Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b4163a38-a8e2-48d9-855f-dd53ae7f6dcf.roa
File:                     b4163a38-a8e2-48d9-855f-dd53ae7f6dcf.roa (raw, json)
Hash identifier:          KS8Srr9oQM25eBaKgAB0S15zV3E//6Jm5tCJKCP7KBo=
Subject key identifier:   12:D0:5E:22:73:6C:88:ED:C2:75:F8:57:66:F3:76:46:6A:92:57:05
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       5D0EA4A5DB29FD43A1726F8FAA13A50A36B52F94
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b4163a38-a8e2-48d9-855f-dd53ae7f6dcf.roa
Signing time:             Mon 14 Jul 2025 15:30:38 +0000
ROA not before:           Mon 14 Jul 2025 15:30:38 +0000
ROA not after:            Mon 18 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f1:8801::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:0e:a4:a5:db:29:fd:43:a1:72:6f:8f:aa:13:a5:0a:36:b5:2f:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jul 14 15:30:38 2025 GMT
            Not After : Aug 18 23:59:59 2025 GMT
        Subject: serialNumber=5e57328b6aee883f2e7dc514e8342648815dc0f8f83c386f7f225960b22c23b1, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:52:85:a4:11:3d:59:be:62:31:35:08:82:95:
                    bc:33:27:9b:48:16:60:7a:b6:c4:9f:19:34:98:26:
                    eb:da:4c:92:28:e2:eb:9c:1c:98:75:e9:75:81:2a:
                    85:28:fe:b2:60:ac:d9:85:29:92:1d:7f:bc:08:cc:
                    48:f4:07:7e:42:55:ed:9b:9c:6d:4e:32:5b:a2:a4:
                    9a:3f:8b:77:d1:22:5f:af:4e:6c:c9:c5:a0:45:d8:
                    26:de:4b:83:8e:48:c8:45:c5:7d:c6:df:45:f2:8e:
                    93:c9:45:95:a8:ad:25:07:a5:ab:d3:3a:97:5f:7a:
                    11:df:b4:92:b0:5b:e7:b0:26:f7:e1:bf:0e:fa:b0:
                    46:36:83:0c:9d:fb:7b:bc:bc:8b:99:d1:a2:02:56:
                    a3:96:9c:77:f6:42:6d:76:69:a8:0f:1d:e3:22:dc:
                    16:08:08:99:2a:59:bd:3d:f0:2b:6c:01:32:e1:da:
                    dc:eb:e7:22:d4:ee:62:cc:5f:30:c4:3d:32:e3:14:
                    44:83:97:f7:16:be:49:50:59:15:c8:6b:e4:01:60:
                    08:2a:44:8c:a7:2f:ec:ad:f0:77:42:c3:e7:6b:20:
                    5e:21:af:80:52:b3:df:d4:05:27:59:25:84:ea:3f:
                    c5:00:be:69:d1:5b:02:87:40:bd:7a:27:96:c4:88:
                    78:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:D0:5E:22:73:6C:88:ED:C2:75:F8:57:66:F3:76:46:6A:92:57:05
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b4163a38-a8e2-48d9-855f-dd53ae7f6dcf.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f1:8801::/48

    Signature Algorithm: sha256WithRSAEncryption
         7d:59:f5:c3:09:c7:3d:e0:5f:3b:b7:b8:aa:df:46:3a:6a:c1:
         18:8e:71:4f:02:91:f8:36:1e:aa:5e:9f:39:ab:10:0a:27:d6:
         3e:83:7f:64:f4:81:67:d0:d3:09:d3:23:84:ae:70:ee:08:03:
         68:60:a5:4a:21:a8:b3:82:83:3d:d9:ff:b5:cd:c8:49:ff:ad:
         f3:cb:ac:2e:e8:e2:40:88:48:02:d8:55:7f:d0:6c:1d:9b:cc:
         f4:d9:f7:cb:1d:d9:02:07:ff:fd:7a:fb:b6:10:4f:e0:2b:5c:
         b1:36:27:90:4f:fd:92:c5:bf:5f:02:d4:b2:a9:2b:26:e4:f8:
         e2:8b:e2:bb:39:f3:23:11:13:03:6d:45:06:93:48:3a:f8:dc:
         99:2c:20:8b:d9:76:d6:ed:2d:60:e9:02:5f:97:b8:c5:09:0c:
         c6:43:35:79:2b:a8:26:50:5d:dd:72:b1:06:ce:40:d7:64:8b:
         4c:7c:ca:95:46:0a:6d:3b:39:12:c0:00:d1:ed:03:3a:48:c9:
         79:02:0e:72:25:7a:34:59:01:86:11:8d:41:06:f4:5f:b7:1b:
         d2:1a:3b:38:8e:e8:da:db:c7:56:f2:55:b6:c9:27:64:d6:27:
         c0:d3:14:9a:87:0a:aa:d9:43:7c:a4:d8:89:2a:dc:a0:9f:97:
         b8:bc:2c:18
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUXQ6kpdsp/UOhcm+PqhOlCja1L5QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNzE0MTUzMDM4WhcNMjUwODE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZTU3MzI4YjZhZWU4ODNmMmU3ZGM1MTRlODM0MjY0ODgx
NWRjMGY4ZjgzYzM4NmY3ZjIyNTk2MGIyMmMyM2IxMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCWUoWkET1ZvmIxNQiClbwzJ5tIFmB6tsSfGTSYJuvaTJIo
4uucHJh16XWBKoUo/rJgrNmFKZIdf7wIzEj0B35CVe2bnG1OMluipJo/i3fRIl+v
TmzJxaBF2CbeS4OOSMhFxX3G30XyjpPJRZWorSUHpavTOpdfehHftJKwW+ewJvfh
vw76sEY2gwyd+3u8vIuZ0aICVqOWnHf2Qm12aagPHeMi3BYICJkqWb098CtsATLh
2tzr5yLU7mLMXzDEPTLjFESDl/cWvklQWRXIa+QBYAgqRIynL+yt8HdCw+drIF4h
r4BSs9/UBSdZJYTqP8UAvmnRWwKHQL16J5bEiHg7AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUEtBeInNsiO3CdfhXZvN2RmqSVwUwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2I0MTYzYTM4LWE4ZTItNDhkOS04NTVmLWRkNTNhZTdmNmRjZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDxiAEwDQYJKoZIhvcNAQELBQADggEBAH1Z9cMJxz3gXzu3uKrfRjpq
wRiOcU8Ckfg2HqpenzmrEAon1j6Df2T0gWfQ0wnTI4SucO4IA2hgpUohqLOCgz3Z
/7XNyEn/rfPLrC7o4kCISALYVX/QbB2bzPTZ98sd2QIH//16+7YQT+ArXLE2J5BP
/ZLFv18C1LKpKybk+OKL4rs58yMREwNtRQaTSDr43JksIIvZdtbtLWDpAl+XuMUJ
DMZDNXkrqCZQXd1ysQbOQNdki0x8ypVGCm07ORLAANHtAzpIyXkCDnIlejRZAYYR
jUEG9F+3G9IaOziO6Nrbx1byVbbJJ2TWJ8DTFJqHCqrZQ3yk2Ikq3KCfl7i8LBg=
-----END CERTIFICATE-----