Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c9a7bd20-48bd-4f0a-937e-2ccc73008f73.roa
File:                     c9a7bd20-48bd-4f0a-937e-2ccc73008f73.roa (raw, json)
Hash identifier:          WSRy78mPlluhMwNQG+lmrQw0TUd6RXMxGP6vrfcNLY0=
Subject key identifier:   0F:76:3C:ED:E0:D0:A3:5C:61:53:D5:62:BF:40:0A:9B:B0:38:4E:A0
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       38B0A161AA698997D081DA2B4C83DD3F86FDF2B9
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c9a7bd20-48bd-4f0a-937e-2ccc73008f73.roa
Signing time:             Tue 05 Aug 2025 18:30:45 +0000
ROA not before:           Tue 05 Aug 2025 18:30:45 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:300::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:b0:a1:61:aa:69:89:97:d0:81:da:2b:4c:83:dd:3f:86:fd:f2:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Aug  5 18:30:45 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=8ed63442e18761b359db70e9f0369911b5a4ac3ccdfc17dde4c802644b754599, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:e4:93:36:dd:16:72:47:95:94:d5:e8:4a:5e:
                    eb:fb:ae:51:25:d3:a2:c4:40:0b:a8:11:9f:d7:47:
                    54:cd:fe:7b:66:21:39:72:e4:5c:98:c7:a6:db:8f:
                    4c:d4:fb:60:a8:70:ce:74:f7:f6:d6:32:6f:26:03:
                    71:dc:b8:62:2d:af:99:db:68:b3:b7:c9:7b:fc:63:
                    33:a6:69:86:6f:0c:ae:78:e3:92:6a:32:55:0b:84:
                    df:83:92:dc:ce:4b:84:88:83:6e:a8:6a:3f:81:4f:
                    e6:df:63:d2:9a:b5:50:db:56:7a:a0:34:a4:03:5e:
                    1a:c5:2d:12:93:df:6d:09:5d:39:e0:79:be:c4:b5:
                    44:69:35:22:a5:19:4f:ef:31:4a:b2:21:06:99:55:
                    77:7d:1f:d3:99:1e:74:50:b5:63:e9:32:96:23:38:
                    20:eb:58:af:cf:53:6b:fe:55:73:e7:fc:da:aa:95:
                    77:52:81:cc:93:70:55:6a:93:fc:af:3b:b2:5e:ad:
                    da:e1:81:bb:ce:c3:87:62:d9:cd:55:8f:51:7c:33:
                    78:62:a1:a9:06:ef:bd:d2:91:b6:d0:76:97:39:3a:
                    d1:52:b7:d3:b9:55:dc:84:15:85:0b:0e:44:aa:67:
                    df:59:35:3c:57:8a:5e:1a:60:75:18:b0:18:64:ad:
                    9b:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:76:3C:ED:E0:D0:A3:5C:61:53:D5:62:BF:40:0A:9B:B0:38:4E:A0
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c9a7bd20-48bd-4f0a-937e-2ccc73008f73.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:300::/44

    Signature Algorithm: sha256WithRSAEncryption
         89:4b:ba:42:41:f0:ee:81:93:f6:0d:bc:f6:29:dd:77:95:91:
         40:45:8a:af:b5:84:49:2f:6b:4a:e4:c3:08:b8:07:ee:0d:23:
         27:09:4b:26:56:64:34:d6:89:c9:e7:8d:af:33:26:ae:a4:ce:
         1a:e9:9c:3b:ee:69:a7:e9:20:d3:8d:e3:47:84:27:48:6f:6a:
         cc:3f:ea:96:a2:55:62:c9:34:5c:ba:db:f3:fc:5c:77:bd:da:
         62:1a:80:f0:5e:7d:dc:45:00:dc:c0:bc:a5:9f:13:3d:a3:77:
         5e:50:e3:01:14:8c:9f:61:53:df:39:d4:7f:7f:c0:a2:53:89:
         a8:b3:bb:20:ac:15:c4:23:d9:c6:00:28:3e:3d:41:ff:84:e4:
         ae:d3:a3:ca:79:ae:0d:47:7e:b0:5b:1c:5d:b0:f5:9c:55:46:
         cc:fd:73:37:1f:74:fc:1d:20:f5:86:0b:76:29:a4:4d:8c:30:
         a7:bc:9f:6d:ee:d2:7f:7b:64:ec:6a:6b:f4:84:b2:83:08:15:
         ff:67:67:15:ca:23:8b:5c:17:db:f8:f2:78:fb:bf:d4:d7:07:
         ce:8a:bc:06:70:5d:51:f9:e6:d6:7f:f3:c3:35:d6:43:21:65:
         9f:64:de:24:b8:73:0a:37:ad:1a:7c:94:a5:93:d6:d9:01:26:
         15:ca:0d:ae
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUOLChYappiZfQgdorTIPdP4b98rkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwODA1MTgzMDQ1WhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZWQ2MzQ0MmUxODc2MWIzNTlkYjcwZTlmMDM2OTkxMWI1
YTRhYzNjY2RmYzE3ZGRlNGM4MDI2NDRiNzU0NTk5MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCv5JM23RZyR5WU1ehKXuv7rlEl06LEQAuoEZ/XR1TN/ntm
ITly5FyYx6bbj0zU+2CocM509/bWMm8mA3HcuGItr5nbaLO3yXv8YzOmaYZvDK54
45JqMlULhN+DktzOS4SIg26oaj+BT+bfY9KatVDbVnqgNKQDXhrFLRKT320JXTng
eb7EtURpNSKlGU/vMUqyIQaZVXd9H9OZHnRQtWPpMpYjOCDrWK/PU2v+VXPn/Nqq
lXdSgcyTcFVqk/yvO7JerdrhgbvOw4di2c1Vj1F8M3hioakG773SkbbQdpc5OtFS
t9O5VdyEFYULDkSqZ99ZNTxXil4aYHUYsBhkrZvnAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUD3Y87eDQo1xhU9Viv0AKm7A4TqAwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2M5YTdiZDIwLTQ4YmQtNGYwYS05MzdlLTJjY2M3MzAwOGY3My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmAPDwAwAwDQYJKoZIhvcNAQELBQADggEBAIlLukJB8O6Bk/YNvPYp3XeV
kUBFiq+1hEkva0rkwwi4B+4NIycJSyZWZDTWicnnja8zJq6kzhrpnDvuaafpINON
40eEJ0hvasw/6paiVWLJNFy62/P8XHe92mIagPBefdxFANzAvKWfEz2jd15Q4wEU
jJ9hU9851H9/wKJTiaizuyCsFcQj2cYAKD49Qf+E5K7To8p5rg1HfrBbHF2w9ZxV
Rsz9czcfdPwdIPWGC3YppE2MMKe8n23u0n97ZOxqa/SEsoMIFf9nZxXKI4tcF9v4
8nj7v9TXB86KvAZwXVH55tZ/88M11kMhZZ9k3iS4cwo3rRp8lKWT1tkBJhXKDa4=
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:03:43 2025 by rpki-client