Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a243183f-74f0-4016-b61d-47b029a3c4e1.roa
File:                     a243183f-74f0-4016-b61d-47b029a3c4e1.roa (raw, json)
Hash identifier:          G2eFLM8VEcTsI60zOobfmIFhyanqLK2yl3bKG5jKOd8=
Subject key identifier:   03:6D:F7:AF:4A:B9:9B:33:D1:F6:F9:BA:3B:32:27:4D:E8:B0:4C:8B
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       38EE0C147D3F7B961ADE6F86330C40DD8ADD852C
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a243183f-74f0-4016-b61d-47b029a3c4e1.roa
Signing time:             Tue 05 Aug 2025 18:31:22 +0000
ROA not before:           Tue 05 Aug 2025 18:31:22 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:e100::/42 maxlen: 42
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 09 Aug 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:ee:0c:14:7d:3f:7b:96:1a:de:6f:86:33:0c:40:dd:8a:dd:85:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Aug  5 18:31:22 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=14acda8ef633b8efc6855e21ed2b29c289825347f1994382f25c583ad37de78b, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:77:d8:78:a7:f8:f6:a6:95:ad:d3:cd:3f:b9:
                    2e:22:15:d7:b4:0d:37:8b:bb:93:fa:f6:55:8e:82:
                    fc:67:61:e0:a0:1f:bf:97:74:81:f9:ab:10:27:2a:
                    ec:ec:f6:a9:0c:67:1f:af:7b:c6:52:74:d0:16:9a:
                    d2:3b:32:14:62:fb:f6:79:81:5d:a8:6c:3a:84:f9:
                    b7:02:00:f5:73:e5:f1:7e:a0:63:12:8e:b0:0e:1f:
                    16:f3:dd:68:d6:d1:0d:21:88:f4:10:70:c5:be:c1:
                    96:78:11:96:f7:df:bb:e4:8d:95:72:88:c6:a9:42:
                    ce:62:10:7a:d8:f8:42:ef:b5:c5:bf:8c:bd:de:58:
                    51:4a:9a:cc:9a:94:f7:07:ea:b1:ae:46:68:00:bd:
                    76:cd:c9:e7:92:20:23:eb:94:45:11:e7:9f:f2:3a:
                    e6:04:76:4f:78:99:53:96:4e:a2:5c:41:d4:10:a7:
                    52:0e:8d:67:76:2c:c3:c9:01:fe:43:d0:a9:b5:05:
                    e2:8f:a7:f1:f7:98:aa:f7:37:d2:08:0b:1c:b4:95:
                    15:aa:8d:ee:62:d9:13:5a:a5:e1:25:b2:2c:9a:83:
                    87:0f:9e:65:d8:e1:5a:91:5c:df:55:72:bc:03:b3:
                    22:4d:b7:c1:9b:4e:8a:b0:a7:48:81:f2:98:bc:10:
                    e2:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:6D:F7:AF:4A:B9:9B:33:D1:F6:F9:BA:3B:32:27:4D:E8:B0:4C:8B
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a243183f-74f0-4016-b61d-47b029a3c4e1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:e100::/42

    Signature Algorithm: sha256WithRSAEncryption
         2b:48:f1:a3:3a:3d:9e:6c:1c:b3:ce:d0:b9:43:85:a5:68:5f:
         a8:5a:3c:94:0d:d0:90:c0:87:e8:d0:5e:fc:07:43:1c:cd:27:
         a7:ac:f7:f6:a3:4a:8a:1c:6f:7d:8d:38:d1:5d:19:72:82:a6:
         51:d0:cf:6d:41:a6:72:d3:01:49:50:23:e1:3a:e5:10:02:8d:
         25:51:ab:59:d9:c4:08:ba:c7:8f:fe:39:16:33:db:fc:0b:3b:
         23:99:a7:65:e1:0d:18:a9:21:ee:d4:c6:87:41:51:54:d9:22:
         e2:be:ef:20:d3:01:a6:64:1c:ce:28:ab:3e:93:1c:e0:f5:40:
         55:30:38:53:b0:79:57:52:d6:45:4f:ac:73:aa:20:de:bd:d3:
         15:fe:c6:bb:19:ef:e6:1c:92:ea:c7:e6:c8:25:69:12:11:31:
         3b:89:cd:97:c2:d1:9f:d8:eb:d5:08:77:d3:7c:67:2a:9a:68:
         2c:b9:52:69:7a:8a:15:10:f9:6f:d0:4a:2b:05:84:4e:2f:c9:
         26:70:49:3c:3c:60:5c:62:81:87:a6:71:fd:91:84:8a:82:c9:
         6c:94:7a:eb:0a:41:ac:9a:ca:7e:44:d7:32:28:1a:b0:57:5d:
         d3:d1:bd:06:ea:22:b1:af:0d:92:8c:82:e4:e1:06:12:e0:fc:
         66:63:a7:0d
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUOO4MFH0/e5Ya3m+GMwxA3YrdhSwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwODA1MTgzMTIyWhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0AxNGFjZGE4ZWY2MzNiOGVmYzY4NTVlMjFlZDJiMjljMjg5
ODI1MzQ3ZjE5OTQzODJmMjVjNTgzYWQzN2RlNzhiMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+d9h4p/j2ppWt080/uS4iFde0DTeLu5P69lWOgvxnYeCg
H7+XdIH5qxAnKuzs9qkMZx+ve8ZSdNAWmtI7MhRi+/Z5gV2obDqE+bcCAPVz5fF+
oGMSjrAOHxbz3WjW0Q0hiPQQcMW+wZZ4EZb337vkjZVyiMapQs5iEHrY+ELvtcW/
jL3eWFFKmsyalPcH6rGuRmgAvXbNyeeSICPrlEUR55/yOuYEdk94mVOWTqJcQdQQ
p1IOjWd2LMPJAf5D0Km1BeKPp/H3mKr3N9IICxy0lRWqje5i2RNapeElsiyag4cP
nmXY4VqRXN9VcrwDsyJNt8GbToqwp0iB8pi8EOIfAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUA233r0q5mzPR9vm6OzInTeiwTIswHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2EyNDMxODNmLTc0ZjAtNDAxNi1iNjFkLTQ3YjAyOWEzYzRlMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwYmAPD74QAwDQYJKoZIhvcNAQELBQADggEBACtI8aM6PZ5sHLPO0LlDhaVo
X6haPJQN0JDAh+jQXvwHQxzNJ6es9/ajSoocb32NONFdGXKCplHQz21BpnLTAUlQ
I+E65RACjSVRq1nZxAi6x4/+ORYz2/wLOyOZp2XhDRipIe7UxodBUVTZIuK+7yDT
AaZkHM4oqz6THOD1QFUwOFOweVdS1kVPrHOqIN690xX+xrsZ7+YckurH5sglaRIR
MTuJzZfC0Z/Y69UId9N8ZyqaaCy5Uml6ihUQ+W/QSisFhE4vySZwSTw8YFxigYem
cf2RhIqCyWyUeusKQayayn5E1zIoGrBXXdPRvQbqIrGvDZKMguThBhLg/GZjpw0=
-----END CERTIFICATE-----
Generated at Fri Aug 8 00:32:39 2025 by rpki-client