Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/701f72a5-fb27-49ca-b3ad-3a60c7c30376.roa
File:                     701f72a5-fb27-49ca-b3ad-3a60c7c30376.roa (raw, json)
Hash identifier:          BvAy+fFEXMjpeqhXrJlJcstH/90i4imf38/+3PcIYbc=
Subject key identifier:   41:66:75:57:95:68:7A:8D:F0:DB:2C:AD:E5:C7:92:52:54:31:90:35
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       52F0802A1477CA9D77A5CAFDF8E562C61D4821EB
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/701f72a5-fb27-49ca-b3ad-3a60c7c30376.roa
Signing time:             Mon 28 Jul 2025 16:00:50 +0000
ROA not before:           Mon 28 Jul 2025 16:00:50 +0000
ROA not after:            Mon 01 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f2:7010::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 09 Aug 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:f0:80:2a:14:77:ca:9d:77:a5:ca:fd:f8:e5:62:c6:1d:48:21:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jul 28 16:00:50 2025 GMT
            Not After : Sep  1 23:59:59 2025 GMT
        Subject: serialNumber=c31626013143f05ad417068639b780030489353d211a9c5fdcb956e797b6b023, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:7c:93:62:94:73:3e:85:f2:71:f5:2d:c0:0a:
                    50:9a:47:1a:9b:88:c1:14:dc:35:da:dc:a8:a4:b8:
                    a9:b3:ef:69:55:60:bc:3e:8b:4f:25:29:81:85:f4:
                    69:dd:b8:60:22:6a:89:98:23:7b:d9:8f:f4:05:ea:
                    60:89:b2:8f:31:70:eb:2e:49:38:d4:fc:b4:ff:8a:
                    da:39:5c:21:17:b3:ae:70:02:97:64:aa:9a:fa:5e:
                    89:6f:a7:e6:26:4f:28:29:0c:fe:d4:d6:7e:4f:c1:
                    52:76:f6:cc:07:73:6f:14:bf:41:61:9c:46:a6:45:
                    82:70:1b:f7:00:2d:22:d9:28:96:1f:1c:9c:14:15:
                    36:de:b8:8a:65:25:a6:da:7f:b6:2e:ce:b1:96:91:
                    8d:3e:51:84:d3:a4:52:e6:dd:84:ac:b0:f9:4f:e5:
                    35:2b:f3:d5:ad:3e:d8:7e:93:44:e8:89:01:60:95:
                    2f:54:08:ed:e0:18:dd:06:f2:18:60:51:9b:fa:57:
                    89:65:35:e6:56:8e:a7:26:8d:30:b9:16:bc:5c:26:
                    cd:de:94:bf:e1:da:56:e0:af:a8:e1:5d:23:50:b1:
                    c9:bc:0e:3d:76:c2:1f:da:66:4b:dc:9a:1f:6c:e7:
                    dd:b3:56:53:45:bd:85:05:64:c0:a6:0c:78:ec:3a:
                    3c:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:66:75:57:95:68:7A:8D:F0:DB:2C:AD:E5:C7:92:52:54:31:90:35
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/701f72a5-fb27-49ca-b3ad-3a60c7c30376.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f2:7010::/48

    Signature Algorithm: sha256WithRSAEncryption
         37:9f:c1:61:8f:45:3b:0e:9f:7a:1d:f8:d3:b3:22:59:51:2f:
         09:4a:c3:45:22:24:99:30:42:d5:61:41:38:83:78:13:f0:c7:
         36:18:4f:b5:9c:94:7f:d9:7c:41:10:2b:b3:03:d5:bf:92:3c:
         8e:72:85:22:4c:f6:eb:11:ad:a2:99:e8:dc:e9:31:37:d9:98:
         3a:32:eb:ff:3b:1f:b2:0b:f1:62:82:47:07:e7:1e:d6:3b:d7:
         36:ca:c2:28:5c:11:9d:60:20:66:bd:d9:4c:9a:8b:35:74:72:
         75:43:00:3f:04:10:b4:1f:20:e7:62:9f:db:e5:aa:77:86:83:
         88:0c:bb:a6:a0:df:24:11:dd:c5:52:54:00:25:1d:9b:9e:e0:
         75:f0:2f:27:46:51:2a:21:31:a6:dd:18:26:73:02:09:e1:9c:
         da:fa:4a:df:de:0b:99:2a:31:80:64:3c:38:67:f4:3c:0a:5f:
         92:2f:ef:67:42:2d:b7:3f:0c:08:b3:0a:e3:e9:d3:a5:ea:f4:
         f3:f3:3b:91:09:fe:c9:06:ac:a1:4f:04:55:5a:53:de:12:0f:
         9c:2b:1d:ef:11:b7:c2:ee:45:8f:37:75:8d:56:18:97:4b:54:
         41:b7:d5:60:23:ec:63:0f:db:98:88:d8:aa:47:5b:a5:10:e4:
         48:db:79:54
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUUvCAKhR3yp13pcr9+OVixh1IIeswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNzI4MTYwMDUwWhcNMjUwOTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BjMzE2MjYwMTMxNDNmMDVhZDQxNzA2ODYzOWI3ODAwMzA0
ODkzNTNkMjExYTljNWZkY2I5NTZlNzk3YjZiMDIzMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLfJNilHM+hfJx9S3AClCaRxqbiMEU3DXa3KikuKmz72lV
YLw+i08lKYGF9GnduGAiaomYI3vZj/QF6mCJso8xcOsuSTjU/LT/ito5XCEXs65w
Apdkqpr6Xolvp+YmTygpDP7U1n5PwVJ29swHc28Uv0FhnEamRYJwG/cALSLZKJYf
HJwUFTbeuIplJabaf7YuzrGWkY0+UYTTpFLm3YSssPlP5TUr89WtPth+k0ToiQFg
lS9UCO3gGN0G8hhgUZv6V4llNeZWjqcmjTC5FrxcJs3elL/h2lbgr6jhXSNQscm8
Dj12wh/aZkvcmh9s592zVlNFvYUFZMCmDHjsOjybAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUQWZ1V5Voeo3w2yyt5ceSUlQxkDUwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzcwMWY3MmE1LWZiMjctNDljYS1iM2FkLTNhNjBjN2MzMDM3Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDycBAwDQYJKoZIhvcNAQELBQADggEBADefwWGPRTsOn3od+NOzIllR
LwlKw0UiJJkwQtVhQTiDeBPwxzYYT7WclH/ZfEEQK7MD1b+SPI5yhSJM9usRraKZ
6NzpMTfZmDoy6/87H7IL8WKCRwfnHtY71zbKwihcEZ1gIGa92UyaizV0cnVDAD8E
ELQfIOdin9vlqneGg4gMu6ag3yQR3cVSVAAlHZue4HXwLydGUSohMabdGCZzAgnh
nNr6St/eC5kqMYBkPDhn9DwKX5Iv72dCLbc/DAizCuPp06Xq9PPzO5EJ/skGrKFP
BFVaU94SD5wrHe8Rt8LuRY83dY1WGJdLVEG31WAj7GMP25iI2KpHW6UQ5EjbeVQ=
-----END CERTIFICATE-----
Generated at Fri Aug 8 19:40:37 2025 by rpki-client