Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c4e52abf-4d7e-4707-bd4e-1ceba64e18cd.roa
File:                     c4e52abf-4d7e-4707-bd4e-1ceba64e18cd.roa (raw, json)
Hash identifier:          t4jzUu8+d5FOwIipQZQ5dQMp21Pzxp1682FpcQJbbdQ=
Subject key identifier:   BC:1C:B4:0F:B3:F1:47:49:44:37:69:5D:A3:C3:B2:49:BF:88:DF:63
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       783D19F13928AA00C3293C9D0202C5B33C72E3EF
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c4e52abf-4d7e-4707-bd4e-1ceba64e18cd.roa
Signing time:             Fri 11 Jul 2025 18:30:45 +0000
ROA not before:           Fri 11 Jul 2025 18:30:45 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0fb:e600::/42 maxlen: 42
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 05 Aug 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:3d:19:f1:39:28:aa:00:c3:29:3c:9d:02:02:c5:b3:3c:72:e3:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jul 11 18:30:45 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=d5a2f55744d2a4302235b72108bb705697231818195c0dd4b54e6c1453427314, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b3:7b:f2:00:b4:db:94:86:3a:9a:61:fb:2e:
                    56:b7:b3:e1:79:d4:56:65:e3:bc:8e:da:79:3a:22:
                    37:8e:db:73:b1:b8:20:75:5b:9c:5b:1f:1b:17:a6:
                    62:df:25:df:bf:e5:6a:d3:7b:1a:f4:10:bb:5c:d3:
                    12:d6:ed:da:99:02:b9:03:9e:94:56:5a:b4:de:e6:
                    9a:59:2d:fb:3f:2e:da:5d:8b:dc:68:cd:5a:8a:8a:
                    d8:c5:44:0e:e5:0e:1e:f0:e5:06:3b:a6:8f:2d:5f:
                    3e:61:80:05:2e:06:f1:68:b5:23:03:a5:0c:f1:50:
                    69:dc:56:34:7c:0f:51:59:d8:5d:08:e8:b2:35:65:
                    ab:81:a6:3f:89:88:73:86:21:e7:8c:fe:b0:fa:16:
                    60:9b:f0:93:c7:6e:59:b5:6b:16:19:29:a0:12:5c:
                    c7:66:13:6c:46:e1:d5:49:d0:76:1a:68:8a:04:67:
                    8d:cd:32:25:b9:24:75:4c:d9:de:3f:75:84:c0:4f:
                    6f:50:fa:34:ec:c5:46:59:3f:5d:3f:c7:af:3d:30:
                    59:4b:8f:4c:f0:a1:ac:08:03:08:62:25:46:17:e7:
                    f9:a1:0a:df:b3:f5:0f:5e:64:c6:08:3b:a9:b2:ac:
                    2e:9c:54:de:e6:c0:95:fa:b5:9b:67:01:d1:d0:bb:
                    7b:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:1C:B4:0F:B3:F1:47:49:44:37:69:5D:A3:C3:B2:49:BF:88:DF:63
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c4e52abf-4d7e-4707-bd4e-1ceba64e18cd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:e600::/42

    Signature Algorithm: sha256WithRSAEncryption
         35:86:61:76:88:01:53:0d:e7:05:44:95:81:1b:cb:c8:33:f2:
         f8:93:b8:59:66:8e:91:86:87:80:62:72:66:f0:f5:3b:ce:29:
         24:09:85:9a:cf:82:f1:00:e3:13:8f:c1:86:18:bf:65:04:94:
         2c:ca:c8:fe:ff:7f:32:3f:74:ad:e2:e1:74:f6:f8:89:86:67:
         d6:91:11:01:33:1e:4e:c8:69:70:08:ca:50:73:57:1a:97:d5:
         9b:e4:a5:96:29:fc:03:72:79:05:1f:bf:18:44:f8:fa:10:85:
         94:8f:93:6b:1c:7a:5f:5a:5c:05:18:e0:08:00:f7:1e:43:b5:
         67:19:6e:9d:f0:80:7f:0b:d4:e4:58:15:20:75:ad:f6:4f:f0:
         a7:4d:c5:85:e4:ea:07:d6:96:81:9e:f0:3a:71:25:07:da:07:
         3b:45:1e:ac:f1:1d:bc:12:c8:c4:5e:70:04:69:a7:1c:9b:a0:
         53:b9:7e:93:f2:68:9f:bc:bc:17:a5:d9:f6:8a:27:c9:f4:33:
         52:69:a0:93:43:96:2a:ed:bc:0e:ab:8c:25:ac:02:ca:13:22:
         6b:8f:87:dc:81:75:e5:79:d2:a8:b6:e9:e3:ba:e3:7d:cc:3c:
         1b:9e:b2:c0:62:00:f9:35:dc:f1:d0:fc:bc:b0:62:7d:dd:0f:
         ae:5b:7a:d0
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUeD0Z8TkoqgDDKTydAgLFszxy4+8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNzExMTgzMDQ1WhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BkNWEyZjU1NzQ0ZDJhNDMwMjIzNWI3MjEwOGJiNzA1Njk3
MjMxODE4MTk1YzBkZDRiNTRlNmMxNDUzNDI3MzE0MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCts3vyALTblIY6mmH7Lla3s+F51FZl47yO2nk6IjeO23Ox
uCB1W5xbHxsXpmLfJd+/5WrTexr0ELtc0xLW7dqZArkDnpRWWrTe5ppZLfs/Ltpd
i9xozVqKitjFRA7lDh7w5QY7po8tXz5hgAUuBvFotSMDpQzxUGncVjR8D1FZ2F0I
6LI1ZauBpj+JiHOGIeeM/rD6FmCb8JPHblm1axYZKaASXMdmE2xG4dVJ0HYaaIoE
Z43NMiW5JHVM2d4/dYTAT29Q+jTsxUZZP10/x689MFlLj0zwoawIAwhiJUYX5/mh
Ct+z9Q9eZMYIO6myrC6cVN7mwJX6tZtnAdHQu3snAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUvBy0D7PxR0lEN2ldo8OySb+I32MwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2M0ZTUyYWJmLTRkN2UtNDcwNy1iZDRlLTFjZWJhNjRlMThjZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwYmAPD75gAwDQYJKoZIhvcNAQELBQADggEBADWGYXaIAVMN5wVElYEby8gz
8viTuFlmjpGGh4Bicmbw9TvOKSQJhZrPgvEA4xOPwYYYv2UElCzKyP7/fzI/dK3i
4XT2+ImGZ9aREQEzHk7IaXAIylBzVxqX1ZvkpZYp/ANyeQUfvxhE+PoQhZSPk2sc
el9aXAUY4AgA9x5DtWcZbp3wgH8L1ORYFSB1rfZP8KdNxYXk6gfWloGe8DpxJQfa
BztFHqzxHbwSyMRecARppxyboFO5fpPyaJ+8vBel2faKJ8n0M1JpoJNDlirtvA6r
jCWsAsoTImuPh9yBdeV50qi26eO6433MPBuessBiAPk13PHQ/LywYn3dD65betA=
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:25:52 2025 by rpki-client