Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c91dc110-e4d6-4a78-90dc-94e4d2083c89.roa
File:                     c91dc110-e4d6-4a78-90dc-94e4d2083c89.roa (raw, json)
Hash identifier:          VB1SaRPWXVoibnx7IPJ4toEKSmVOnY65YojDuIm4xH0=
Subject key identifier:   C5:26:F1:24:96:62:BE:CE:4A:D2:FB:ED:5E:59:C0:B7:F3:C6:2F:75
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       751A512CECEFE3AA9BA9960818CA1BB6AA9E6D1B
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c91dc110-e4d6-4a78-90dc-94e4d2083c89.roa
Signing time:             Fri 25 Apr 2025 18:10:04 +0000
ROA not before:           Fri 25 Apr 2025 18:10:04 +0000
ROA not after:            Fri 30 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:100::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:1a:51:2c:ec:ef:e3:aa:9b:a9:96:08:18:ca:1b:b6:aa:9e:6d:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Apr 25 18:10:04 2025 GMT
            Not After : May 30 23:59:59 2025 GMT
        Subject: serialNumber=1c29aa441bfbe5dce275ffcae2d45717f653881459d7b5fbf8f68737cb5f694f, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:01:a7:33:6e:00:86:81:cc:dc:4a:f2:5e:cf:
                    9b:24:3c:cf:c4:16:a5:74:e6:ad:93:16:ae:6c:5e:
                    9d:25:04:6b:61:99:e1:81:d2:57:d8:0a:35:04:e4:
                    b5:6b:b6:fa:ac:a5:3d:45:e5:0d:bc:b4:5b:ec:dd:
                    5e:65:16:86:ce:6b:ae:ef:fc:ed:a1:48:aa:de:5e:
                    db:15:7f:89:c6:30:c3:68:90:51:db:ea:66:a0:04:
                    15:0c:5e:89:76:1d:99:54:45:87:b5:05:78:67:64:
                    31:50:49:f5:d3:26:4c:a8:a5:61:ef:42:23:a0:58:
                    ae:21:d5:3c:d3:bc:12:e0:82:09:58:1b:f2:cb:a7:
                    8b:a7:de:e0:9f:4f:67:70:b0:d1:7f:7d:e2:99:2f:
                    65:de:1d:3c:09:7b:f0:2a:56:d7:60:7c:11:b5:82:
                    a3:1b:6e:4c:63:0d:f2:84:09:31:cb:13:bc:7e:8f:
                    b3:54:1d:b8:27:ff:16:ef:84:9b:7b:c2:bf:d1:89:
                    3e:f5:73:94:c5:09:92:2f:f4:d3:b1:28:a6:21:8e:
                    70:f8:2e:37:58:2d:81:d7:8d:2a:c8:67:25:bb:9e:
                    47:de:5b:a3:01:3d:9a:e4:e3:08:c9:dc:9a:52:4e:
                    0f:0f:28:b8:e5:47:7e:01:55:a5:0d:13:22:61:cf:
                    b8:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:26:F1:24:96:62:BE:CE:4A:D2:FB:ED:5E:59:C0:B7:F3:C6:2F:75
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c91dc110-e4d6-4a78-90dc-94e4d2083c89.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:100::/40

    Signature Algorithm: sha256WithRSAEncryption
         20:a8:be:85:ab:0d:7c:a2:cd:90:5a:3f:c1:77:d2:58:7a:3c:
         bf:fc:41:6e:9e:96:dc:23:d1:4a:7f:6d:75:7c:a6:8b:04:14:
         f2:01:ff:9d:b9:1d:e7:f0:61:4f:14:3d:39:cc:a6:57:bb:28:
         5a:af:36:c0:70:2c:fb:54:48:aa:22:21:a4:b1:e1:1a:96:6a:
         a9:cb:c5:ca:42:2f:0c:01:68:85:de:a7:f5:01:ed:c1:39:65:
         eb:f7:74:28:8c:d8:59:7b:f0:09:d0:36:e4:f1:1e:31:30:d2:
         87:06:fd:a6:2f:39:5c:b1:6b:01:46:bf:43:7e:4f:36:a0:43:
         d3:be:c1:91:75:6d:87:06:47:7a:c5:3c:ee:2f:e3:e7:b6:5f:
         89:43:b0:fc:90:5c:c9:ad:c0:cf:3f:79:c6:2d:b0:01:24:07:
         84:77:98:1f:08:13:68:b3:f3:20:d4:e6:8b:82:c6:fa:1c:97:
         ef:a5:f3:89:a5:0a:34:02:d9:6f:be:21:bd:84:a2:c6:e6:b1:
         dd:ea:d8:3f:6e:a2:ad:92:29:bf:02:76:ec:3e:df:e7:84:da:
         70:58:d1:0f:8b:57:74:31:97:5d:82:98:52:c3:bc:64:9e:4a:
         77:df:bd:ba:b8:08:b6:19:77:d3:75:98:35:50:1d:8c:36:9c:
         67:2a:09:3e
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUdRpRLOzv46qbqZYIGMobtqqebRswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNDI1MTgxMDA0WhcNMjUwNTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0AxYzI5YWE0NDFiZmJlNWRjZTI3NWZmY2FlMmQ0NTcxN2Y2
NTM4ODE0NTlkN2I1ZmJmOGY2ODczN2NiNWY2OTRmMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGAaczbgCGgczcSvJez5skPM/EFqV05q2TFq5sXp0lBGth
meGB0lfYCjUE5LVrtvqspT1F5Q28tFvs3V5lFobOa67v/O2hSKreXtsVf4nGMMNo
kFHb6magBBUMXol2HZlURYe1BXhnZDFQSfXTJkyopWHvQiOgWK4h1TzTvBLggglY
G/LLp4un3uCfT2dwsNF/feKZL2XeHTwJe/AqVtdgfBG1gqMbbkxjDfKECTHLE7x+
j7NUHbgn/xbvhJt7wr/RiT71c5TFCZIv9NOxKKYhjnD4LjdYLYHXjSrIZyW7nkfe
W6MBPZrk4wjJ3JpSTg8PKLjlR34BVaUNEyJhz7gJAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUxSbxJJZivs5K0vvtXlnAt/PGL3UwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2M5MWRjMTEwLWU0ZDYtNGE3OC05MGRjLTk0ZTRkMjA4M2M4OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPDwATANBgkqhkiG9w0BAQsFAAOCAQEAIKi+hasNfKLNkFo/wXfSWHo8
v/xBbp6W3CPRSn9tdXymiwQU8gH/nbkd5/BhTxQ9OcymV7soWq82wHAs+1RIqiIh
pLHhGpZqqcvFykIvDAFohd6n9QHtwTll6/d0KIzYWXvwCdA25PEeMTDShwb9pi85
XLFrAUa/Q35PNqBD077BkXVthwZHesU87i/j57ZfiUOw/JBcya3Azz95xi2wASQH
hHeYHwgTaLPzINTmi4LG+hyX76XziaUKNALZb74hvYSixuax3erYP26irZIpvwJ2
7D7f54TacFjRD4tXdDGXXYKYUsO8ZJ5Kd9+9urgIthl303WYNVAdjDacZyoJPg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 20:51:16 2025 by rpki-client