Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f555d010-5e5e-4c02-8722-e69da1514f97.roa
File:                     f555d010-5e5e-4c02-8722-e69da1514f97.roa (raw, json)
Hash identifier:          mzazWn6k30x3e4YM0kUU9N1KddwBy6NsWonJnD+CopE=
Subject key identifier:   7C:9B:07:2D:81:E5:20:66:25:20:EA:78:67:7C:15:62:29:A5:5F:44
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       7A8759B848F0DEA06EE11810E01D6DC68EA16A71
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f555d010-5e5e-4c02-8722-e69da1514f97.roa
Signing time:             Mon 16 Jun 2025 19:20:39 +0000
ROA not before:           Mon 16 Jun 2025 19:20:39 +0000
ROA not after:            Mon 21 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:8000::/34 maxlen: 34
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 02 Jul 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:87:59:b8:48:f0:de:a0:6e:e1:18:10:e0:1d:6d:c6:8e:a1:6a:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jun 16 19:20:39 2025 GMT
            Not After : Jul 21 23:59:59 2025 GMT
        Subject: serialNumber=0e9299a485142fda0a8c5ccefcc53eaa37d7ddf52f42db1f275007d28593068c, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:03:5e:8a:cb:db:25:dc:bb:4d:e0:d6:79:a6:
                    7d:b4:01:e7:4a:de:a5:97:e0:98:6f:d9:a0:cf:76:
                    c4:cb:88:a1:41:a7:ce:5e:e7:a1:25:f2:ee:04:e1:
                    94:92:45:c2:c9:ce:79:e6:41:de:15:e7:ec:79:27:
                    c2:53:b8:ba:b0:1a:9b:36:8a:9d:a9:ea:cf:8b:ee:
                    84:96:30:7d:b9:c8:aa:d1:f5:ff:06:20:ae:b8:95:
                    f2:ea:6e:36:00:b2:c5:f2:35:23:b1:0e:88:ca:24:
                    05:7b:7b:ec:a0:1b:fb:28:00:67:ef:65:6e:b7:76:
                    76:fe:5f:75:31:68:34:bf:57:f4:b3:22:e2:42:55:
                    ee:0e:d3:2d:a6:01:97:58:e4:7e:50:b8:d6:f4:d5:
                    a1:59:fa:d2:1a:39:4e:f7:92:69:ec:47:b9:65:02:
                    87:db:59:9d:f7:3c:b8:8a:57:40:74:9d:66:16:37:
                    05:19:1e:ab:ad:4d:41:2f:e9:0b:ab:35:5f:00:ff:
                    41:65:8a:ad:2a:8d:8b:3d:42:64:5b:8d:03:1e:6e:
                    5e:9f:64:14:3e:9c:4b:7e:95:10:db:b4:ed:52:eb:
                    25:16:1f:ad:8f:39:e0:8d:60:ed:2a:bf:cd:e7:a9:
                    37:4c:7d:69:9d:2b:88:20:d5:08:20:57:fd:48:80:
                    4a:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:9B:07:2D:81:E5:20:66:25:20:EA:78:67:7C:15:62:29:A5:5F:44
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f555d010-5e5e-4c02-8722-e69da1514f97.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:8000::/34

    Signature Algorithm: sha256WithRSAEncryption
         35:bf:67:d6:d3:27:f7:3d:a5:41:88:3c:dd:6a:37:ae:97:76:
         13:d4:9b:13:79:2c:ea:80:72:84:5f:76:0d:6d:85:a8:9e:27:
         70:84:c4:4a:fd:7c:c5:eb:c0:be:92:e0:12:bc:57:10:62:b2:
         b2:0d:a0:7d:03:c3:f1:72:cc:aa:ce:a8:3d:e0:31:a8:29:2a:
         a0:1d:25:e7:57:c6:33:ff:9f:81:eb:ce:45:e4:8e:3a:02:a6:
         72:dc:ba:96:fa:d4:4b:02:08:85:5c:30:96:3b:ce:1e:b2:6f:
         e0:90:3c:7a:07:25:a1:c3:b0:a8:df:35:61:4b:a5:ff:d2:0b:
         ec:71:92:b3:cd:7a:de:68:a6:ea:79:22:c3:aa:41:bc:f8:bc:
         6f:91:3e:19:53:62:68:51:d1:3c:a7:b1:14:d4:ce:37:43:ee:
         cb:73:f9:1a:33:1c:48:e0:4c:80:03:54:26:fc:01:b2:13:09:
         52:47:e0:52:ad:e6:13:d7:0d:f4:71:30:87:ef:42:16:f6:4a:
         78:f9:e0:7b:de:96:d0:1a:7b:5d:3d:10:9d:aa:6a:b8:f4:73:
         b8:58:e0:da:e7:92:07:11:a4:ab:cd:02:99:d3:3c:af:6b:64:
         f2:83:01:86:be:12:6f:83:b3:2d:f8:70:c0:84:c8:2c:a7:eb:
         f4:e7:77:4a
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUeodZuEjw3qBu4RgQ4B1txo6hanEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNjE2MTkyMDM5WhcNMjUwNzIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AwZTkyOTlhNDg1MTQyZmRhMGE4YzVjY2VmY2M1M2VhYTM3
ZDdkZGY1MmY0MmRiMWYyNzUwMDdkMjg1OTMwNjhjMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjA16Ky9sl3LtN4NZ5pn20AedK3qWX4Jhv2aDPdsTLiKFB
p85e56El8u4E4ZSSRcLJznnmQd4V5+x5J8JTuLqwGps2ip2p6s+L7oSWMH25yKrR
9f8GIK64lfLqbjYAssXyNSOxDojKJAV7e+ygG/soAGfvZW63dnb+X3UxaDS/V/Sz
IuJCVe4O0y2mAZdY5H5QuNb01aFZ+tIaOU73kmnsR7llAofbWZ33PLiKV0B0nWYW
NwUZHqutTUEv6QurNV8A/0Fliq0qjYs9QmRbjQMebl6fZBQ+nEt+lRDbtO1S6yUW
H62POeCNYO0qv83nqTdMfWmdK4gg1QggV/1IgEpPAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUfJsHLYHlIGYlIOp4Z3wVYimlX0QwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2Y1NTVkMDEwLTVlNWUtNGMwMi04NzIyLWU2OWRhMTUxNGY5Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgYmAPD7gDANBgkqhkiG9w0BAQsFAAOCAQEANb9n1tMn9z2lQYg83Wo3rpd2
E9SbE3ks6oByhF92DW2FqJ4ncITESv18xevAvpLgErxXEGKysg2gfQPD8XLMqs6o
PeAxqCkqoB0l51fGM/+fgevOReSOOgKmcty6lvrUSwIIhVwwljvOHrJv4JA8egcl
ocOwqN81YUul/9IL7HGSs8163mim6nkiw6pBvPi8b5E+GVNiaFHRPKexFNTON0Pu
y3P5GjMcSOBMgANUJvwBshMJUkfgUq3mE9cN9HEwh+9CFvZKePnge96W0Bp7XT0Q
napquPRzuFjg2ueSBxGkq80CmdM8r2tk8oMBhr4Sb4OzLfhwwITILKfr9Od3Sg==
-----END CERTIFICATE-----
Generated at Mon Jun 30 19:53:28 2025 by rpki-client