Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ddabe105-17a8-4460-a8c9-18b7474ee13f.roa
File:                     ddabe105-17a8-4460-a8c9-18b7474ee13f.roa (raw, json)
Hash identifier:          mSyhbg6JSxq9BPJ0q6FoUlhQ8A5vyjXhzWnoufNUik8=
Subject key identifier:   4C:7C:48:ED:C7:6B:71:D0:A0:EA:37:DA:44:4F:CA:36:79:93:D5:D9
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       1EED5FAE1898DB655D67EF1FAB44677ABC8FB9C0
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ddabe105-17a8-4460-a8c9-18b7474ee13f.roa
Signing time:             Sat 27 Sep 2025 00:52:49 +0000
ROA not before:           Sat 27 Sep 2025 00:52:49 +0000
ROA not after:            Sat 01 Nov 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:f0f0:400::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:ed:5f:ae:18:98:db:65:5d:67:ef:1f:ab:44:67:7a:bc:8f:b9:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Sep 27 00:52:49 2025 GMT
            Not After : Nov  1 23:59:59 2025 GMT
        Subject: serialNumber=63b0c5d4752e8162b261704dec6dcecf34043d4abb34c8295634bbe8c86a12f9, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:ce:89:95:f1:12:ad:04:ac:3e:1c:a9:42:b2:
                    29:11:62:68:2d:68:41:8a:8a:d6:5d:1d:ec:6e:98:
                    21:eb:3b:15:f0:0f:a2:c0:df:ae:fa:91:fb:e5:44:
                    2f:5b:f6:ec:5d:50:b3:5f:cd:85:7e:36:e2:d5:77:
                    11:71:84:8b:03:ef:f5:7a:8c:45:36:53:78:86:dd:
                    2d:9b:55:98:2f:0c:a2:6f:c2:73:a5:7a:9a:d1:69:
                    65:ef:41:4a:36:3b:c7:78:c0:f7:75:1a:ed:b1:9f:
                    b2:6e:a7:e5:d3:61:66:25:f1:ee:7e:2f:c1:dc:e8:
                    27:44:2f:24:d7:94:a8:4a:41:70:dc:d0:fa:bd:36:
                    1e:46:cf:38:b0:2f:85:ce:cd:fa:63:78:84:93:23:
                    9a:ec:c6:b0:d6:ba:5a:d0:b1:41:98:e9:db:d3:aa:
                    78:75:a7:1c:f0:fd:46:04:73:c6:c1:65:4a:f7:3e:
                    ed:94:7d:d1:ef:97:5d:7c:3d:63:48:c4:86:de:33:
                    51:44:54:b6:76:bd:91:bf:d8:f6:b7:ff:c2:99:d6:
                    b4:f4:dc:74:37:75:c2:07:fc:65:59:6e:8d:d2:42:
                    63:5d:50:9b:e0:2e:ea:f7:1f:7b:8b:d3:d6:89:cf:
                    d2:8b:53:f7:5f:69:0c:e3:40:97:8e:12:b7:ff:67:
                    71:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:7C:48:ED:C7:6B:71:D0:A0:EA:37:DA:44:4F:CA:36:79:93:D5:D9
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ddabe105-17a8-4460-a8c9-18b7474ee13f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:400::/44

    Signature Algorithm: sha256WithRSAEncryption
         2a:1c:ac:42:b2:f6:55:75:38:2f:8d:d4:9b:f9:8c:4a:98:1f:
         a4:5c:55:5d:e4:e9:62:56:0b:98:34:b1:7b:55:b7:90:10:61:
         0f:98:1c:ee:f6:19:14:9e:cc:54:14:51:e5:ed:85:b2:00:c2:
         c7:7a:a7:e3:ba:3a:60:e9:ae:8e:cf:0a:4d:75:42:94:28:44:
         ba:11:a9:7f:f8:5a:45:41:a0:b4:09:4f:a0:3c:47:a8:98:4e:
         d7:ea:40:d1:9d:32:d3:82:c6:2e:d0:8a:25:82:2f:33:56:c8:
         4c:a3:a9:39:b1:6d:93:63:39:06:b5:7e:75:77:38:e9:95:35:
         10:58:35:9a:e7:b1:ab:ae:30:aa:a5:90:b2:22:c3:8e:86:29:
         78:6a:31:e9:07:12:a6:bc:64:ae:a6:7b:b0:c7:6b:d4:ba:c3:
         6c:f6:c0:7b:02:4d:0c:f1:2b:52:51:66:f9:16:86:83:77:22:
         cd:d2:cb:f5:40:5c:19:45:fd:60:cc:4e:90:48:73:ba:20:5a:
         87:f7:c3:ec:7a:c6:0d:36:56:a4:ad:f2:6a:75:64:95:2c:87:
         f8:ed:dc:0c:0a:48:c4:79:91:2f:6d:2b:d6:3b:b6:b3:67:df:
         be:b6:05:49:8b:bd:97:2a:c6:f7:f3:bf:34:46:13:72:76:fd:
         e2:36:a0:c4
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUHu1frhiY22VdZ+8fq0RneryPucAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwOTI3MDA1MjQ5WhcNMjUxMTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0A2M2IwYzVkNDc1MmU4MTYyYjI2MTcwNGRlYzZkY2VjZjM0
MDQzZDRhYmIzNGM4Mjk1NjM0YmJlOGM4NmExMmY5MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCWzomV8RKtBKw+HKlCsikRYmgtaEGKitZdHexumCHrOxXw
D6LA3676kfvlRC9b9uxdULNfzYV+NuLVdxFxhIsD7/V6jEU2U3iG3S2bVZgvDKJv
wnOleprRaWXvQUo2O8d4wPd1Gu2xn7Jup+XTYWYl8e5+L8Hc6CdELyTXlKhKQXDc
0Pq9Nh5GzziwL4XOzfpjeISTI5rsxrDWulrQsUGY6dvTqnh1pxzw/UYEc8bBZUr3
Pu2UfdHvl118PWNIxIbeM1FEVLZ2vZG/2Pa3/8KZ1rT03HQ3dcIH/GVZbo3SQmNd
UJvgLur3H3uL09aJz9KLU/dfaQzjQJeOErf/Z3F7AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUTHxI7cdrcdCg6jfaRE/KNnmT1dkwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2RkYWJlMTA1LTE3YTgtNDQ2MC1hOGM5LTE4Yjc0NzRlZTEzZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmAPDwBAAwDQYJKoZIhvcNAQELBQADggEBACocrEKy9lV1OC+N1Jv5jEqY
H6RcVV3k6WJWC5g0sXtVt5AQYQ+YHO72GRSezFQUUeXthbIAwsd6p+O6OmDpro7P
Ck11QpQoRLoRqX/4WkVBoLQJT6A8R6iYTtfqQNGdMtOCxi7QiiWCLzNWyEyjqTmx
bZNjOQa1fnV3OOmVNRBYNZrnsauuMKqlkLIiw46GKXhqMekHEqa8ZK6me7DHa9S6
w2z2wHsCTQzxK1JRZvkWhoN3Is3Sy/VAXBlF/WDMTpBIc7ogWof3w+x6xg02VqSt
8mp1ZJUsh/jt3AwKSMR5kS9tK9Y7trNn3762BUmLvZcqxvfzvzRGE3J2/eI2oMQ=
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:40:44 2025 by rpki-client