Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/038bfc14-70d0-4845-80d9-ef20d84714c7.roa
File:                     038bfc14-70d0-4845-80d9-ef20d84714c7.roa (raw, json)
Hash identifier:          nOTU5ZHFgdn1lEjQWWnl/1s+gEmqDH8FmyQQK3D+I70=
Subject key identifier:   74:05:4F:73:00:00:17:75:C7:9F:70:3B:F1:79:20:F0:84:D0:3E:FC
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       2D807FBB48FB816F1F000DBC58D160E989400A56
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/038bfc14-70d0-4845-80d9-ef20d84714c7.roa
Signing time:             Wed 22 Oct 2025 00:40:16 +0000
ROA not before:           Wed 22 Oct 2025 00:40:16 +0000
ROA not after:            Wed 26 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:f10f::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 06 Nov 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:80:7f:bb:48:fb:81:6f:1f:00:0d:bc:58:d1:60:e9:89:40:0a:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Oct 22 00:40:16 2025 GMT
            Not After : Nov 26 23:59:59 2025 GMT
        Subject: serialNumber=04d8284b62004ec620d51a1a533365aee8085b9e5ccad288e3d4bc32a4913d14, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:e2:26:ca:0b:60:5a:78:dd:60:1b:55:09:1c:
                    8c:3a:1d:32:8c:c9:c7:a3:74:65:ee:f0:32:9d:13:
                    ac:b1:fa:49:72:e0:14:aa:1f:23:62:7c:99:23:72:
                    38:4d:30:a1:a3:6f:36:04:30:21:f6:72:13:f3:51:
                    eb:42:78:fd:ce:ba:e7:9a:37:56:b0:d5:f7:c2:ef:
                    a4:67:09:56:00:c9:5a:14:c5:99:e7:21:71:24:4e:
                    a2:bc:f5:95:c1:d2:24:66:df:0a:3f:30:8f:ee:8f:
                    6c:7e:07:d0:05:32:61:02:e1:89:7c:89:1d:04:88:
                    15:b1:15:42:19:03:b2:fd:0c:d2:03:2d:dd:db:65:
                    80:53:9d:81:7c:c9:bb:ea:99:56:25:fc:26:21:3a:
                    56:3d:4a:86:75:ab:3d:36:62:77:76:71:3a:09:aa:
                    77:e9:a0:2e:8e:8d:27:0b:e0:41:e3:8b:fc:42:36:
                    ff:7e:80:05:a8:dd:35:11:e9:ac:0a:90:4b:42:05:
                    fa:7d:ea:7b:8b:72:2a:81:cb:70:6e:db:ea:10:d8:
                    6c:a2:ef:be:4e:aa:99:e9:91:35:d0:cd:af:dd:2c:
                    6e:9c:8b:0f:36:25:bd:08:7c:09:54:58:1d:00:bf:
                    53:43:c9:31:22:5a:a6:6a:55:b4:04:09:d5:35:c7:
                    4c:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:05:4F:73:00:00:17:75:C7:9F:70:3B:F1:79:20:F0:84:D0:3E:FC
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/038bfc14-70d0-4845-80d9-ef20d84714c7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:f10f::/48

    Signature Algorithm: sha256WithRSAEncryption
         17:dd:d3:0f:ef:72:92:00:0a:d4:7e:7a:13:b7:8e:b1:65:80:
         63:ba:80:44:9a:20:42:c5:20:67:6e:c6:91:af:c9:a9:4e:c8:
         28:1a:85:bb:a5:1e:eb:00:38:b7:73:3c:a2:b7:98:79:de:72:
         09:01:28:5d:67:74:39:70:76:a7:d5:a9:cf:8e:e6:17:94:55:
         ff:42:bc:64:3b:af:3a:e7:ac:a4:3b:c6:e7:d1:37:ea:3f:cd:
         f7:1c:76:92:67:6a:9e:60:07:e2:ef:50:1e:8d:7c:3d:d4:c5:
         f3:31:d8:1d:63:27:56:8c:aa:1b:a5:24:0e:32:49:3c:37:12:
         cd:de:f0:0e:7e:4d:04:b1:6e:c5:78:8e:da:7b:c1:f7:b9:e9:
         11:13:98:e5:82:ba:59:a9:d1:f6:3a:d8:97:7d:22:18:9e:35:
         ea:35:01:8d:b5:c7:9f:5b:56:9e:87:da:2a:82:ef:ce:40:7f:
         e5:3f:60:15:94:03:24:f9:fe:64:d2:a5:87:25:3c:a0:e9:38:
         44:a6:e6:51:a8:07:a6:1b:77:71:20:2c:9e:ff:96:6e:23:05:
         aa:c8:d7:92:bf:ae:ce:a2:d9:44:3e:0f:e9:7b:78:e1:88:ae:
         6b:f6:98:25:f1:a2:5c:cd:41:61:ad:c9:1c:f6:b1:80:c0:b7:
         c0:c9:36:91
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIULYB/u0j7gW8fAA28WNFg6YlAClYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDIyMDA0MDE2WhcNMjUxMTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNGQ4Mjg0YjYyMDA0ZWM2MjBkNTFhMWE1MzMzNjVhZWU4
MDg1YjllNWNjYWQyODhlM2Q0YmMzMmE0OTEzZDE0MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCl4ibKC2BaeN1gG1UJHIw6HTKMycejdGXu8DKdE6yx+kly
4BSqHyNifJkjcjhNMKGjbzYEMCH2chPzUetCeP3OuueaN1aw1ffC76RnCVYAyVoU
xZnnIXEkTqK89ZXB0iRm3wo/MI/uj2x+B9AFMmEC4Yl8iR0EiBWxFUIZA7L9DNID
Ld3bZYBTnYF8ybvqmVYl/CYhOlY9SoZ1qz02Ynd2cToJqnfpoC6OjScL4EHji/xC
Nv9+gAWo3TUR6awKkEtCBfp96nuLciqBy3Bu2+oQ2Gyi775OqpnpkTXQza/dLG6c
iw82Jb0IfAlUWB0Av1NDyTEiWqZqVbQECdU1x0y5AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUdAVPcwAAF3XHn3A78Xkg8ITQPvwwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzAzOGJmYzE0LTcwZDAtNDg0NS04MGQ5LWVmMjBkODQ3MTRjNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPD78Q8wDQYJKoZIhvcNAQELBQADggEBABfd0w/vcpIACtR+ehO3jrFl
gGO6gESaIELFIGduxpGvyalOyCgahbulHusAOLdzPKK3mHnecgkBKF1ndDlwdqfV
qc+O5heUVf9CvGQ7rzrnrKQ7xufRN+o/zfccdpJnap5gB+LvUB6NfD3UxfMx2B1j
J1aMqhulJA4ySTw3Es3e8A5+TQSxbsV4jtp7wfe56RETmOWCulmp0fY62Jd9Ihie
Neo1AY21x59bVp6H2iqC785Af+U/YBWUAyT5/mTSpYclPKDpOESm5lGoB6Ybd3Eg
LJ7/lm4jBarI15K/rs6i2UQ+D+l7eOGIrmv2mCXxolzNQWGtyRz2sYDAt8DJNpE=
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:38:24 2025 by rpki-client