Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f8118e9e-4da8-4d2a-bf13-2faef4f132df.roa
File:                     f8118e9e-4da8-4d2a-bf13-2faef4f132df.roa (raw, json)
Hash identifier:          5cYiOCfd8UN0e3qmG3Lk1+faM1rygItKw/TSy8ngtZM=
Subject key identifier:   A7:AA:F5:83:0C:56:31:8F:F1:EB:FA:60:FE:7B:5E:C9:7F:F3:95:D8
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       4440124FDEB5CD66EAB90F8F0911B6CA188147
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f8118e9e-4da8-4d2a-bf13-2faef4f132df.roa
Signing time:             Mon 06 Oct 2025 17:40:22 +0000
ROA not before:           Mon 06 Oct 2025 17:40:22 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:610e::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:40:12:4f:de:b5:cd:66:ea:b9:0f:8f:09:11:b6:ca:18:81:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Oct  6 17:40:22 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=715e6867c65073e88e8ed03a45219baac343ca335c32191fd21a75191ea46723, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:e1:2e:02:e6:8c:e4:fa:e5:24:09:57:e5:89:
                    1f:34:61:c4:75:5c:d8:3c:13:ce:fc:d7:c2:96:59:
                    d5:4a:e3:7b:ab:63:25:42:8b:2a:8f:e9:46:ca:36:
                    23:2e:af:25:50:4d:a4:67:07:44:56:35:44:47:b5:
                    e6:2d:64:54:4b:fa:04:af:a3:1b:27:7a:cc:5d:ed:
                    0f:89:b0:b3:c8:96:07:cd:63:aa:c3:83:0a:cc:40:
                    8d:f9:d3:fc:e2:54:18:b2:50:a2:b3:74:8f:49:b1:
                    46:0e:f7:80:af:c4:20:80:b7:28:a8:51:b6:a3:bc:
                    25:dc:cd:ab:2f:b0:85:a8:7c:1b:55:57:ca:e7:a0:
                    4d:e2:dc:68:48:1a:bb:ac:28:9a:8c:0a:9a:f1:d7:
                    c0:7f:55:67:af:ea:a4:2f:f8:aa:7c:25:78:5b:91:
                    78:bd:1d:a0:96:00:2b:6c:f9:b4:7e:ec:8c:9d:12:
                    41:db:e8:41:d0:ba:b2:7a:cd:ef:28:0a:df:fb:9d:
                    e9:2d:da:e6:1f:8e:00:53:21:ca:d2:2c:f1:e3:13:
                    a4:51:8a:f9:96:9e:41:d9:59:2d:31:29:99:01:8c:
                    82:50:af:cf:fd:93:41:64:f1:92:51:1b:a8:f4:c1:
                    b1:da:5b:4d:28:45:6a:11:28:3d:5e:74:48:ac:b0:
                    e0:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:AA:F5:83:0C:56:31:8F:F1:EB:FA:60:FE:7B:5E:C9:7F:F3:95:D8
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f8118e9e-4da8-4d2a-bf13-2faef4f132df.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:610e::/48

    Signature Algorithm: sha256WithRSAEncryption
         10:36:d3:f4:4d:81:5a:47:53:c8:e2:5b:d0:50:b9:23:02:29:
         c7:b5:33:02:7a:85:a2:39:7a:cc:fe:b4:dc:32:49:1d:5c:55:
         12:a9:07:df:12:20:b5:7d:53:6a:1d:4f:91:43:aa:47:15:50:
         47:b5:52:d9:d1:44:a1:3f:d3:2f:92:c9:0f:a4:07:3c:14:c3:
         6a:08:bc:3c:64:d1:e8:4c:73:13:8d:30:2a:c6:bf:2e:0f:ee:
         60:4d:cd:6b:bf:51:25:ba:23:d9:54:7f:ff:af:4d:55:32:a1:
         a4:fa:61:bc:7e:c7:ed:34:b2:fa:7f:e3:f9:c7:0c:1a:21:8d:
         18:1d:ea:a7:2a:fd:eb:f5:e4:8e:e8:6e:82:10:13:7a:96:66:
         46:a6:39:24:14:65:23:1a:78:81:1d:42:1c:6f:d2:57:e9:56:
         bf:89:45:5a:89:31:a3:4d:e2:5c:b1:3c:29:b7:16:62:19:7d:
         f3:21:40:3f:35:dd:a5:39:9a:51:c7:89:84:e8:24:48:cc:9a:
         c2:41:80:81:4d:f4:59:fa:a4:49:b9:68:1a:df:bd:89:a1:77:
         f8:9b:20:74:23:bb:02:be:db:87:47:c9:5d:32:e0:7d:b9:52:
         78:f9:b3:a1:44:f2:82:23:b5:ed:cf:91:d4:51:1f:58:d1:49:
         52:a6:4d:c6
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgITREAST961zWbquQ+PCRG2yhiBRzANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzJiNTg0NWMzMDdkMGJmNjFiMTM0YjhhYjcxMTU0NTgyNmIx
NzA3ZmQ1ZjBhZjg0ZGEwODAeFw0yNTEwMDYxNzQwMjJaFw0yNTExMTAyMzU5NTla
MHoxSTBHBgNVBAUTQDcxNWU2ODY3YzY1MDczZTg4ZThlZDAzYTQ1MjE5YmFhYzM0
M2NhMzM1YzMyMTkxZmQyMWE3NTE5MWVhNDY3MjMxLTArBgNVBAMTJGZiYjI3NTc2
LWNhYzItNDM4MS05YTUzLTZjMTVlMGRjMjZmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANbhLgLmjOT65SQJV+WJHzRhxHVc2DwTzvzXwpZZ1Urje6tj
JUKLKo/pRso2Iy6vJVBNpGcHRFY1REe15i1kVEv6BK+jGyd6zF3tD4mws8iWB81j
qsODCsxAjfnT/OJUGLJQorN0j0mxRg73gK/EIIC3KKhRtqO8JdzNqy+whah8G1VX
yuegTeLcaEgau6womowKmvHXwH9VZ6/qpC/4qnwleFuReL0doJYAK2z5tH7sjJ0S
QdvoQdC6snrN7ygK3/ud6S3a5h+OAFMhytIs8eMTpFGK+ZaeQdlZLTEpmQGMglCv
z/2TQWTxklEbqPTBsdpbTShFahEoPV50SKyw4JMCAwEAAaOCArQwggKwMB0GA1Ud
DgQWBBSnqvWDDFYxj/Hr+mD+e17Jf/OV2DAfBgNVHSMEGDAWgBQuGOIIoYJXGwl9
0iOnFp5A6+mJPTAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
NTIxZWIzM2YtOTY3Mi00Y2Q5LWFjY2UtMTM3MjI3ZTk3MWFjLzZhOTUzN2E4LWE2
ODUtNGI0OC05ZmE4LTgzNjJlNGZjNDdhZS9iNTg0NWMzMDdkMGJmNjFiMTM0Yjhh
YjcxMTU0NTgyNmIxNzA3ZmQ1ZjBhZjg0ZGEwOC5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS81MTdmM2VkNy01OGI1LTQ3OTYtYmUzNy0xNGQ2
MmU0OGYwNTYvZjgxMThlOWUtNGRhOC00ZDJhLWJmMTMtMmZhZWY0ZjEzMmRmLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzct
MTRkNjJlNDhmMDU2L0NfWWJFMHVLdHhGVVdDYXhjSF9WOEstRTJnZy5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACYA8PBhDjANBgkqhkiG9w0BAQsFAAOCAQEAEDbT9E2BWkdTyOJb0FC5IwIp
x7UzAnqFojl6zP603DJJHVxVEqkH3xIgtX1Tah1PkUOqRxVQR7VS2dFEoT/TL5LJ
D6QHPBTDagi8PGTR6ExzE40wKsa/Lg/uYE3Na79RJboj2VR//69NVTKhpPphvH7H
7TSy+n/j+ccMGiGNGB3qpyr96/XkjuhughATepZmRqY5JBRlIxp4gR1CHG/SV+lW
v4lFWokxo03iXLE8KbcWYhl98yFAPzXdpTmaUceJhOgkSMyawkGAgU30WfqkSblo
Gt+9iaF3+JsgdCO7Ar7bh0fJXTLgfblSePmzoUTygiO17c+R1FEfWNFJUqZNxg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:56:07 2025 by rpki-client