Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/56ee27f8-4518-41fe-86ac-ae8a2e2a410d.roa
File:                     56ee27f8-4518-41fe-86ac-ae8a2e2a410d.roa (raw, json)
Hash identifier:          OSEl28W4kSiwQDcWzCuZJIYH2u0SEWXy8cI9IsfbXSY=
Subject key identifier:   EA:D3:AD:40:8D:B1:12:D1:CC:07:1F:20:90:14:12:42:B7:70:8C:69
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       7478BD735D2EB250ED1C0EEA974AE4D23615EA35
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/56ee27f8-4518-41fe-86ac-ae8a2e2a410d.roa
Signing time:             Tue 17 Jun 2025 04:22:08 +0000
ROA not before:           Tue 17 Jun 2025 04:22:08 +0000
ROA not after:            Tue 22 Jul 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f0:4100::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 19 Jun 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:78:bd:73:5d:2e:b2:50:ed:1c:0e:ea:97:4a:e4:d2:36:15:ea:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jun 17 04:22:08 2025 GMT
            Not After : Jul 22 23:59:59 2025 GMT
        Subject: serialNumber=31d9827615985992e06de428bc2ac100df263bf1b24c3522d9fa0dbb01283e3f, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:24:bd:d2:af:c7:69:21:b3:e5:cb:19:03:47:
                    79:84:e9:e5:7c:82:ef:2b:16:db:5c:f0:96:b2:04:
                    f4:77:be:88:92:3f:84:c8:78:f7:99:cc:d7:f2:ea:
                    be:6f:d0:90:f7:c3:57:98:7e:74:eb:7e:69:de:4c:
                    ac:fc:d4:ec:1a:35:27:66:f3:28:37:86:39:c9:cc:
                    de:14:92:36:2d:71:7e:f9:18:cd:0f:25:cc:3b:9f:
                    6d:f3:db:f2:3f:b5:82:f2:72:d4:b3:35:ea:29:76:
                    87:04:63:ff:77:b0:1e:bf:dd:07:c0:b7:e9:02:86:
                    61:62:71:62:ae:05:bb:a9:8e:35:67:40:84:b8:59:
                    39:5e:90:14:69:d3:07:5b:4c:17:1f:4e:37:8b:dd:
                    60:21:0d:40:4c:5b:7d:fc:bd:f6:f1:39:d4:d6:97:
                    c4:4a:2a:21:80:e1:28:b0:b9:0b:34:40:e9:65:ba:
                    1b:4f:1d:16:4c:f8:25:eb:eb:05:9f:13:5f:50:f4:
                    7d:02:47:b3:41:ad:da:a4:d3:a8:05:ac:ba:1d:e0:
                    e2:4c:66:0a:0b:a8:2f:ea:99:15:70:82:35:bb:fe:
                    4b:25:33:29:f7:34:3d:6a:7c:27:71:ae:4c:4d:69:
                    82:8d:01:d5:b9:63:39:d2:69:d8:cf:a6:72:ff:60:
                    0d:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:D3:AD:40:8D:B1:12:D1:CC:07:1F:20:90:14:12:42:B7:70:8C:69
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/56ee27f8-4518-41fe-86ac-ae8a2e2a410d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:4100::/48

    Signature Algorithm: sha256WithRSAEncryption
         20:14:7d:e3:80:1d:ed:f2:8b:ff:12:a1:28:dd:18:7d:12:bd:
         c0:27:9b:e5:31:6c:e0:66:65:3f:0a:09:57:c5:5d:19:44:c7:
         ac:24:89:06:6d:a9:98:34:b5:2a:6a:73:b0:eb:06:14:d4:4d:
         df:a1:c6:95:ee:ed:64:b1:7c:a4:56:37:55:f1:a7:b6:8c:16:
         7c:38:e0:4d:9c:24:db:27:80:7d:ac:58:8d:c0:8f:3d:f3:ec:
         85:de:79:1a:e7:ab:d6:e5:0d:20:5e:d6:bd:62:23:f7:ae:5c:
         54:5f:7f:5a:3a:7e:6d:99:89:ae:be:75:6a:ad:9b:aa:b1:38:
         58:d3:7c:bf:35:08:6c:74:05:6b:42:eb:24:da:cc:8d:13:0a:
         ca:90:8d:2b:55:21:94:7e:72:cf:d6:68:5d:a2:6c:5a:45:d4:
         1c:4b:d2:1b:97:cd:ab:3f:6f:98:94:95:b3:86:22:fe:07:0a:
         de:29:b8:66:18:b0:db:9e:a6:35:ae:10:2d:75:06:55:2c:20:
         57:88:1d:80:9c:c2:71:c0:09:ef:8d:05:af:e9:43:d4:09:85:
         cc:0d:5f:71:b6:b9:ee:7d:5c:b1:cb:7b:e6:8d:19:49:cb:d8:
         e4:f2:0d:38:dd:6b:50:46:76:17:2a:d4:31:ba:62:f4:1d:89:
         a0:c8:20:a8
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUdHi9c10uslDtHA7ql0rk0jYV6jUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNjE3MDQyMjA4WhcNMjUwNzIyMjM1OTU5
WjB6MUkwRwYDVQQFE0AzMWQ5ODI3NjE1OTg1OTkyZTA2ZGU0MjhiYzJhYzEwMGRm
MjYzYmYxYjI0YzM1MjJkOWZhMGRiYjAxMjgzZTNmMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7JL3Sr8dpIbPlyxkDR3mE6eV8gu8rFttc8JayBPR3voiS
P4TIePeZzNfy6r5v0JD3w1eYfnTrfmneTKz81OwaNSdm8yg3hjnJzN4UkjYtcX75
GM0PJcw7n23z2/I/tYLyctSzNeopdocEY/93sB6/3QfAt+kChmFicWKuBbupjjVn
QIS4WTlekBRp0wdbTBcfTjeL3WAhDUBMW338vfbxOdTWl8RKKiGA4SiwuQs0QOll
uhtPHRZM+CXr6wWfE19Q9H0CR7NBrdqk06gFrLod4OJMZgoLqC/qmRVwgjW7/ksl
Myn3ND1qfCdxrkxNaYKNAdW5YznSadjPpnL/YA1VAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU6tOtQI2xEtHMBx8gkBQSQrdwjGkwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzU2ZWUyN2Y4LTQ1MTgtNDFmZS04NmFjLWFlOGEyZTJhNDEwZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwQQAwDQYJKoZIhvcNAQELBQADggEBACAUfeOAHe3yi/8SoSjdGH0S
vcAnm+UxbOBmZT8KCVfFXRlEx6wkiQZtqZg0tSpqc7DrBhTUTd+hxpXu7WSxfKRW
N1Xxp7aMFnw44E2cJNsngH2sWI3Ajz3z7IXeeRrnq9blDSBe1r1iI/euXFRff1o6
fm2Zia6+dWqtm6qxOFjTfL81CGx0BWtC6yTazI0TCsqQjStVIZR+cs/WaF2ibFpF
1BxL0huXzas/b5iUlbOGIv4HCt4puGYYsNuepjWuEC11BlUsIFeIHYCcwnHACe+N
Ba/pQ9QJhcwNX3G2ue59XLHLe+aNGUnL2OTyDTjda1BGdhcq1DG6YvQdiaDIIKg=
-----END CERTIFICATE-----
Generated at Wed Jun 18 10:59:42 2025 by rpki-client