Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/1df4a82a-0875-47b6-9fc0-b67c097bc45c.roa
File:                     1df4a82a-0875-47b6-9fc0-b67c097bc45c.roa (raw, json)
Hash identifier:          waKuNuExLaW9KmXG9PKlw9miu/hh31+iudseA7W1sbA=
Subject key identifier:   A8:DF:B5:ED:7F:34:6C:32:0D:9C:4A:91:E8:ED:C4:4D:A0:8F:D7:67
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       206E3562F574D65F0032F65ECAF94AAB432E03FD
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/1df4a82a-0875-47b6-9fc0-b67c097bc45c.roa
Signing time:             Mon 14 Jul 2025 15:30:43 +0000
ROA not before:           Mon 14 Jul 2025 15:30:43 +0000
ROA not after:            Mon 18 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f1:8800::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:6e:35:62:f5:74:d6:5f:00:32:f6:5e:ca:f9:4a:ab:43:2e:03:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jul 14 15:30:43 2025 GMT
            Not After : Aug 18 23:59:59 2025 GMT
        Subject: serialNumber=f19a259cfa1b7a90a6e220537c927a42518472e05b76cb780c16e27ad610ba05, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:f9:79:5b:1d:ae:fe:e3:3f:41:2a:2e:5f:b0:
                    2e:57:83:5a:98:fd:c1:d5:40:83:8e:16:12:12:0f:
                    63:47:5a:c0:e8:e9:38:e9:c8:92:0f:30:53:ed:7f:
                    f9:02:03:e0:a7:e1:12:19:3a:2f:43:63:1a:7b:54:
                    aa:bc:8f:bc:a9:0d:51:0c:41:dd:ce:da:34:8f:04:
                    95:f3:1a:e0:f9:f0:60:30:a1:fa:90:af:0c:18:16:
                    f8:05:86:7f:7f:02:e6:b4:ec:ca:85:44:24:c7:9b:
                    ab:5c:e0:cc:ff:2c:63:c5:a0:b9:3d:6c:52:c8:c4:
                    e8:ac:6f:fe:89:34:23:20:43:b9:9b:d0:b2:eb:17:
                    5a:49:94:83:b9:23:a3:0d:fd:fe:2d:53:7e:ac:8a:
                    eb:0f:df:bc:6d:50:1c:a7:80:1d:22:76:e6:51:9f:
                    12:58:ba:6b:8f:05:ff:1c:32:b8:55:11:b8:33:bf:
                    23:7d:ac:f7:a3:60:ea:a7:ee:05:90:46:3f:ad:ac:
                    91:54:1d:69:c1:74:1d:83:be:24:10:f7:d2:b6:1e:
                    0f:e3:44:9b:07:f9:cb:06:5a:58:f8:72:70:20:8b:
                    15:bc:7f:fc:b0:5a:72:06:bd:2a:59:c2:a3:9e:78:
                    8d:4b:df:62:8f:8d:7c:25:08:55:f2:57:c8:5f:59:
                    64:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:DF:B5:ED:7F:34:6C:32:0D:9C:4A:91:E8:ED:C4:4D:A0:8F:D7:67
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/1df4a82a-0875-47b6-9fc0-b67c097bc45c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f1:8800::/40

    Signature Algorithm: sha256WithRSAEncryption
         02:75:03:f9:7b:7a:b2:2d:44:7c:05:bf:40:74:81:b0:9d:cc:
         12:5c:ff:0b:60:e6:6b:bd:5d:6a:ce:ee:02:6d:6f:4e:65:eb:
         68:3f:fc:89:26:99:e4:10:f0:4d:a5:8d:0e:bc:77:42:b7:0b:
         ef:c4:68:85:24:33:c8:eb:3f:96:10:68:38:44:d9:4a:f6:c2:
         97:a5:e3:4e:88:ef:d8:08:81:19:05:0e:b0:28:96:a9:1e:f0:
         76:48:17:b5:fb:46:44:16:ee:56:54:ba:1c:ff:25:09:7c:54:
         7c:1f:c8:07:ce:14:ed:73:80:d9:41:77:c9:e9:39:e2:45:93:
         98:53:26:17:b2:14:4f:c7:5f:4f:81:3d:b0:63:b5:a4:71:16:
         b3:db:73:f2:0a:b7:72:2a:10:a5:09:7e:98:07:a0:3d:da:f5:
         1f:b0:c6:a4:2c:96:fc:84:e8:d7:f8:4b:ca:51:33:60:3e:23:
         5b:50:eb:81:a6:85:9d:c6:c1:12:2c:d4:fb:7f:2a:18:0b:b2:
         e1:2d:cb:aa:3e:98:f3:32:0f:c8:df:79:74:0c:e6:d2:23:4d:
         c3:6c:2f:e2:2d:e3:95:b1:23:ab:82:51:41:96:0c:19:c8:e4:
         44:1f:8a:a0:0c:d9:6a:be:fd:d3:f8:15:3f:e3:39:94:d7:9c:
         a5:bd:ab:60
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUIG41YvV01l8AMvZeyvlKq0MuA/0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNzE0MTUzMDQzWhcNMjUwODE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMTlhMjU5Y2ZhMWI3YTkwYTZlMjIwNTM3YzkyN2E0MjUx
ODQ3MmUwNWI3NmNiNzgwYzE2ZTI3YWQ2MTBiYTA1MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDC+XlbHa7+4z9BKi5fsC5Xg1qY/cHVQIOOFhISD2NHWsDo
6TjpyJIPMFPtf/kCA+Cn4RIZOi9DYxp7VKq8j7ypDVEMQd3O2jSPBJXzGuD58GAw
ofqQrwwYFvgFhn9/Aua07MqFRCTHm6tc4Mz/LGPFoLk9bFLIxOisb/6JNCMgQ7mb
0LLrF1pJlIO5I6MN/f4tU36siusP37xtUByngB0iduZRnxJYumuPBf8cMrhVEbgz
vyN9rPejYOqn7gWQRj+trJFUHWnBdB2DviQQ99K2Hg/jRJsH+csGWlj4cnAgixW8
f/ywWnIGvSpZwqOeeI1L32KPjXwlCFXyV8hfWWQhAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUqN+17X80bDINnEqR6O3ETaCP12cwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzFkZjRhODJhLTA4NzUtNDdiNi05ZmMwLWI2N2MwOTdiYzQ1Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPDxiDANBgkqhkiG9w0BAQsFAAOCAQEAAnUD+Xt6si1EfAW/QHSBsJ3M
Elz/C2Dma71das7uAm1vTmXraD/8iSaZ5BDwTaWNDrx3QrcL78RohSQzyOs/lhBo
OETZSvbCl6XjTojv2AiBGQUOsCiWqR7wdkgXtftGRBbuVlS6HP8lCXxUfB/IB84U
7XOA2UF3yek54kWTmFMmF7IUT8dfT4E9sGO1pHEWs9tz8gq3cioQpQl+mAegPdr1
H7DGpCyW/ITo1/hLylEzYD4jW1DrgaaFncbBEizU+38qGAuy4S3Lqj6Y8zIPyN95
dAzm0iNNw2wv4i3jlbEjq4JRQZYMGcjkRB+KoAzZar790/gVP+M5lNecpb2rYA==
-----END CERTIFICATE-----
Generated at Wed Aug 6 05:30:03 2025 by rpki-client