Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f555d010-5e5e-4c02-8722-e69da1514f97.roa
File:                     f555d010-5e5e-4c02-8722-e69da1514f97.roa (raw, json)
Hash identifier:          Rhf/nr6Su8VSvDOGubp2chCV9UITgcbEbQ1rdsPfe+s=
Subject key identifier:   04:77:E9:6E:0A:ED:66:D6:6C:34:CC:ED:16:E0:21:DC:5A:89:FB:64
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       5F225E509A0C1D0600D7BDF36AF8A128D1CDE145
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f555d010-5e5e-4c02-8722-e69da1514f97.roa
Signing time:             Fri 26 Sep 2025 18:11:00 +0000
ROA not before:           Fri 26 Sep 2025 18:11:00 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:8000::/34 maxlen: 34
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:22:5e:50:9a:0c:1d:06:00:d7:bd:f3:6a:f8:a1:28:d1:cd:e1:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Sep 26 18:11:00 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=71e78d1526bc05eec2c1c8a113b4e592d85fcc93e92e6450b72a1a219ccea95d, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:08:7c:94:ee:41:1a:7e:c0:bd:da:cd:8d:d1:
                    de:cb:55:83:f8:d9:fd:2b:63:4f:47:8b:10:41:cd:
                    1d:ac:5d:a1:b7:1f:79:9d:2f:b5:be:9b:a0:11:77:
                    2c:cc:b5:df:36:16:64:c9:6c:e2:96:37:d9:69:bc:
                    bf:5f:13:11:29:00:45:4d:1a:c7:f4:e6:c1:1a:95:
                    9b:19:20:ba:91:e4:14:43:c8:4b:e1:67:b5:03:c1:
                    58:f2:95:7b:eb:89:7c:8c:75:fd:9e:ad:08:b4:cc:
                    98:6c:ce:c0:d5:d8:d8:9b:c9:93:97:ee:bf:9e:a9:
                    ff:be:d3:db:da:3e:98:26:af:b4:c0:63:ec:28:a6:
                    ae:24:dd:f7:39:dc:e5:e1:88:e6:2c:30:99:04:d8:
                    9c:c4:f0:b3:3e:d8:1f:56:48:eb:0b:b7:31:7d:5e:
                    2a:26:b9:d6:5a:00:9d:82:81:a9:cc:82:5f:81:32:
                    99:92:20:d4:8c:10:55:24:ed:70:1b:ae:ba:76:58:
                    62:6e:40:f4:e1:c3:2a:31:98:d9:ce:ee:5d:c1:bf:
                    05:8b:2e:b8:8f:00:57:2e:e5:50:e0:0b:71:97:67:
                    c4:66:ed:31:fd:a2:d4:41:73:d0:03:21:87:3f:1f:
                    04:fd:ab:a5:7f:4d:25:bd:c2:f3:5e:6b:7e:d2:9c:
                    c6:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:77:E9:6E:0A:ED:66:D6:6C:34:CC:ED:16:E0:21:DC:5A:89:FB:64
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f555d010-5e5e-4c02-8722-e69da1514f97.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:8000::/34

    Signature Algorithm: sha256WithRSAEncryption
         03:9c:cc:12:0c:83:0c:17:12:8c:8b:de:48:fc:77:d6:d1:a1:
         47:88:ba:73:94:a8:85:98:34:6f:08:b3:17:af:1e:79:34:4c:
         1b:a6:47:b4:33:82:96:e0:60:92:08:0b:63:41:14:1f:f4:95:
         1d:ff:5f:3f:4e:a0:f9:f1:af:08:54:0d:77:b5:8e:37:e0:ad:
         49:d1:33:d4:97:ed:8f:d6:e7:43:09:5e:4d:b0:c0:53:95:00:
         c9:a3:c9:73:19:9b:30:44:ca:45:b8:7c:ab:26:a7:81:c1:c7:
         9d:69:1f:99:d6:9f:e8:8d:c6:b8:a7:db:fe:bf:b9:82:c5:ea:
         41:38:f1:c5:69:72:c3:f3:b5:c1:ac:3c:5a:70:1d:4f:8b:2e:
         16:2a:ed:a7:50:82:59:65:bc:80:a9:02:cf:3b:e4:17:ac:18:
         40:43:c5:d1:75:7e:8b:09:0e:c2:cb:25:12:50:60:40:87:10:
         6c:eb:fc:b1:c6:2f:7c:50:ef:6c:cd:25:1a:cc:a2:d5:83:6a:
         b3:d6:95:8d:b1:83:c6:33:f4:9e:07:78:dc:cb:59:1c:18:90:
         8a:55:7c:9b:6e:52:b4:f3:a3:bf:11:17:6f:0f:63:77:fb:52:
         65:20:82:5b:9e:9d:2f:7f:1b:99:91:6f:75:c8:a5:88:d3:85:
         2c:6a:b5:5e
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUXyJeUJoMHQYA173zavihKNHN4UUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwOTI2MTgxMTAwWhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A3MWU3OGQxNTI2YmMwNWVlYzJjMWM4YTExM2I0ZTU5MmQ4
NWZjYzkzZTkyZTY0NTBiNzJhMWEyMTljY2VhOTVkMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmCHyU7kEafsC92s2N0d7LVYP42f0rY09HixBBzR2sXaG3
H3mdL7W+m6ARdyzMtd82FmTJbOKWN9lpvL9fExEpAEVNGsf05sEalZsZILqR5BRD
yEvhZ7UDwVjylXvriXyMdf2erQi0zJhszsDV2NibyZOX7r+eqf++09vaPpgmr7TA
Y+wopq4k3fc53OXhiOYsMJkE2JzE8LM+2B9WSOsLtzF9XiomudZaAJ2CganMgl+B
MpmSINSMEFUk7XAbrrp2WGJuQPThwyoxmNnO7l3BvwWLLriPAFcu5VDgC3GXZ8Rm
7TH9otRBc9ADIYc/HwT9q6V/TSW9wvNea37SnMZjAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUBHfpbgrtZtZsNMztFuAh3FqJ+2QwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2Y1NTVkMDEwLTVlNWUtNGMwMi04NzIyLWU2OWRhMTUxNGY5Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgYmAPD7gDANBgkqhkiG9w0BAQsFAAOCAQEAA5zMEgyDDBcSjIveSPx31tGh
R4i6c5SohZg0bwizF68eeTRMG6ZHtDOCluBgkggLY0EUH/SVHf9fP06g+fGvCFQN
d7WON+CtSdEz1Jftj9bnQwleTbDAU5UAyaPJcxmbMETKRbh8qyangcHHnWkfmdaf
6I3GuKfb/r+5gsXqQTjxxWlyw/O1waw8WnAdT4suFirtp1CCWWW8gKkCzzvkF6wY
QEPF0XV+iwkOwsslElBgQIcQbOv8scYvfFDvbM0lGsyi1YNqs9aVjbGDxjP0ngd4
3MtZHBiQilV8m25StPOjvxEXbw9jd/tSZSCCW56dL38bmZFvdciliNOFLGq1Xg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:40:20 2025 by rpki-client