Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/4f5d9525-0193-4993-b222-48d2585ae7fa.roa
File:                     4f5d9525-0193-4993-b222-48d2585ae7fa.roa (raw, json)
Hash identifier:          koxYikudC0aflTAjedgymQKr9rF6t463kNy8m72Jxh0=
Subject key identifier:   11:74:B7:64:B5:4E:F3:D2:EB:00:9D:F7:BE:86:4F:0F:B5:5C:89:76
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       7A1B9A5C38817DA4886A7D40E17B9425A93AB6C5
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/4f5d9525-0193-4993-b222-48d2585ae7fa.roa
Signing time:             Fri 24 Oct 2025 00:20:10 +0000
ROA not before:           Fri 24 Oct 2025 00:20:10 +0000
ROA not after:            Fri 28 Nov 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:f0fb:f000::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 07 Nov 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:1b:9a:5c:38:81:7d:a4:88:6a:7d:40:e1:7b:94:25:a9:3a:b6:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Oct 24 00:20:10 2025 GMT
            Not After : Nov 28 23:59:59 2025 GMT
        Subject: serialNumber=5d4c1c6a6aa877ceecbdb84f0162e5b6ea21aaa0a0cb20b34d9ca05f41fa21db, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:5a:9f:12:6e:60:84:f2:44:ee:0b:0b:ad:a4:
                    2a:89:1d:a5:83:6f:88:ed:31:13:13:13:de:de:1e:
                    ec:f8:b7:fc:86:53:34:0d:3c:e5:21:be:dd:1c:1e:
                    03:b9:f4:9d:8e:ff:79:0e:8d:67:23:1f:28:13:c6:
                    b6:41:d0:88:c2:c6:7b:fd:6e:75:4c:12:e8:b8:df:
                    70:66:f7:fd:4e:81:bb:5f:75:79:29:69:55:f2:78:
                    26:9a:76:17:b4:17:56:ae:a5:0a:0d:ab:ad:5a:6b:
                    a3:61:6c:83:46:cb:34:eb:61:55:b0:ba:b4:b1:fb:
                    1e:c8:69:53:d3:9f:b7:81:84:2c:47:8c:e5:0e:ed:
                    29:24:bd:bf:cf:af:e1:79:de:2d:33:a3:a3:0a:10:
                    30:28:40:5e:17:6e:92:e8:02:a4:b7:b0:c5:31:7a:
                    90:66:b9:73:a5:2b:c7:5f:04:9b:de:bd:ff:76:44:
                    c2:40:ae:68:7e:d1:c3:a6:df:38:c6:62:2c:08:f7:
                    45:a7:8c:cc:fa:5e:d9:03:4f:66:b4:b6:43:04:33:
                    55:63:83:ad:ef:5e:63:8e:4a:32:5d:2c:59:d1:75:
                    c1:c5:b3:5f:6b:76:22:f6:7d:09:47:c9:be:cb:4c:
                    c4:b8:2f:30:dc:48:79:12:f5:1f:34:cd:1e:ef:48:
                    c6:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:74:B7:64:B5:4E:F3:D2:EB:00:9D:F7:BE:86:4F:0F:B5:5C:89:76
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/4f5d9525-0193-4993-b222-48d2585ae7fa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:f000::/44

    Signature Algorithm: sha256WithRSAEncryption
         17:df:98:8e:d9:4d:68:f5:5e:e8:78:23:c0:1b:ec:23:1a:f5:
         da:e9:ae:4f:e8:bd:96:66:2f:5d:3a:f0:0b:bc:b3:db:e6:a3:
         91:eb:85:14:7e:e6:40:a6:ee:4c:25:41:53:8f:84:e5:92:93:
         4a:3a:47:85:a4:ab:cc:f0:85:38:5f:c6:9a:59:89:00:a4:58:
         91:08:3d:2f:84:f1:25:14:fb:4d:94:15:7d:d3:4b:52:7e:29:
         be:0f:80:0b:90:d2:a5:67:12:95:61:76:e1:68:bc:39:ee:30:
         4d:93:1b:9c:86:cb:9f:05:d8:7c:66:f8:e6:9d:3a:e6:8d:fa:
         7e:9b:5d:92:92:7d:e0:66:bb:ce:79:bc:86:15:fe:cf:5e:b4:
         a9:86:0e:79:00:55:53:45:91:5a:36:0b:b0:2a:3b:6c:ff:c8:
         c3:78:5b:39:32:c4:07:a2:1c:33:d4:93:1b:0b:42:00:3c:42:
         17:52:a5:35:d0:71:48:e3:b2:14:ec:88:fc:a7:c5:36:6d:78:
         68:57:ae:6e:59:4f:4f:b3:8b:6b:6b:89:33:fd:d4:c2:e6:bf:
         88:be:2a:20:9e:52:1b:5e:ba:68:68:b6:ac:a1:f4:ab:45:00:
         1f:d8:fd:fa:54:15:da:67:59:fd:6a:8d:75:94:14:b3:00:43:
         0b:66:f2:33
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUehuaXDiBfaSIan1A4XuUJak6tsUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDI0MDAyMDEwWhcNMjUxMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZDRjMWM2YTZhYTg3N2NlZWNiZGI4NGYwMTYyZTViNmVh
MjFhYWEwYTBjYjIwYjM0ZDljYTA1ZjQxZmEyMWRiMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxWp8SbmCE8kTuCwutpCqJHaWDb4jtMRMTE97eHuz4t/yG
UzQNPOUhvt0cHgO59J2O/3kOjWcjHygTxrZB0IjCxnv9bnVMEui433Bm9/1Ogbtf
dXkpaVXyeCaadhe0F1aupQoNq61aa6NhbINGyzTrYVWwurSx+x7IaVPTn7eBhCxH
jOUO7Skkvb/Pr+F53i0zo6MKEDAoQF4XbpLoAqS3sMUxepBmuXOlK8dfBJvevf92
RMJArmh+0cOm3zjGYiwI90WnjMz6XtkDT2a0tkMEM1Vjg63vXmOOSjJdLFnRdcHF
s19rdiL2fQlHyb7LTMS4LzDcSHkS9R80zR7vSMZfAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUEXS3ZLVO89LrAJ33voZPD7VciXYwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzRmNWQ5NTI1LTAxOTMtNDk5My1iMjIyLTQ4ZDI1ODVhZTdmYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmAPD78AAwDQYJKoZIhvcNAQELBQADggEBABffmI7ZTWj1Xuh4I8Ab7CMa
9drprk/ovZZmL1068Au8s9vmo5HrhRR+5kCm7kwlQVOPhOWSk0o6R4Wkq8zwhThf
xppZiQCkWJEIPS+E8SUU+02UFX3TS1J+Kb4PgAuQ0qVnEpVhduFovDnuME2TG5yG
y58F2Hxm+OadOuaN+n6bXZKSfeBmu855vIYV/s9etKmGDnkAVVNFkVo2C7AqO2z/
yMN4WzkyxAeiHDPUkxsLQgA8QhdSpTXQcUjjshTsiPynxTZteGhXrm5ZT0+zi2tr
iTP91MLmv4i+KiCeUhteumhotqyh9KtFAB/Y/fpUFdpnWf1qjXWUFLMAQwtm8jM=
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:41:26 2025 by rpki-client