Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/72241dc6-56ae-4337-bb4b-b84fbdae51d0.roa
File:                     72241dc6-56ae-4337-bb4b-b84fbdae51d0.roa (raw, json)
Hash identifier:          MEiB4Pwo0Blw4JcWSv7JegzTYmqTHspXhgtxisnwA/o=
Subject key identifier:   2A:04:AF:98:5B:AE:49:B0:6D:81:5A:86:FA:65:F7:BA:97:63:85:80
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       11AB0CABC38FE1299B3F8D013C8452229E9AD25E
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/72241dc6-56ae-4337-bb4b-b84fbdae51d0.roa
Signing time:             Tue 05 Aug 2025 18:30:57 +0000
ROA not before:           Tue 05 Aug 2025 18:30:57 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:ee00::/42 maxlen: 42
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:ab:0c:ab:c3:8f:e1:29:9b:3f:8d:01:3c:84:52:22:9e:9a:d2:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Aug  5 18:30:57 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=e4e8f5c4e3396334e96789c063e3d1b47a99d19f7ce96442d50cf2e6f2db1407, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:a5:f9:f8:34:d8:e0:d8:4d:93:c4:e1:8a:91:
                    de:31:a5:6e:4a:d4:37:db:a6:8d:c9:22:26:79:10:
                    32:79:59:45:4d:17:75:e8:14:97:2f:02:ad:e4:86:
                    a2:60:1a:b6:53:a6:e3:a2:97:b0:53:a3:4b:17:af:
                    77:36:09:8f:55:53:d5:0c:df:ac:e3:61:1c:55:ef:
                    17:ba:f0:fd:eb:61:38:70:71:48:02:7b:c7:40:f3:
                    76:32:1f:ed:7e:8b:f2:a1:cd:8d:45:09:f4:5f:6c:
                    8f:7b:5e:fd:1c:aa:c3:14:96:cf:9e:24:83:fb:89:
                    5d:25:5a:f4:e7:6c:89:a3:ba:f4:b8:d0:59:06:70:
                    54:86:97:60:e9:8f:3c:3b:3d:68:66:4a:79:e6:48:
                    c4:7a:1c:cb:75:5d:5b:b2:19:8d:ec:cf:c8:c9:03:
                    b7:97:0b:66:99:70:74:94:77:15:83:29:e2:d6:a9:
                    49:fd:83:0b:34:ef:d9:69:86:c8:00:7a:62:c6:d3:
                    91:b1:39:68:50:7d:fb:b5:81:e6:aa:28:b0:1a:07:
                    0f:22:cf:72:d6:48:30:95:06:98:f0:c3:2f:64:a6:
                    99:24:e7:5f:fb:64:95:4d:05:35:c2:e5:48:65:e4:
                    f3:fb:99:1f:f5:1d:3d:da:e4:87:4c:23:46:69:a3:
                    68:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:04:AF:98:5B:AE:49:B0:6D:81:5A:86:FA:65:F7:BA:97:63:85:80
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/72241dc6-56ae-4337-bb4b-b84fbdae51d0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:ee00::/42

    Signature Algorithm: sha256WithRSAEncryption
         0f:d1:c6:89:70:1d:af:7a:eb:f6:13:8b:31:57:60:e0:3b:05:
         a5:db:98:49:af:2d:a8:75:eb:51:6e:80:43:2b:23:4f:17:46:
         6c:aa:bb:a2:04:f6:76:f9:8d:2c:ee:5d:a4:34:b6:d1:c2:2a:
         91:64:4b:f4:19:f0:d4:8f:8e:cc:ec:4b:14:1a:90:93:1c:60:
         ba:6f:33:77:f7:6a:90:fe:80:5a:4b:37:9f:dd:93:42:39:05:
         32:03:b1:c1:0b:97:b6:8d:8c:ee:e4:26:0c:1c:a3:25:b9:13:
         37:da:84:9d:b9:4a:9c:17:59:45:c5:8f:b6:64:02:e2:72:ca:
         3b:84:42:24:02:de:f3:4e:1a:20:19:ef:54:bd:bf:cb:16:b9:
         d9:70:86:00:2f:1d:cb:49:ed:fa:32:f6:44:9c:49:51:83:75:
         b0:13:69:5c:b1:9b:f3:78:45:de:ac:1c:95:c8:5a:79:36:4f:
         a9:28:8d:82:ac:b5:35:b2:c4:5e:f2:0d:8d:d2:47:9d:5a:66:
         4f:9f:9d:42:96:86:34:2e:32:12:bb:e9:47:f4:5a:9e:f4:13:
         af:59:24:14:b5:33:f3:5d:a8:f5:db:1d:d7:2e:6d:71:cc:bf:
         f0:a8:e6:63:9b:f6:c7:5b:fd:2a:af:c6:c6:76:97:30:08:39:
         b4:ae:53:59
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUEasMq8OP4SmbP40BPIRSIp6a0l4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwODA1MTgzMDU3WhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlNGU4ZjVjNGUzMzk2MzM0ZTk2Nzg5YzA2M2UzZDFiNDdh
OTlkMTlmN2NlOTY0NDJkNTBjZjJlNmYyZGIxNDA3MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCepfn4NNjg2E2TxOGKkd4xpW5K1Dfbpo3JIiZ5EDJ5WUVN
F3XoFJcvAq3khqJgGrZTpuOil7BTo0sXr3c2CY9VU9UM36zjYRxV7xe68P3rYThw
cUgCe8dA83YyH+1+i/KhzY1FCfRfbI97Xv0cqsMUls+eJIP7iV0lWvTnbImjuvS4
0FkGcFSGl2Dpjzw7PWhmSnnmSMR6HMt1XVuyGY3sz8jJA7eXC2aZcHSUdxWDKeLW
qUn9gws079lphsgAemLG05GxOWhQffu1geaqKLAaBw8iz3LWSDCVBpjwwy9kppkk
51/7ZJVNBTXC5Uhl5PP7mR/1HT3a5IdMI0Zpo2g/AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUKgSvmFuuSbBtgVqG+mX3updjhYAwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzcyMjQxZGM2LTU2YWUtNDMzNy1iYjRiLWI4NGZiZGFlNTFkMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwYmAPD77gAwDQYJKoZIhvcNAQELBQADggEBAA/RxolwHa966/YTizFXYOA7
BaXbmEmvLah161FugEMrI08XRmyqu6IE9nb5jSzuXaQ0ttHCKpFkS/QZ8NSPjszs
SxQakJMcYLpvM3f3apD+gFpLN5/dk0I5BTIDscELl7aNjO7kJgwcoyW5EzfahJ25
SpwXWUXFj7ZkAuJyyjuEQiQC3vNOGiAZ71S9v8sWudlwhgAvHctJ7foy9kScSVGD
dbATaVyxm/N4Rd6sHJXIWnk2T6kojYKstTWyxF7yDY3SR51aZk+fnUKWhjQuMhK7
6Uf0Wp70E69ZJBS1M/NdqPXbHdcubXHMv/Co5mOb9sdb/SqvxsZ2lzAIObSuU1k=
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:13:51 2025 by rpki-client