Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/d15a05ff-c7dc-4ae1-a379-030aa5939dc3.roa
File:                     d15a05ff-c7dc-4ae1-a379-030aa5939dc3.roa (raw, json)
Hash identifier:          39vzkOSDX6xRYUenT8bNe8Rgu7MwLhV6kJuJiTDcwOU=
Subject key identifier:   5F:F0:B5:73:E3:E8:92:7E:28:FD:07:13:F8:43:25:01:BD:43:1B:BD
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       638207F1F4B7D7148D7B1E5D3E5ECD94CC3E5592
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/d15a05ff-c7dc-4ae1-a379-030aa5939dc3.roa
Signing time:             Mon 06 Oct 2025 17:40:38 +0000
ROA not before:           Mon 06 Oct 2025 17:40:38 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:610f::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:82:07:f1:f4:b7:d7:14:8d:7b:1e:5d:3e:5e:cd:94:cc:3e:55:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Oct  6 17:40:38 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=5b8da55cb995a0e01e7422981e23dc7721b60740d67839a9509dd175fc08c506, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:71:bd:6c:f5:9e:c1:b0:4f:39:8f:ca:a5:08:
                    a0:5d:5c:ec:80:70:72:22:20:f0:48:00:6d:bb:5b:
                    c4:e0:0b:b8:6d:3a:19:62:8a:36:08:2b:8f:4f:a0:
                    fb:b8:0b:07:4c:13:38:2f:3d:bb:8d:cb:bc:46:42:
                    cb:8a:96:21:3f:c8:31:14:7b:4a:dd:69:bc:04:ac:
                    21:99:5a:8b:e1:a4:97:01:14:15:76:77:8a:23:c8:
                    d6:b6:d2:7c:57:03:26:3b:c3:85:c2:37:ad:2f:91:
                    bf:c9:ce:2a:2b:89:3d:d0:f3:b3:bf:d6:43:30:40:
                    bd:30:d8:f0:db:ca:9f:4f:aa:5d:62:42:0c:86:c9:
                    ad:99:eb:3a:f4:d1:11:e8:5f:1d:29:49:79:b8:dc:
                    53:49:86:e4:2a:16:2f:8c:c5:3a:32:fc:ef:9d:df:
                    d8:d8:f7:90:91:2c:01:b3:36:76:2a:c0:93:a2:a9:
                    bf:93:b4:3d:e0:0b:a4:31:17:76:73:71:2a:56:79:
                    4e:9b:b7:96:a9:96:0c:f7:eb:a2:fa:a7:1d:8f:be:
                    c9:8c:25:cf:00:b5:fb:a3:d0:72:34:30:a7:13:0b:
                    1d:53:8d:34:13:59:b1:14:9f:ef:fd:8b:a5:6b:ab:
                    60:a6:56:38:e5:04:25:6b:10:9c:a9:05:90:0e:67:
                    66:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:F0:B5:73:E3:E8:92:7E:28:FD:07:13:F8:43:25:01:BD:43:1B:BD
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/d15a05ff-c7dc-4ae1-a379-030aa5939dc3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:610f::/48

    Signature Algorithm: sha256WithRSAEncryption
         9e:69:76:42:0e:a1:eb:6f:50:e7:05:ad:35:94:d1:af:f7:55:
         e7:bf:ce:e4:25:44:ed:7b:95:4e:1a:b4:d4:09:62:43:c9:07:
         46:88:03:a8:c2:ac:18:33:49:4d:49:28:37:02:6d:c0:0e:5f:
         f2:60:60:7b:ed:eb:52:e3:2b:4b:26:97:b7:26:27:6f:c6:db:
         72:e7:7e:3b:25:db:46:e6:06:dc:e4:0b:57:86:5a:d4:25:f5:
         f8:7f:48:57:5c:4f:43:89:bb:83:72:6f:95:ae:72:ec:b7:78:
         65:bb:40:aa:b1:90:3c:02:f5:0e:d3:94:0d:a0:8b:9f:a0:64:
         82:66:19:2f:ea:72:93:ae:14:e6:a6:bf:07:4a:49:df:93:85:
         70:e7:f6:28:af:f4:23:7d:86:a5:bf:3e:b6:5f:57:08:18:32:
         01:4b:27:a1:3c:dc:dd:03:a8:b4:16:cd:a1:46:00:b6:e9:6b:
         f9:24:e9:ee:54:af:0d:56:22:56:a4:98:6f:47:2a:a1:06:f9:
         60:a2:5f:24:20:eb:3e:7f:66:e1:56:45:66:16:28:cb:6d:70:
         fb:8d:4c:b3:0e:b4:88:ee:01:cb:aa:13:ac:b8:2b:d2:e1:bc:
         35:28:b8:42:3c:c0:f0:7a:f3:3c:fd:34:e7:e4:6b:b9:98:5c:
         52:f3:0a:4f
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUY4IH8fS31xSNex5dPl7NlMw+VZIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDA2MTc0MDM4WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A1YjhkYTU1Y2I5OTVhMGUwMWU3NDIyOTgxZTIzZGM3NzIx
YjYwNzQwZDY3ODM5YTk1MDlkZDE3NWZjMDhjNTA2MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6cb1s9Z7BsE85j8qlCKBdXOyAcHIiIPBIAG27W8TgC7ht
OhliijYIK49PoPu4CwdMEzgvPbuNy7xGQsuKliE/yDEUe0rdabwErCGZWovhpJcB
FBV2d4ojyNa20nxXAyY7w4XCN60vkb/JzioriT3Q87O/1kMwQL0w2PDbyp9Pql1i
QgyGya2Z6zr00RHoXx0pSXm43FNJhuQqFi+MxToy/O+d39jY95CRLAGzNnYqwJOi
qb+TtD3gC6QxF3ZzcSpWeU6bt5aplgz366L6px2PvsmMJc8Atfuj0HI0MKcTCx1T
jTQTWbEUn+/9i6Vrq2CmVjjlBCVrEJypBZAOZ2ZrAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUX/C1c+Pokn4o/QcT+EMlAb1DG70wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2QxNWEwNWZmLWM3ZGMtNGFlMS1hMzc5LTAzMGFhNTkzOWRjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwYQ8wDQYJKoZIhvcNAQELBQADggEBAJ5pdkIOoetvUOcFrTWU0a/3
Vee/zuQlRO17lU4atNQJYkPJB0aIA6jCrBgzSU1JKDcCbcAOX/JgYHvt61LjK0sm
l7cmJ2/G23Lnfjsl20bmBtzkC1eGWtQl9fh/SFdcT0OJu4Nyb5Wucuy3eGW7QKqx
kDwC9Q7TlA2gi5+gZIJmGS/qcpOuFOamvwdKSd+ThXDn9iiv9CN9hqW/PrZfVwgY
MgFLJ6E83N0DqLQWzaFGALbpa/kk6e5Urw1WIlakmG9HKqEG+WCiXyQg6z5/ZuFW
RWYWKMttcPuNTLMOtIjuAcuqE6y4K9LhvDUouEI8wPB68zz9NOfka7mYXFLzCk8=
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:44:01 2025 by rpki-client