Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/60ba2726-e7de-4e0c-acfb-e096c701569c.roa
File:                     60ba2726-e7de-4e0c-acfb-e096c701569c.roa (raw, json)
Hash identifier:          TeRO6TcB1wfwv7VUDGNRDPkzmktBVNNBW34eZQsPEHk=
Subject key identifier:   3B:66:42:D9:7F:4F:3C:89:22:2C:FC:DE:15:1A:F1:D0:38:7B:30:67
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       589F1FE5A0E6F44B5A09D0A793BAA092AD4E5409
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/60ba2726-e7de-4e0c-acfb-e096c701569c.roa
Signing time:             Sat 12 Jul 2025 00:40:18 +0000
ROA not before:           Sat 12 Jul 2025 00:40:18 +0000
ROA not after:            Sat 16 Aug 2025 23:59:59 +0000
asID:                     7224
IP address blocks:        2600:f0f0:5501::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 05 Aug 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:9f:1f:e5:a0:e6:f4:4b:5a:09:d0:a7:93:ba:a0:92:ad:4e:54:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jul 12 00:40:18 2025 GMT
            Not After : Aug 16 23:59:59 2025 GMT
        Subject: serialNumber=804be78773ee7e13483eeab9c46c76dcb796466a827f4c702e1aef0fea052651, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:22:c1:3e:22:87:99:68:a0:4d:dd:e1:7b:86:
                    ed:c6:05:bb:16:84:5e:3b:51:39:35:30:69:55:69:
                    bc:72:36:ec:d8:00:e1:cf:44:6b:8c:b0:41:34:a0:
                    6e:0c:e8:07:69:51:6c:1e:8b:11:a9:02:f2:ae:6d:
                    b1:88:14:16:28:46:c8:98:cc:02:3e:77:1e:38:03:
                    7a:95:32:ba:ff:51:cd:32:2c:73:6e:a8:4c:f9:0f:
                    79:59:cc:d8:4f:b8:75:b0:f9:62:d2:0e:53:4d:7f:
                    ae:f0:f9:9d:17:50:d9:f4:6b:73:eb:84:3c:1d:3f:
                    28:55:cb:f3:6d:bc:77:7b:e4:78:f6:f9:51:9a:55:
                    d1:ac:80:c0:73:f2:3d:d6:b5:dd:cc:dc:3d:58:5e:
                    1a:52:39:15:45:c5:33:44:21:de:49:6e:d3:f5:b2:
                    09:7c:53:fd:c7:e1:4a:45:d9:37:cf:48:b2:50:2d:
                    04:fb:fc:77:f7:1e:0c:7b:ae:c7:cc:5e:0a:7f:0f:
                    3b:da:e2:d4:91:82:e0:f1:90:eb:e9:56:cd:0d:42:
                    18:58:a6:45:34:6a:81:cc:07:1c:ad:eb:c1:78:81:
                    12:b3:76:7d:80:95:45:08:ac:7f:8b:fb:3e:db:ae:
                    6f:45:df:81:41:e3:9f:bb:4f:95:11:66:15:b3:26:
                    0c:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:66:42:D9:7F:4F:3C:89:22:2C:FC:DE:15:1A:F1:D0:38:7B:30:67
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/60ba2726-e7de-4e0c-acfb-e096c701569c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:5501::/48

    Signature Algorithm: sha256WithRSAEncryption
         1d:70:a9:45:6a:e1:bf:d4:96:c9:1e:3b:e7:30:76:9c:2b:4c:
         dc:ee:13:fa:2b:18:9e:ac:1e:9a:7d:02:64:61:13:2e:2f:6b:
         76:70:f4:68:64:f4:bb:da:a8:48:3d:be:d8:1a:94:05:24:54:
         44:f4:b4:b8:b4:97:d8:1d:65:7e:92:fe:98:cf:9b:ac:f7:83:
         2c:e0:7f:f7:84:c3:53:c7:93:e1:d5:62:68:3e:17:e4:d7:45:
         9a:49:92:4c:02:9b:e3:48:43:ea:ca:20:96:69:c4:61:9e:10:
         1c:6e:96:63:c3:6a:78:41:dc:57:25:fc:b2:a3:ab:d9:a7:ab:
         b9:e6:f2:c4:b8:cb:3e:f4:db:fc:30:d6:fb:9c:cb:9b:55:ed:
         f2:af:3b:b1:b5:ec:e5:1e:d6:bf:3a:90:2a:79:67:b0:8e:df:
         f7:cf:e2:08:79:7a:e9:23:5f:89:08:b4:f1:ac:79:3e:58:5a:
         08:60:b3:01:c3:e1:06:89:26:6a:0f:69:2e:87:4b:95:9b:34:
         18:a7:ab:c1:dd:bf:66:9d:b0:fc:9b:c1:37:71:12:95:38:5d:
         1d:d1:2b:99:50:92:88:c4:d8:a2:1a:07:82:c5:50:f5:62:bf:
         05:7b:75:df:1e:f3:f7:b1:d1:f9:3c:c6:76:39:29:0b:25:46:
         84:fd:08:42
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUWJ8f5aDm9EtaCdCnk7qgkq1OVAkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNzEyMDA0MDE4WhcNMjUwODE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A4MDRiZTc4NzczZWU3ZTEzNDgzZWVhYjljNDZjNzZkY2I3
OTY0NjZhODI3ZjRjNzAyZTFhZWYwZmVhMDUyNjUxMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXIsE+IoeZaKBN3eF7hu3GBbsWhF47UTk1MGlVabxyNuzY
AOHPRGuMsEE0oG4M6AdpUWweixGpAvKubbGIFBYoRsiYzAI+dx44A3qVMrr/Uc0y
LHNuqEz5D3lZzNhPuHWw+WLSDlNNf67w+Z0XUNn0a3PrhDwdPyhVy/NtvHd75Hj2
+VGaVdGsgMBz8j3Wtd3M3D1YXhpSORVFxTNEId5JbtP1sgl8U/3H4UpF2TfPSLJQ
LQT7/Hf3Hgx7rsfMXgp/Dzva4tSRguDxkOvpVs0NQhhYpkU0aoHMBxyt68F4gRKz
dn2AlUUIrH+L+z7brm9F34FB45+7T5URZhWzJgy5AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUO2ZC2X9PPIkiLPzeFRrx0Dh7MGcwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzYwYmEyNzI2LWU3ZGUtNGUwYy1hY2ZiLWUwOTZjNzAxNTY5Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVQEwDQYJKoZIhvcNAQELBQADggEBAB1wqUVq4b/UlskeO+cwdpwr
TNzuE/orGJ6sHpp9AmRhEy4va3Zw9Ghk9LvaqEg9vtgalAUkVET0tLi0l9gdZX6S
/pjPm6z3gyzgf/eEw1PHk+HVYmg+F+TXRZpJkkwCm+NIQ+rKIJZpxGGeEBxulmPD
anhB3Fcl/LKjq9mnq7nm8sS4yz702/ww1vucy5tV7fKvO7G17OUe1r86kCp5Z7CO
3/fP4gh5eukjX4kItPGseT5YWghgswHD4QaJJmoPaS6HS5WbNBinq8Hdv2adsPyb
wTdxEpU4XR3RK5lQkojE2KIaB4LFUPVivwV7dd8e8/ex0fk8xnY5KQslRoT9CEI=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:52:21 2025 by rpki-client