a43e81d95009ecc0cccc1cdcb0bf6a7dac1691a5739b2, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:e9:47:f5:ff:7d:b6:f4:6a:a3:23:61:4c:5a:
                    49:b8:03:02:9c:f5:69:6c:5e:a3:67:96:25:ab:d3:
                    d7:c6:20:60:b2:7c:57:9d:bc:d5:51:c3:0e:d7:b7:
                    f7:49:17:a5:df:6c:04:0c:a4:07:5c:73:ec:2b:1c:
                    4d:0e:42:c1:fb:61:67:1e:24:6e:cb:6e:a2:2d:7d:
                    fd:a5:b7:3c:9b:15:f7:f2:8a:d1:16:2f:bf:e6:8d:
                    a9:82:59:69:ac:d2:d4:0f:1b:9c:98:10:4a:a3:66:
                    ca:98:36:83:50:ac:69:a9:d6:75:69:b5:64:42:c8:
                    db:14:f2:54:69:d9:fc:99:43:95:6b:f9:70:89:66:
                    6d:49:7d:7c:47:e1:a9:79:bd:a6:b5:80:31:c4:36:
                    a2:d6:93:5a:6e:ea:20:2b:ac:d9:d0:05:f5:02:20:
                    b7:4c:a8:cb:c0:50:0c:3e:25:63:11:9c:cb:59:b2:
                    62:5a:2e:dc:cc:ac:d5:72:b9:da:8e:f8:28:ff:4e:
                    84:74:89:8f:6d:e1:91:93:0a:bd:df:de:28:e5:4e:
                    35:61:eb:c6:a2:32:e5:38:13:7e:b1:b1:24:53:4f:
                    65:5e:5e:8e:44:b8:76:82:a8:b6:77:9b:83:53:69:
                    90:5b:ad:a1:6d:86:30:9b:cd:ca:85:dc:86:17:d0:
                    0d:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:65:3E:9D:D3:7B:4E:B1:0C:A2:F8:2F:A8:01:A7:17:F9:4A:4C:B4
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c2745679-db1e-409b-9051-e4eb09db7fe3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:611d::/48

    Signature Algorithm: sha256WithRSAEncryption
         6c:cd:60:f7:95:57:10:fe:eb:36:39:87:32:2f:35:e7:68:66:
         f0:c7:86:1a:96:d2:dc:4f:2c:06:37:ff:28:88:ee:2a:7a:f8:
         71:19:e9:a1:8b:09:03:66:ac:1c:62:37:ea:33:b6:e9:8b:83:
         43:94:33:2f:99:40:a3:d2:da:4b:af:23:98:91:de:55:f6:32:
         72:a2:e9:d2:18:fc:c8:72:83:0f:f7:34:3b:36:d2:45:b4:17:
         d2:d8:3a:4c:fd:17:0c:63:ae:2d:9a:09:e8:a1:fb:d3:5f:93:
         d1:06:03:36:54:d1:8a:ae:3c:6a:51:57:28:7c:df:b2:b5:95:
         89:6b:d2:f6:41:cb:03:ee:9c:aa:9a:d0:9b:2f:01:01:c6:48:
         0f:01:ce:9d:90:b2:e2:a6:43:e9:37:8e:a2:9d:1f:8c:f7:a5:
         b3:c1:f0:26:cc:b7:7e:a0:0b:25:c9:78:c1:92:db:e4:21:bb:
         83:6e:00:56:6c:7f:d3:47:7d:06:aa:4a:e8:01:98:52:82:51:
         35:a1:97:58:70:3c:f4:3d:de:af:fa:93:0a:b0:2c:c7:80:87:
         56:9b:99:22:58:ee:07:1e:36:12:f1:4f:5b:31:cf:26:d1:4f:
         d6:56:ba:f1:18:30:77:d3:83:ea:d8:c6:21:bd:75:8c:04:6c:
         49:f8:64:93
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUGaxkhQE2pTOWR872y4K9mkGkMB0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDA2MTc0MDQ1WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkNGVhZmM0ZmZkNjY5ZmQwZmY1YTQzZTgxZDk1MDA5ZWNj
MGNjY2MxY2RjYjBiZjZhN2RhYzE2OTFhNTczOWIyMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC66Uf1/3229GqjI2FMWkm4AwKc9WlsXqNnliWr09fGIGCy
fFedvNVRww7Xt/dJF6XfbAQMpAdcc+wrHE0OQsH7YWceJG7LbqItff2ltzybFffy
itEWL7/mjamCWWms0tQPG5yYEEqjZsqYNoNQrGmp1nVptWRCyNsU8lRp2fyZQ5Vr
+XCJZm1JfXxH4al5vaa1gDHENqLWk1pu6iArrNnQBfUCILdMqMvAUAw+JWMRnMtZ
smJaLtzMrNVyudqO+Cj/ToR0iY9t4ZGTCr3f3ijlTjVh68aiMuU4E36xsSRTT2Ve
Xo5EuHaCqLZ3m4NTaZBbraFthjCbzcqF3IYX0A0vAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUI2U+ndN7TrEMovgvqAGnF/lKTLQwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2MyNzQ1Njc5LWRiMWUtNDA5Yi05MDUxLWU0ZWIwOWRiN2ZlMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwYR0wDQYJKoZIhvcNAQELBQADggEBAGzNYPeVVxD+6zY5hzIvNedo
ZvDHhhqW0txPLAY3/yiI7ip6+HEZ6aGLCQNmrBxiN+oztumLg0OUMy+ZQKPS2kuv
I5iR3lX2MnKi6dIY/Mhygw/3NDs20kW0F9LYOkz9Fwxjri2aCeih+9Nfk9EGAzZU
0YquPGpRVyh837K1lYlr0vZBywPunKqa0JsvAQHGSA8Bzp2QsuKmQ+k3jqKdH4z3
pbPB8CbMt36gCyXJeMGS2+Qhu4NuAFZsf9NHfQaqSugBmFKCUTWhl1hwPPQ93q/6
kwqwLMeAh1abmSJY7gceNhLxT1sxzybRT9ZWuvEYMHfTg+rYxiG9dYwEbEn4ZJM=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:56:52 2025 by rpki-client