Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/77071dba-3d71-409d-bec3-e6ee4d8fc9dc.roa
File:                     77071dba-3d71-409d-bec3-e6ee4d8fc9dc.roa (raw, json)
Hash identifier:          tXV9NmkRH9nYJvQLrrnR5s2Zzmu1IIBDW7ju+y8sw9E=
Subject key identifier:   3A:DF:1D:50:EA:D2:1D:ED:27:12:F1:B8:C1:60:DF:E4:A7:38:23:3B
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       1EEAFD22B42CA52973C06177AD271279F853E3A1
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/77071dba-3d71-409d-bec3-e6ee4d8fc9dc.roa
Signing time:             Fri 11 Jul 2025 18:30:15 +0000
ROA not before:           Fri 11 Jul 2025 18:30:15 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:e800::/42 maxlen: 42
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 05 Aug 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:ea:fd:22:b4:2c:a5:29:73:c0:61:77:ad:27:12:79:f8:53:e3:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jul 11 18:30:15 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=1bbbc835a45f876e52bb443896d8e7b28556ce50a5c7f0a4bf316f88815e1292, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:34:c1:67:cf:65:8e:c1:ec:1b:66:1d:80:08:
                    39:68:db:92:6d:db:ec:9c:6e:d3:4e:07:16:a5:0c:
                    9c:f6:93:63:bc:ef:21:07:5e:ef:b2:8f:cc:b6:2f:
                    31:00:17:8d:db:4a:a0:43:2a:78:09:24:69:70:fb:
                    46:92:ae:3c:c7:9e:87:d4:90:52:7b:37:d7:73:4b:
                    35:84:d7:32:95:85:45:30:23:a0:6f:fa:86:ba:9d:
                    1e:c5:a7:fc:12:b0:fb:45:1a:4f:2a:53:52:9b:51:
                    8f:d4:09:ab:c2:f9:10:79:4f:2c:a5:ee:6d:c9:31:
                    2e:f3:04:3c:3c:97:1e:24:f5:86:a1:ff:37:6e:1b:
                    77:48:bf:57:78:48:d4:07:c3:df:09:60:11:36:d5:
                    9f:dc:68:04:a7:3a:3f:ce:9e:91:c7:ed:a3:b4:fb:
                    13:02:14:c7:8c:5f:54:db:5d:b9:45:d2:49:e2:ef:
                    d2:a3:6e:76:bf:2d:61:66:3d:3a:8e:25:0a:c7:73:
                    f2:69:cd:b6:5e:98:7b:cd:e6:16:78:e0:da:a9:74:
                    a4:f4:2d:b8:5e:aa:0a:23:34:b1:f9:7e:62:a7:fb:
                    3b:53:52:58:67:95:50:22:f0:13:0c:b1:ea:9b:10:
                    34:0f:c2:0c:1b:e9:d0:67:89:d3:63:48:ab:a9:6e:
                    69:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:DF:1D:50:EA:D2:1D:ED:27:12:F1:B8:C1:60:DF:E4:A7:38:23:3B
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/77071dba-3d71-409d-bec3-e6ee4d8fc9dc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:e800::/42

    Signature Algorithm: sha256WithRSAEncryption
         93:ce:4e:42:a7:33:46:70:a8:a6:5d:a4:35:50:1b:b1:8b:19:
         3a:13:9c:30:af:fa:37:9d:82:59:a6:3b:33:5e:df:24:39:57:
         e6:3b:1b:5e:a9:fa:5a:8a:7a:55:03:8d:78:37:02:fd:de:ad:
         9e:c2:99:70:c6:c7:cf:9c:2e:53:a2:ae:94:52:51:af:01:f1:
         eb:49:c0:de:95:53:ac:b3:92:27:46:8b:f8:6f:d3:bb:a7:72:
         fd:d8:20:88:e2:de:f6:a6:14:68:95:5d:b2:1d:ec:1b:62:c5:
         dc:d9:e3:5d:e7:0a:72:52:98:b9:65:d3:bc:fc:e3:2f:fe:64:
         67:5a:c3:a7:e8:e3:5f:6e:6a:1e:86:66:74:de:68:f9:7c:57:
         ba:ac:4a:58:da:1a:28:ab:f3:cc:f8:31:f7:a8:a9:12:01:14:
         fd:28:0a:8a:02:00:30:74:de:7b:37:de:94:f2:ea:72:02:b4:
         5c:b4:51:57:05:d9:a5:f1:8a:b7:a2:68:f9:2d:c5:15:f3:ad:
         65:ee:d8:e8:de:25:32:fc:34:10:89:58:41:6e:5f:e6:4d:d7:
         d9:e4:d7:d4:c1:28:3f:26:41:38:1a:a6:fd:86:38:f5:b5:33:
         41:ba:03:fc:ae:d8:ba:b6:5c:d2:15:c2:32:bd:9b:b7:7d:6f:
         21:de:73:fd
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUHur9IrQspSlzwGF3rScSefhT46EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNzExMTgzMDE1WhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYmJiYzgzNWE0NWY4NzZlNTJiYjQ0Mzg5NmQ4ZTdiMjg1
NTZjZTUwYTVjN2YwYTRiZjMxNmY4ODgxNWUxMjkyMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvNMFnz2WOwewbZh2ACDlo25Jt2+ycbtNOBxalDJz2k2O8
7yEHXu+yj8y2LzEAF43bSqBDKngJJGlw+0aSrjzHnofUkFJ7N9dzSzWE1zKVhUUw
I6Bv+oa6nR7Fp/wSsPtFGk8qU1KbUY/UCavC+RB5Tyyl7m3JMS7zBDw8lx4k9Yah
/zduG3dIv1d4SNQHw98JYBE21Z/caASnOj/OnpHH7aO0+xMCFMeMX1TbXblF0kni
79Kjbna/LWFmPTqOJQrHc/JpzbZemHvN5hZ44NqpdKT0LbheqgojNLH5fmKn+ztT
UlhnlVAi8BMMseqbEDQPwgwb6dBnidNjSKupbmmrAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUOt8dUOrSHe0nEvG4wWDf5Kc4IzswHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2Lzc3MDcxZGJhLTNkNzEtNDA5ZC1iZWMzLWU2ZWU0ZDhmYzlkYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwYmAPD76AAwDQYJKoZIhvcNAQELBQADggEBAJPOTkKnM0ZwqKZdpDVQG7GL
GToTnDCv+jedglmmOzNe3yQ5V+Y7G16p+lqKelUDjXg3Av3erZ7CmXDGx8+cLlOi
rpRSUa8B8etJwN6VU6yzkidGi/hv07uncv3YIIji3vamFGiVXbId7BtixdzZ413n
CnJSmLll07z84y/+ZGdaw6fo419uah6GZnTeaPl8V7qsSljaGiir88z4MfeoqRIB
FP0oCooCADB03ns33pTy6nICtFy0UVcF2aXxireiaPktxRXzrWXu2OjeJTL8NBCJ
WEFuX+ZN19nk19TBKD8mQTgapv2GOPW1M0G6A/yu2Lq2XNIVwjK9m7d9byHec/0=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:53:42 2025 by rpki-client