Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/529e132d-0c8c-4ca3-bafc-0927932483fd.roa
File:                     529e132d-0c8c-4ca3-bafc-0927932483fd.roa (raw, json)
Hash identifier:          6O8H4c8mnKoFxy8eXVW8Om1MUaxjg1P5+7eWByPlFF0=
Subject key identifier:   72:F3:B3:5B:4A:12:24:6F:4A:69:94:43:EB:E8:7A:E5:57:15:FD:93
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       216966CC7C211E59D4DDD212CCAD0CB97910D3FC
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/529e132d-0c8c-4ca3-bafc-0927932483fd.roa
Signing time:             Tue 05 Aug 2025 18:40:11 +0000
ROA not before:           Tue 05 Aug 2025 18:40:11 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:e000::/36 maxlen: 36
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:69:66:cc:7c:21:1e:59:d4:dd:d2:12:cc:ad:0c:b9:79:10:d3:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Aug  5 18:40:11 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=fdab3a48d66faec126ecfd657253a3919fca5da17da15d9e2f76eab4ac1e5668, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:c3:39:c2:ab:5a:8d:e9:ba:23:fe:c4:a0:17:
                    3a:1a:d8:ce:39:44:98:e8:4f:d0:09:bb:07:12:28:
                    f7:8e:67:1c:3b:75:76:a8:c9:51:07:08:11:79:7e:
                    98:29:e8:55:af:b9:b8:c7:bd:6a:e7:8f:02:bc:e7:
                    7d:d6:e3:a8:33:d3:3c:b7:1d:c8:66:ea:43:8c:23:
                    6f:04:41:b8:35:1c:a1:22:1d:30:2b:84:82:ff:09:
                    0f:25:a8:48:e8:d7:08:e6:a2:d5:6f:95:37:30:5a:
                    07:1d:80:68:b0:70:e2:a5:c9:ed:b0:00:80:5c:b1:
                    21:03:1f:b0:b0:40:19:a6:ed:4b:cd:90:6b:1c:40:
                    7a:53:34:ca:4a:46:14:88:0d:1c:75:28:a7:aa:78:
                    03:b5:2e:29:79:3f:6c:77:da:97:11:c3:34:32:6e:
                    a2:37:7a:9a:ff:f2:b8:f7:40:76:f8:0a:d0:6f:1e:
                    b8:bd:cb:b2:03:9e:71:8b:a9:d6:08:e9:8b:69:42:
                    4b:7f:f7:17:51:fb:16:d9:3e:f5:1f:5b:0d:70:3a:
                    17:78:17:78:3f:b8:53:64:ca:6f:84:ea:6a:91:a3:
                    47:62:86:58:a2:c7:f5:e0:f6:62:d0:95:cd:d3:18:
                    ca:e3:1b:cd:5b:27:d8:09:c6:6b:17:23:fa:06:06:
                    ed:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:F3:B3:5B:4A:12:24:6F:4A:69:94:43:EB:E8:7A:E5:57:15:FD:93
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/529e132d-0c8c-4ca3-bafc-0927932483fd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:e000::/36

    Signature Algorithm: sha256WithRSAEncryption
         26:ab:04:3c:8e:1b:6e:03:08:05:37:24:5a:43:04:66:82:91:
         04:31:cd:66:55:d8:89:a9:18:91:6e:78:40:41:35:67:7b:fd:
         85:f8:9c:c1:e4:ea:da:38:fa:74:ed:18:25:6d:59:6b:05:d1:
         ca:2d:31:c9:33:0b:e1:91:43:61:e1:ad:9c:af:74:97:99:2d:
         8f:23:b3:c3:81:bf:02:92:a6:e4:fd:87:d4:c0:61:d2:79:94:
         5b:45:4b:af:27:41:18:51:d8:33:51:cf:2e:5b:bd:d9:f6:16:
         be:f8:42:f1:21:db:e7:fa:70:4f:b1:b7:35:c4:0d:39:f1:4a:
         c9:83:8c:92:64:2f:0d:bf:51:39:e1:c4:a5:08:0d:1d:63:a0:
         e5:64:13:b8:46:63:ba:71:58:9c:05:e9:18:51:f9:2b:48:d2:
         c6:93:89:02:d3:6c:37:c3:57:c5:19:37:cf:fa:11:83:99:68:
         45:3c:ca:5d:f1:28:7b:b2:2f:bb:15:f0:14:59:40:ef:38:40:
         95:93:1d:dd:ee:91:bb:ff:30:c0:3f:7f:b7:66:16:30:f7:16:
         34:d2:a4:fb:be:56:11:64:c0:14:25:84:8f:5d:d0:a2:4a:28:
         fe:89:5d:53:9b:93:bc:91:a0:87:d9:5d:26:0b:4f:35:eb:4a:
         d0:04:8e:7d
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUIWlmzHwhHlnU3dISzK0MuXkQ0/wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwODA1MTg0MDExWhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BmZGFiM2E0OGQ2NmZhZWMxMjZlY2ZkNjU3MjUzYTM5MTlm
Y2E1ZGExN2RhMTVkOWUyZjc2ZWFiNGFjMWU1NjY4MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZwznCq1qN6boj/sSgFzoa2M45RJjoT9AJuwcSKPeOZxw7
dXaoyVEHCBF5fpgp6FWvubjHvWrnjwK8533W46gz0zy3Hchm6kOMI28EQbg1HKEi
HTArhIL/CQ8lqEjo1wjmotVvlTcwWgcdgGiwcOKlye2wAIBcsSEDH7CwQBmm7UvN
kGscQHpTNMpKRhSIDRx1KKeqeAO1Lil5P2x32pcRwzQybqI3epr/8rj3QHb4CtBv
Hri9y7IDnnGLqdYI6YtpQkt/9xdR+xbZPvUfWw1wOhd4F3g/uFNkym+E6mqRo0di
hliix/Xg9mLQlc3TGMrjG81bJ9gJxmsXI/oGBu37AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUcvOzW0oSJG9KaZRD6+h65VcV/ZMwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzUyOWUxMzJkLTBjOGMtNGNhMy1iYWZjLTA5Mjc5MzI0ODNmZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAPD74DANBgkqhkiG9w0BAQsFAAOCAQEAJqsEPI4bbgMIBTckWkMEZoKR
BDHNZlXYiakYkW54QEE1Z3v9hficweTq2jj6dO0YJW1ZawXRyi0xyTML4ZFDYeGt
nK90l5ktjyOzw4G/ApKm5P2H1MBh0nmUW0VLrydBGFHYM1HPLlu92fYWvvhC8SHb
5/pwT7G3NcQNOfFKyYOMkmQvDb9ROeHEpQgNHWOg5WQTuEZjunFYnAXpGFH5K0jS
xpOJAtNsN8NXxRk3z/oRg5loRTzKXfEoe7IvuxXwFFlA7zhAlZMd3e6Ru/8wwD9/
t2YWMPcWNNKk+75WEWTAFCWEj13Qokoo/oldU5uTvJGgh9ldJgtPNetK0ASOfQ==
-----END CERTIFICATE-----
Generated at Wed Aug 6 00:51:40 2025 by rpki-client