Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/eaa44d60-743f-446e-9c20-0b0b717ee1ab.roa
File:                     eaa44d60-743f-446e-9c20-0b0b717ee1ab.roa (raw, json)
Hash identifier:          lqtS+GV5RF75yXdVRmMB0dQpWdM2H7ascwa7bXyu2cQ=
Subject key identifier:   2D:05:B0:59:A1:F2:A2:82:9E:3C:5F:C0:D8:21:D6:63:F2:16:C6:1A
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       139A2A87BA3363EBB9C86BBC202826CCDE976899
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/eaa44d60-743f-446e-9c20-0b0b717ee1ab.roa
Signing time:             Fri 03 Oct 2025 15:18:20 +0000
ROA not before:           Fri 03 Oct 2025 15:18:20 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:6100::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:9a:2a:87:ba:33:63:eb:b9:c8:6b:bc:20:28:26:cc:de:97:68:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Oct  3 15:18:20 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=c7f4470551f347191a457fe06962cc5152ebfd4e3fb2481af72969f4765f118f, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:13:99:61:24:a3:aa:21:08:a6:6a:81:cd:7d:
                    e1:9e:23:58:a0:5f:f2:3e:36:96:4c:42:c2:2b:e1:
                    78:da:00:80:2b:33:ea:cb:50:63:eb:d5:b1:0b:39:
                    4d:8c:2c:05:58:56:ae:b7:d9:81:5f:9e:47:9c:9c:
                    3c:76:9c:b8:c7:cd:83:82:62:dd:58:ce:5f:e3:ae:
                    3e:b7:e6:b1:3a:7d:d1:12:77:42:4b:7c:d4:f2:fa:
                    df:f9:d1:be:b2:1e:66:3c:1d:d3:f6:49:f9:8a:a8:
                    25:11:7d:84:8d:7e:ef:bc:4d:97:3d:6e:06:ff:e5:
                    ca:89:b0:55:95:d4:5c:91:14:86:22:75:7c:d5:c5:
                    b9:69:56:fa:0c:2a:96:d6:27:a6:ce:ad:2b:cb:63:
                    3a:6f:d6:bc:7a:d4:5a:a0:25:ea:07:4e:19:3a:2d:
                    0c:22:23:5f:02:2a:5c:14:6f:f0:ae:88:3a:23:de:
                    40:fa:6e:aa:35:f4:12:8b:ef:b3:d6:3d:d6:4b:48:
                    15:cd:ae:b8:2b:8b:80:a1:3c:3a:6c:0a:36:5b:e6:
                    c7:56:82:89:f0:32:0c:83:f5:43:fe:94:29:2b:78:
                    22:9b:75:4c:c7:b2:09:04:53:f1:8f:29:90:53:1b:
                    97:78:34:36:c3:0f:73:17:af:15:ab:83:7d:4c:8c:
                    5a:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:05:B0:59:A1:F2:A2:82:9E:3C:5F:C0:D8:21:D6:63:F2:16:C6:1A
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/eaa44d60-743f-446e-9c20-0b0b717ee1ab.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:6100::/48

    Signature Algorithm: sha256WithRSAEncryption
         a6:ce:76:31:e1:78:d8:fd:87:7c:8f:6d:15:0a:0a:26:08:f7:
         4d:06:59:df:ee:3c:92:36:c1:6d:2f:f3:39:05:b0:aa:0b:e5:
         e2:f5:23:4a:95:ff:1e:dc:e1:db:7f:6a:14:2f:a3:6a:dd:cf:
         91:53:45:22:c3:63:b7:bc:9d:f7:c0:26:23:4f:5c:9d:71:fc:
         7b:75:e6:e5:aa:39:f9:c3:ec:55:04:a5:b2:a8:44:68:d5:22:
         d9:2e:27:f0:3e:ef:53:dc:68:5a:51:1d:9e:7e:ce:31:5c:07:
         87:97:d8:33:09:1a:81:7f:4a:c0:fa:54:e2:5f:cf:12:4c:55:
         6f:2c:8b:f6:61:3f:cc:7f:3f:b6:36:22:2c:e9:3f:15:fb:fd:
         69:b5:e5:fd:cd:a6:63:f3:b5:cd:cb:b4:6c:fc:2f:be:99:ab:
         07:73:71:82:bd:c3:f3:cd:14:f3:1d:69:c6:61:d8:79:24:53:
         cb:ff:9c:c0:58:77:5c:67:96:b5:53:4d:8a:96:e6:e5:df:9a:
         9b:be:2e:74:2e:99:4f:e8:de:0c:76:97:7b:b1:02:45:79:fb:
         a3:43:66:6b:52:0e:db:7d:7d:95:1e:44:37:87:c6:5d:35:1a:
         82:8e:59:f4:3e:ba:24:ae:b4:e8:27:2e:66:a8:7d:dd:e0:31:
         ae:94:b5:5f
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUE5oqh7ozY+u5yGu8ICgmzN6XaJkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDAzMTUxODIwWhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BjN2Y0NDcwNTUxZjM0NzE5MWE0NTdmZTA2OTYyY2M1MTUy
ZWJmZDRlM2ZiMjQ4MWFmNzI5NjlmNDc2NWYxMThmMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbE5lhJKOqIQimaoHNfeGeI1igX/I+NpZMQsIr4XjaAIAr
M+rLUGPr1bELOU2MLAVYVq632YFfnkecnDx2nLjHzYOCYt1Yzl/jrj635rE6fdES
d0JLfNTy+t/50b6yHmY8HdP2SfmKqCURfYSNfu+8TZc9bgb/5cqJsFWV1FyRFIYi
dXzVxblpVvoMKpbWJ6bOrSvLYzpv1rx61FqgJeoHThk6LQwiI18CKlwUb/CuiDoj
3kD6bqo19BKL77PWPdZLSBXNrrgri4ChPDpsCjZb5sdWgonwMgyD9UP+lCkreCKb
dUzHsgkEU/GPKZBTG5d4NDbDD3MXrxWrg31MjFqVAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQULQWwWaHyooKePF/A2CHWY/IWxhowHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2VhYTQ0ZDYwLTc0M2YtNDQ2ZS05YzIwLTBiMGI3MTdlZTFhYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwYQAwDQYJKoZIhvcNAQELBQADggEBAKbOdjHheNj9h3yPbRUKCiYI
900GWd/uPJI2wW0v8zkFsKoL5eL1I0qV/x7c4dt/ahQvo2rdz5FTRSLDY7e8nffA
JiNPXJ1x/Ht15uWqOfnD7FUEpbKoRGjVItkuJ/A+71PcaFpRHZ5+zjFcB4eX2DMJ
GoF/SsD6VOJfzxJMVW8si/ZhP8x/P7Y2IizpPxX7/Wm15f3NpmPztc3LtGz8L76Z
qwdzcYK9w/PNFPMdacZh2HkkU8v/nMBYd1xnlrVTTYqW5uXfmpu+LnQumU/o3gx2
l3uxAkV5+6NDZmtSDtt9fZUeRDeHxl01GoKOWfQ+uiSutOgnLmaofd3gMa6UtV8=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:33:10 2025 by rpki-client