Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/8098420f-108f-4bc5-8d8c-6d62621f83e9.roa
File:                     8098420f-108f-4bc5-8d8c-6d62621f83e9.roa (raw, json)
Hash identifier:          EEluFFUpl4WAJvtNL0TZs9VK0RvLRZkqLc0ZrP2mi+I=
Subject key identifier:   C2:7B:2F:17:01:3B:21:98:5F:9A:69:71:27:46:94:C1:8F:11:D9:65
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       4FDC8AFC41F03F98E6A8819CAD41D280B88BA799
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/8098420f-108f-4bc5-8d8c-6d62621f83e9.roa
Signing time:             Mon 28 Jul 2025 16:00:56 +0000
ROA not before:           Mon 28 Jul 2025 16:00:56 +0000
ROA not after:            Mon 01 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f2:7012::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:dc:8a:fc:41:f0:3f:98:e6:a8:81:9c:ad:41:d2:80:b8:8b:a7:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jul 28 16:00:56 2025 GMT
            Not After : Sep  1 23:59:59 2025 GMT
        Subject: serialNumber=d19f2481421bcc585fbf94ed62c1bc64df9a417afbbb3a7924f0e10a2a85c686, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:45:ef:d0:16:d7:8b:d0:cd:40:f3:46:0b:99:
                    8f:e9:f3:6c:0b:71:89:45:4f:02:53:0f:3a:32:f2:
                    59:23:f5:7a:4d:3a:4d:ee:ff:50:bf:3c:57:b7:37:
                    b3:66:33:4f:c3:e4:ca:45:1c:ca:1e:35:ab:36:ae:
                    e6:74:81:09:32:f7:4e:52:bb:6b:78:a9:81:2e:02:
                    af:b2:1d:4f:cd:9c:3f:88:bf:b8:d6:24:bc:82:00:
                    33:fd:f7:de:e7:90:da:af:28:13:f8:fa:53:84:ed:
                    76:f5:29:92:4e:ba:26:a1:ee:8e:9a:18:a1:82:57:
                    3d:ca:18:84:4f:a9:b3:44:ba:ee:f1:21:0c:61:53:
                    23:de:42:31:29:75:ce:ad:22:59:64:d1:83:6b:a0:
                    e5:24:24:a8:b6:78:fd:30:74:e4:0a:b4:a1:51:82:
                    56:f6:c6:3a:03:a2:ef:8c:f5:44:25:a5:e9:32:cc:
                    d6:0a:58:5b:fc:a2:39:4f:fa:52:6b:ee:84:1a:47:
                    fb:e7:c3:a6:41:06:b5:99:3b:25:a5:c7:ab:8c:4c:
                    56:25:63:9b:c1:a9:bd:64:9a:32:7a:7f:24:49:d2:
                    d7:67:36:03:75:52:1d:22:16:51:86:19:fa:16:cd:
                    67:38:8f:4e:d3:88:28:72:a7:df:f6:08:aa:31:9c:
                    e9:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:7B:2F:17:01:3B:21:98:5F:9A:69:71:27:46:94:C1:8F:11:D9:65
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/8098420f-108f-4bc5-8d8c-6d62621f83e9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f2:7012::/48

    Signature Algorithm: sha256WithRSAEncryption
         03:de:aa:2f:9c:b0:62:ac:af:04:2a:f7:69:9d:68:a8:a2:48:
         8c:d4:ba:83:93:d6:62:e3:2c:25:5e:e8:f9:7f:a4:b0:21:5e:
         85:80:55:05:38:d0:64:d3:1e:fb:b0:42:df:d5:1a:aa:1c:9f:
         bb:94:19:9a:95:04:49:2d:70:f9:c1:1b:37:85:aa:f2:5d:ef:
         ca:08:5e:02:4d:1a:21:0d:27:a0:4a:d5:bd:ea:3f:cb:8a:e5:
         61:32:52:c8:65:a2:da:00:e2:f8:3a:55:8f:87:a7:70:fb:30:
         d7:7f:5f:5e:40:d5:d4:3d:5d:84:63:1b:60:a3:6e:bc:b1:51:
         3a:1d:4a:56:3e:7c:f3:8d:4e:2b:75:34:1c:c4:d8:a4:ad:cd:
         ba:a3:b0:c7:11:51:bf:de:e9:ba:f0:2f:28:08:e5:de:c3:2d:
         b0:ae:25:13:b8:99:fd:7f:88:8a:69:54:d4:a2:a1:78:73:50:
         9f:94:8d:cb:1d:3f:12:6f:43:3a:30:2c:27:9d:81:bb:dc:8e:
         5a:ce:49:48:7a:56:02:35:c3:ad:7b:d5:1b:19:aa:f2:11:2c:
         7b:18:86:08:10:e4:cc:06:47:19:be:37:18:f6:80:00:9a:47:
         14:82:ef:22:bd:75:d2:fc:8e:43:6b:b4:db:8f:da:5e:c7:1c:
         18:21:f7:12
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUT9yK/EHwP5jmqIGcrUHSgLiLp5kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNzI4MTYwMDU2WhcNMjUwOTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BkMTlmMjQ4MTQyMWJjYzU4NWZiZjk0ZWQ2MmMxYmM2NGRm
OWE0MTdhZmJiYjNhNzkyNGYwZTEwYTJhODVjNjg2MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcRe/QFteL0M1A80YLmY/p82wLcYlFTwJTDzoy8lkj9XpN
Ok3u/1C/PFe3N7NmM0/D5MpFHMoeNas2ruZ0gQky905Su2t4qYEuAq+yHU/NnD+I
v7jWJLyCADP9997nkNqvKBP4+lOE7Xb1KZJOuiah7o6aGKGCVz3KGIRPqbNEuu7x
IQxhUyPeQjEpdc6tIllk0YNroOUkJKi2eP0wdOQKtKFRglb2xjoDou+M9UQlpeky
zNYKWFv8ojlP+lJr7oQaR/vnw6ZBBrWZOyWlx6uMTFYlY5vBqb1kmjJ6fyRJ0tdn
NgN1Uh0iFlGGGfoWzWc4j07TiChyp9/2CKoxnOl7AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUwnsvFwE7IZhfmmlxJ0aUwY8R2WUwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzgwOTg0MjBmLTEwOGYtNGJjNS04ZDhjLTZkNjI2MjFmODNlOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDycBIwDQYJKoZIhvcNAQELBQADggEBAAPeqi+csGKsrwQq92mdaKii
SIzUuoOT1mLjLCVe6Pl/pLAhXoWAVQU40GTTHvuwQt/VGqocn7uUGZqVBEktcPnB
GzeFqvJd78oIXgJNGiENJ6BK1b3qP8uK5WEyUshlotoA4vg6VY+Hp3D7MNd/X15A
1dQ9XYRjG2CjbryxUTodSlY+fPONTit1NBzE2KStzbqjsMcRUb/e6brwLygI5d7D
LbCuJRO4mf1/iIppVNSioXhzUJ+UjcsdPxJvQzowLCedgbvcjlrOSUh6VgI1w617
1RsZqvIRLHsYhggQ5MwGRxm+Nxj2gACaRxSC7yK9ddL8jkNrtNuP2l7HHBgh9xI=
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:14:51 2025 by rpki-client