Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c9a7bd20-48bd-4f0a-937e-2ccc73008f73.roa
File:                     c9a7bd20-48bd-4f0a-937e-2ccc73008f73.roa (raw, json)
Hash identifier:          RdOBFLaZt9+AQtazJ4kqj1dC62NoL1muPnK+c3EUMyw=
Subject key identifier:   DD:53:A5:77:0A:07:42:CE:38:07:8E:B6:29:3E:39:4D:2C:EF:69:5F
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       67562E49EA561B54132BFCC54817FA8CD1512F3B
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c9a7bd20-48bd-4f0a-937e-2ccc73008f73.roa
Signing time:             Fri 26 Sep 2025 18:10:58 +0000
ROA not before:           Fri 26 Sep 2025 18:10:58 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:300::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:56:2e:49:ea:56:1b:54:13:2b:fc:c5:48:17:fa:8c:d1:51:2f:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Sep 26 18:10:58 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=61a4b248227ca1756d3487f4c96abf649d17f72eac828bd67a43751a595e4a83, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:0c:19:df:a5:85:09:72:5b:82:88:4c:42:e8:
                    be:85:ed:1a:04:48:43:d1:4a:19:ce:e6:fd:67:95:
                    a6:45:78:35:e4:a2:fd:a8:f7:1b:c6:28:8c:79:1c:
                    6c:9c:69:e3:c7:b2:b4:5e:1d:e5:dc:91:de:e0:0b:
                    e8:89:fa:51:c7:bb:e4:96:48:ca:50:2e:29:22:4e:
                    0b:61:88:0c:f3:03:7b:af:64:45:0f:99:7d:94:4d:
                    bd:5e:36:de:a8:e9:0b:26:19:69:03:3b:14:6f:82:
                    e0:a7:d8:7b:c2:cc:cc:d6:8a:f2:82:b1:72:41:72:
                    26:03:7b:59:1f:9e:ac:cf:38:a1:32:02:00:40:a4:
                    cb:7f:5c:48:de:44:8a:3c:b0:fe:e5:63:7c:37:d8:
                    a0:00:45:f8:37:76:c1:3e:a0:13:a5:92:09:cf:75:
                    45:f7:94:d0:7a:e2:e9:25:f8:f9:75:c6:83:0b:d0:
                    44:f4:02:46:88:4d:c3:97:aa:00:d6:06:e8:0d:ce:
                    7c:9f:10:54:5d:0e:01:65:d9:80:5f:13:05:ed:a8:
                    03:32:2b:0d:a3:2f:88:bc:5a:4f:e4:e8:12:c6:cd:
                    52:0e:c4:59:9a:a6:0f:da:64:38:7d:f9:ad:05:44:
                    49:a9:36:92:f0:71:1c:f1:a7:5d:68:fd:9f:58:16:
                    18:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:53:A5:77:0A:07:42:CE:38:07:8E:B6:29:3E:39:4D:2C:EF:69:5F
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c9a7bd20-48bd-4f0a-937e-2ccc73008f73.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:300::/44

    Signature Algorithm: sha256WithRSAEncryption
         6c:9a:43:e3:91:5f:2f:43:ec:07:23:9a:90:6c:82:75:e5:c0:
         7c:55:2e:fe:c9:c6:84:ac:ad:ec:b0:71:e4:19:0e:a3:eb:32:
         f8:4e:bc:42:c6:f8:65:96:69:21:69:f4:cb:02:91:4c:14:14:
         14:2a:16:92:1a:7c:1b:17:57:75:27:c1:e2:f0:28:73:dd:90:
         9b:4f:c1:af:98:44:32:6a:26:9b:2f:f8:16:f5:3d:06:9e:93:
         bb:45:de:6b:2c:82:f1:cd:95:50:ee:65:b1:be:56:6b:eb:70:
         de:63:77:af:31:15:90:3e:8b:10:5f:3b:a9:a3:c3:ab:cb:15:
         b1:1b:b1:0f:c9:58:db:af:58:e1:de:b5:e2:3c:35:e7:63:83:
         53:83:d5:0c:e2:e8:4b:a1:b4:73:c9:16:37:64:f1:0a:54:93:
         4c:24:4c:9f:97:71:ee:a4:c8:73:56:a5:ab:0c:df:6a:0a:ca:
         19:25:51:9a:f9:22:0d:e1:25:ac:fb:c5:84:88:70:6a:9c:ed:
         9f:75:7b:9a:da:4b:f7:b4:0e:27:d5:45:c1:27:33:33:10:d3:
         c1:39:1c:e9:e2:8e:8b:e3:b4:8b:83:80:a8:b0:e2:38:1e:25:
         ec:70:7c:88:a2:8d:62:fd:4c:9c:d4:98:8e:76:4b:55:44:f6:
         fd:60:2e:d1
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUZ1YuSepWG1QTK/zFSBf6jNFRLzswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwOTI2MTgxMDU4WhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A2MWE0YjI0ODIyN2NhMTc1NmQzNDg3ZjRjOTZhYmY2NDlk
MTdmNzJlYWM4MjhiZDY3YTQzNzUxYTU5NWU0YTgzMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClDBnfpYUJcluCiExC6L6F7RoESEPRShnO5v1nlaZFeDXk
ov2o9xvGKIx5HGycaePHsrReHeXckd7gC+iJ+lHHu+SWSMpQLikiTgthiAzzA3uv
ZEUPmX2UTb1eNt6o6QsmGWkDOxRvguCn2HvCzMzWivKCsXJBciYDe1kfnqzPOKEy
AgBApMt/XEjeRIo8sP7lY3w32KAARfg3dsE+oBOlkgnPdUX3lNB64ukl+Pl1xoML
0ET0AkaITcOXqgDWBugNznyfEFRdDgFl2YBfEwXtqAMyKw2jL4i8Wk/k6BLGzVIO
xFmapg/aZDh9+a0FREmpNpLwcRzxp11o/Z9YFhhFAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU3VOldwoHQs44B462KT45TSzvaV8wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2M5YTdiZDIwLTQ4YmQtNGYwYS05MzdlLTJjY2M3MzAwOGY3My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmAPDwAwAwDQYJKoZIhvcNAQELBQADggEBAGyaQ+ORXy9D7AcjmpBsgnXl
wHxVLv7JxoSsreywceQZDqPrMvhOvELG+GWWaSFp9MsCkUwUFBQqFpIafBsXV3Un
weLwKHPdkJtPwa+YRDJqJpsv+Bb1PQaek7tF3mssgvHNlVDuZbG+VmvrcN5jd68x
FZA+ixBfO6mjw6vLFbEbsQ/JWNuvWOHeteI8Nedjg1OD1Qzi6EuhtHPJFjdk8QpU
k0wkTJ+Xce6kyHNWpasM32oKyhklUZr5Ig3hJaz7xYSIcGqc7Z91e5raS/e0DifV
RcEnMzMQ08E5HOnijovjtIuDgKiw4jgeJexwfIiijWL9TJzUmI52S1VE9v1gLtE=
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:40:29 2025 by rpki-client