Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5362b40e-d987-4a9d-8f30-59c3b7075db1.roa
File:                     5362b40e-d987-4a9d-8f30-59c3b7075db1.roa (raw, json)
Hash identifier:          HEr2smIvN4cQ4nrGraII0JiCFNMJUBZqHXDfUMwYvpY=
Subject key identifier:   8D:79:45:E6:83:23:55:D1:49:5D:CD:7A:4B:3D:05:4D:F1:51:85:37
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       1BD672D2BFBD2215DA19DCBE582F80BE19928468
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5362b40e-d987-4a9d-8f30-59c3b7075db1.roa
Signing time:             Tue 05 Aug 2025 18:30:44 +0000
ROA not before:           Tue 05 Aug 2025 18:30:44 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:5530::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:d6:72:d2:bf:bd:22:15:da:19:dc:be:58:2f:80:be:19:92:84:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Aug  5 18:30:44 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=d164d244a6fe5d7f7ed84cac69655e04f75de936daf40f51c6f21a5f412a2dc4, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:33:9f:47:ae:f3:bf:8b:26:2e:85:28:01:1d:
                    13:97:28:bc:9e:9a:96:09:a9:c0:ab:5a:20:c0:99:
                    9f:50:5b:92:b0:d6:48:10:1c:90:3a:c7:4a:10:ae:
                    b8:53:48:dc:72:c1:0e:8f:2c:74:9a:dc:35:5a:b9:
                    5f:b7:d6:77:02:83:c3:a4:c3:b5:d3:4a:9b:56:b1:
                    44:80:8f:68:90:6b:14:e7:44:3d:0e:b3:cf:ad:65:
                    6a:31:3a:29:97:ff:26:9b:74:e9:c4:62:9f:10:4e:
                    e9:d9:b2:bd:4f:b0:9f:7b:60:35:1b:1b:89:e9:19:
                    b6:ad:b5:bc:16:b1:00:3b:ba:72:7a:fe:58:08:d6:
                    2a:42:b4:a9:d3:44:04:bc:66:b5:28:be:c6:0a:2e:
                    52:f6:4f:56:53:46:ff:4a:84:98:7d:b9:f5:80:26:
                    90:45:c5:7a:9b:4e:7a:0e:9d:34:28:db:9c:3e:00:
                    bc:97:1a:34:ed:37:b8:9a:80:8d:af:39:fc:29:4d:
                    24:81:cf:98:c8:85:26:40:87:55:8d:0c:89:29:0f:
                    31:3b:8b:f3:ef:25:27:95:74:a9:6b:6d:54:a3:09:
                    75:07:db:55:7d:59:4d:f4:11:e9:f2:4e:d3:5f:fd:
                    54:d7:85:9e:f5:77:c8:8a:5c:0d:7a:92:fd:b1:7a:
                    18:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:79:45:E6:83:23:55:D1:49:5D:CD:7A:4B:3D:05:4D:F1:51:85:37
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5362b40e-d987-4a9d-8f30-59c3b7075db1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:5530::/44

    Signature Algorithm: sha256WithRSAEncryption
         11:67:07:de:ea:16:b1:c1:42:60:29:b3:5b:4a:b0:f1:a3:13:
         ee:6c:99:a6:bf:22:f6:76:6d:73:7e:79:c6:27:86:8c:51:88:
         45:5c:0f:34:9e:93:d8:4b:4e:9c:bb:92:5f:39:70:d7:d3:f1:
         59:c8:58:27:13:67:60:61:37:79:9b:c4:43:26:d1:ef:7b:29:
         02:75:e1:5f:94:ed:9e:bc:a1:03:e7:4e:c1:3e:c5:c1:75:09:
         68:df:cb:58:37:e7:44:75:a6:e2:10:74:69:1e:c0:c7:94:bb:
         1e:c8:4e:3d:3c:52:86:49:0b:08:18:5f:c2:2d:26:b0:c0:c8:
         67:fb:25:11:dd:0b:da:ea:df:38:1f:6a:e1:9f:26:c9:43:62:
         74:9b:60:e3:dd:03:2e:9d:ed:5c:f3:1d:e7:7f:fd:1a:84:88:
         57:3a:f3:d8:72:a9:13:4e:0b:d9:a3:40:30:a3:a0:05:0a:a7:
         7c:2b:80:3e:f0:38:32:d5:21:ba:45:bd:cb:5f:fb:75:41:0a:
         bb:49:61:72:48:39:cb:21:1b:48:56:73:a3:4c:6e:94:b9:2e:
         25:15:cb:8e:c2:2a:e2:7f:7a:5c:c8:13:0e:2e:73:c8:d1:c2:
         1a:d1:90:09:bb:b5:0a:d4:11:fa:d5:e1:f7:c3:72:4b:79:dd:
         82:7b:33:66
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUG9Zy0r+9IhXaGdy+WC+AvhmShGgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwODA1MTgzMDQ0WhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BkMTY0ZDI0NGE2ZmU1ZDdmN2VkODRjYWM2OTY1NWUwNGY3
NWRlOTM2ZGFmNDBmNTFjNmYyMWE1ZjQxMmEyZGM0MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdM59HrvO/iyYuhSgBHROXKLyempYJqcCrWiDAmZ9QW5Kw
1kgQHJA6x0oQrrhTSNxywQ6PLHSa3DVauV+31ncCg8Okw7XTSptWsUSAj2iQaxTn
RD0Os8+tZWoxOimX/yabdOnEYp8QTunZsr1PsJ97YDUbG4npGbattbwWsQA7unJ6
/lgI1ipCtKnTRAS8ZrUovsYKLlL2T1ZTRv9KhJh9ufWAJpBFxXqbTnoOnTQo25w+
ALyXGjTtN7iagI2vOfwpTSSBz5jIhSZAh1WNDIkpDzE7i/PvJSeVdKlrbVSjCXUH
21V9WU30EenyTtNf/VTXhZ71d8iKXA16kv2xehgLAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUjXlF5oMjVdFJXc16Sz0FTfFRhTcwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzUzNjJiNDBlLWQ5ODctNGE5ZC04ZjMwLTU5YzNiNzA3NWRiMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmAPDwVTAwDQYJKoZIhvcNAQELBQADggEBABFnB97qFrHBQmAps1tKsPGj
E+5smaa/IvZ2bXN+ecYnhoxRiEVcDzSek9hLTpy7kl85cNfT8VnIWCcTZ2BhN3mb
xEMm0e97KQJ14V+U7Z68oQPnTsE+xcF1CWjfy1g350R1puIQdGkewMeUux7ITj08
UoZJCwgYX8ItJrDAyGf7JRHdC9rq3zgfauGfJslDYnSbYOPdAy6d7VzzHed//RqE
iFc689hyqRNOC9mjQDCjoAUKp3wrgD7wODLVIbpFvctf+3VBCrtJYXJIOcshG0hW
c6NMbpS5LiUVy47CKuJ/elzIEw4uc8jRwhrRkAm7tQrUEfrV4ffDckt53YJ7M2Y=
-----END CERTIFICATE-----
Generated at Wed Aug 6 10:14:23 2025 by rpki-client