Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f6334ad8-04a1-4b1e-af68-368584971f2f.roa
File:                     f6334ad8-04a1-4b1e-af68-368584971f2f.roa (raw, json)
Hash identifier:          jf5J6xQSzyddymCO8Axv3ZvKOR+zbKE1M/Ml3/TssCQ=
Subject key identifier:   0C:14:B8:9F:4D:5C:25:3E:A7:B6:1E:9F:81:14:F0:3A:3E:29:87:8A
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       62D98888804DEC996E81602DA8F92DE3D1729E10
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f6334ad8-04a1-4b1e-af68-368584971f2f.roa
Signing time:             Fri 26 Sep 2025 18:20:12 +0000
ROA not before:           Fri 26 Sep 2025 18:20:12 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:e300::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:d9:88:88:80:4d:ec:99:6e:81:60:2d:a8:f9:2d:e3:d1:72:9e:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Sep 26 18:20:12 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=185dec758c37aaab89966a15d519bdaa49e569f79e2d38ab6b838ae84c13e4c8, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:dd:eb:bf:da:88:8e:09:34:50:26:c2:e4:0a:
                    37:d6:19:a8:b4:c9:89:b8:28:54:61:83:5d:b6:2a:
                    43:4f:90:b4:ce:a5:06:08:a7:84:84:f4:28:b5:f4:
                    f6:19:8a:f0:98:34:13:c4:10:03:b5:ad:36:f4:99:
                    c1:3a:5f:15:6e:87:74:c0:43:c0:6f:b3:c8:8e:3e:
                    76:38:f1:41:b7:38:91:fa:c1:7e:ff:b2:ed:94:5e:
                    d5:e7:28:b6:e2:7e:b2:6c:40:4c:89:65:29:e2:0d:
                    ba:53:d5:9a:7d:07:20:4b:88:b2:15:18:d7:a4:54:
                    2d:6e:16:fb:e1:f4:6d:40:2a:19:c8:7c:6f:40:53:
                    fa:d3:f5:bc:5f:20:01:ff:12:4b:36:42:2f:ca:79:
                    91:c1:00:38:23:1f:98:f6:75:80:a6:32:da:b1:80:
                    38:8d:49:67:36:80:ae:24:68:b2:97:ac:c8:05:51:
                    a1:c0:0d:aa:ed:06:c0:a2:33:46:20:18:29:13:e1:
                    3b:55:6c:a2:2b:96:4e:90:be:63:b2:9f:d9:f6:da:
                    4f:7b:99:84:f6:57:8e:53:31:15:32:9d:22:40:d0:
                    90:f8:31:c4:ad:7a:85:77:d2:ff:9e:16:7c:d1:f9:
                    37:e6:5b:a7:8c:10:01:fc:bb:ad:02:c0:c2:82:27:
                    66:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:14:B8:9F:4D:5C:25:3E:A7:B6:1E:9F:81:14:F0:3A:3E:29:87:8A
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f6334ad8-04a1-4b1e-af68-368584971f2f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:e300::/40

    Signature Algorithm: sha256WithRSAEncryption
         99:51:70:35:51:fa:cc:54:f4:87:2d:10:bd:8e:06:15:fc:b6:
         ca:95:7c:78:a6:28:e6:71:a0:8a:3b:4e:1a:79:2e:d5:7c:52:
         04:22:09:6d:43:38:05:88:08:ff:8e:13:d7:fd:2f:f3:fd:60:
         c2:37:a0:43:9d:30:9a:71:01:04:b1:15:27:b4:ae:6a:6d:8b:
         43:2b:ff:b2:dc:31:e0:e8:c1:21:f0:3b:0e:cf:10:7e:be:4f:
         de:85:31:99:f8:89:55:76:0f:59:8d:0a:a1:89:52:cf:a5:30:
         6d:b1:97:a6:76:80:63:96:8b:2a:ce:f9:95:04:ce:6a:88:10:
         30:b5:85:24:9e:fa:67:02:74:47:e7:85:38:fd:f7:10:66:93:
         8f:cb:fe:47:a7:c6:4e:2c:ea:48:39:af:1a:e2:6e:c4:04:73:
         72:ce:d2:54:8e:c7:e0:48:a0:cd:2b:60:29:38:a1:5b:89:84:
         b3:78:8d:d7:15:d0:32:b2:09:08:a1:cf:d6:e5:f8:f3:31:b8:
         8b:2c:e4:f7:65:d0:72:0e:87:ff:8c:a7:3f:40:d1:11:f9:ef:
         83:ed:3c:ea:79:0c:b3:79:97:95:c5:ee:6e:69:1d:71:ce:c1:
         2b:ae:26:df:af:14:04:70:ca:37:25:13:e9:6e:11:16:5f:5c:
         5e:6e:d1:85
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUYtmIiIBN7JlugWAtqPkt49FynhAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwOTI2MTgyMDEyWhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AxODVkZWM3NThjMzdhYWFiODk5NjZhMTVkNTE5YmRhYTQ5
ZTU2OWY3OWUyZDM4YWI2YjgzOGFlODRjMTNlNGM4MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC53eu/2oiOCTRQJsLkCjfWGai0yYm4KFRhg122KkNPkLTO
pQYIp4SE9Ci19PYZivCYNBPEEAO1rTb0mcE6XxVuh3TAQ8Bvs8iOPnY48UG3OJH6
wX7/su2UXtXnKLbifrJsQEyJZSniDbpT1Zp9ByBLiLIVGNekVC1uFvvh9G1AKhnI
fG9AU/rT9bxfIAH/Eks2Qi/KeZHBADgjH5j2dYCmMtqxgDiNSWc2gK4kaLKXrMgF
UaHADartBsCiM0YgGCkT4TtVbKIrlk6QvmOyn9n22k97mYT2V45TMRUynSJA0JD4
McSteoV30v+eFnzR+TfmW6eMEAH8u60CwMKCJ2aZAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUDBS4n01cJT6nth6fgRTwOj4ph4owHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2Y2MzM0YWQ4LTA0YTEtNGIxZS1hZjY4LTM2ODU4NDk3MWYyZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPD74zANBgkqhkiG9w0BAQsFAAOCAQEAmVFwNVH6zFT0hy0QvY4GFfy2
ypV8eKYo5nGgijtOGnku1XxSBCIJbUM4BYgI/44T1/0v8/1gwjegQ50wmnEBBLEV
J7Suam2LQyv/stwx4OjBIfA7Ds8Qfr5P3oUxmfiJVXYPWY0KoYlSz6UwbbGXpnaA
Y5aLKs75lQTOaogQMLWFJJ76ZwJ0R+eFOP33EGaTj8v+R6fGTizqSDmvGuJuxARz
cs7SVI7H4EigzStgKTihW4mEs3iN1xXQMrIJCKHP1uX48zG4iyzk92XQcg6H/4yn
P0DREfnvg+086nkMs3mXlcXubmkdcc7BK64m368UBHDKNyUT6W4RFl9cXm7RhQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:40:37 2025 by rpki-client