Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0382bd56-5e93-4f09-8ae9-d92f7aa72058.roa
File:                     0382bd56-5e93-4f09-8ae9-d92f7aa72058.roa (raw, json)
Hash identifier:          ok69/vYTcZ061N71om6hEV5DSfQo232RQdgPEDQIxi8=
Subject key identifier:   23:82:3A:4E:E9:42:EF:18:C5:51:10:80:B9:E4:DE:16:7C:7B:17:05
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5B632E7836831E5C14425A788E3065BC7F51506F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0382bd56-5e93-4f09-8ae9-d92f7aa72058.roa
Signing time:             Mon 04 Aug 2025 17:11:49 +0000
ROA not before:           Mon 04 Aug 2025 17:11:49 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f14:c000::/36 maxlen: 36
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:63:2e:78:36:83:1e:5c:14:42:5a:78:8e:30:65:bc:7f:51:50:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  4 17:11:49 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=364bb79c47f33db59ab10286616c0f23a4e63df41c7484515c37fa05ecdf242f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:da:13:52:77:f5:7a:8f:f3:ad:f2:5e:da:7c:
                    bf:88:63:c4:92:11:df:a1:f0:74:9a:b9:ac:38:c6:
                    03:57:86:5c:2f:4a:c3:8a:72:d2:8a:ee:80:9d:58:
                    aa:53:75:59:64:b0:89:08:e5:b2:56:28:12:12:38:
                    88:f4:4e:e8:f1:75:98:da:81:61:db:36:a5:dd:53:
                    c7:3e:58:8a:f4:d3:eb:c9:a5:14:01:38:1f:6b:8a:
                    b9:ed:b1:4f:f2:bf:b2:1d:a9:af:66:d8:6f:22:11:
                    4c:ab:99:96:3e:08:47:d4:89:53:67:31:55:2f:15:
                    c9:4a:75:ac:e8:3d:ce:3a:53:bc:e6:5d:15:c5:ad:
                    39:4d:fb:7b:60:e9:6c:1b:8e:e8:85:46:0d:ad:c1:
                    4e:fb:95:9b:23:1d:2b:ed:cd:87:8e:34:16:31:16:
                    fb:b4:54:ec:97:5a:86:87:69:23:5f:e5:31:a7:82:
                    5d:46:5c:49:d2:cc:1f:08:e3:ec:05:3b:8d:5c:4a:
                    14:c9:c1:2c:85:f6:de:cb:c9:34:21:0c:a5:62:8e:
                    3b:ab:5b:5c:d3:98:8b:24:33:d0:1a:1d:82:10:1a:
                    f2:56:25:84:85:01:cf:34:31:e6:5f:0f:b8:1a:8b:
                    39:9a:8c:e8:11:94:d5:2b:e9:27:d8:22:c0:15:62:
                    66:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:82:3A:4E:E9:42:EF:18:C5:51:10:80:B9:E4:DE:16:7C:7B:17:05
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0382bd56-5e93-4f09-8ae9-d92f7aa72058.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f14:c000::/36

    Signature Algorithm: sha256WithRSAEncryption
         a2:08:54:d6:30:19:46:b6:26:bc:78:9c:ee:b0:a1:af:5a:c1:
         a9:4d:02:88:ce:a8:19:f6:8f:de:01:a6:91:fb:b1:61:28:0e:
         0e:30:34:d6:1a:71:5a:b2:69:1b:18:83:e0:ba:27:50:12:b2:
         9f:f3:31:87:60:14:19:06:9f:09:69:9e:e9:2b:49:0c:a2:ec:
         9b:ef:a3:07:e2:32:f4:cc:9e:56:47:44:23:95:d1:2d:a8:34:
         dd:43:8f:e6:da:5d:b5:fc:9d:c4:5e:ea:b1:1c:2e:43:4b:0a:
         a1:cc:44:03:16:e3:48:39:8e:cb:c8:e0:f7:0d:cb:eb:9d:78:
         da:f2:74:6e:26:e5:19:e9:bf:63:e8:61:84:8d:f9:cd:90:4d:
         17:30:6d:0d:d9:1b:c5:6f:67:b6:dc:c6:52:41:52:96:4c:50:
         f0:a1:ba:cb:7c:ac:69:07:ac:f2:38:2a:1b:52:2f:a2:72:09:
         93:68:a7:da:38:53:07:c9:80:97:1b:45:9a:9b:ab:b2:cf:8c:
         17:c1:3f:6d:55:77:dd:fb:71:5b:41:19:ba:44:5d:88:f1:ff:
         27:35:26:65:df:79:c1:ea:20:10:bb:dd:99:0b:cb:21:1d:bb:
         a2:d1:aa:75:5c:95:5e:da:3a:e6:12:b2:0c:98:a1:8e:53:fe:
         d1:f3:eb:6d
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUW2MueDaDHlwUQlp4jjBlvH9RUG8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA0MTcxMTQ5WhcNMjUwOTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNjRiYjc5YzQ3ZjMzZGI1OWFiMTAyODY2MTZjMGYyM2E0
ZTYzZGY0MWM3NDg0NTE1YzM3ZmEwNWVjZGYyNDJmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDV2hNSd/V6j/Ot8l7afL+IY8SSEd+h8HSauaw4xgNXhlwv
SsOKctKK7oCdWKpTdVlksIkI5bJWKBISOIj0TujxdZjagWHbNqXdU8c+WIr00+vJ
pRQBOB9rirntsU/yv7Idqa9m2G8iEUyrmZY+CEfUiVNnMVUvFclKdazoPc46U7zm
XRXFrTlN+3tg6WwbjuiFRg2twU77lZsjHSvtzYeONBYxFvu0VOyXWoaHaSNf5TGn
gl1GXEnSzB8I4+wFO41cShTJwSyF9t7LyTQhDKVijjurW1zTmIskM9AaHYIQGvJW
JYSFAc80MeZfD7gaizmajOgRlNUr6SfYIsAVYmY3AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUI4I6TulC7xjFURCAueTeFnx7FwUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzAzODJiZDU2LTVlOTMtNGYwOS04YWU5LWQ5MmY3YWE3MjA1OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8UwDANBgkqhkiG9w0BAQsFAAOCAQEAoghU1jAZRrYmvHic7rChr1rB
qU0CiM6oGfaP3gGmkfuxYSgODjA01hpxWrJpGxiD4LonUBKyn/Mxh2AUGQafCWme
6StJDKLsm++jB+Iy9MyeVkdEI5XRLag03UOP5tpdtfydxF7qsRwuQ0sKocxEAxbj
SDmOy8jg9w3L65142vJ0biblGem/Y+hhhI35zZBNFzBtDdkbxW9nttzGUkFSlkxQ
8KG6y3ysaQes8jgqG1IvonIJk2in2jhTB8mAlxtFmpurss+MF8E/bVV33ftxW0EZ
ukRdiPH/JzUmZd95weogELvdmQvLIR27otGqdVyVXto65hKyDJihjlP+0fPrbQ==
-----END CERTIFICATE-----
Generated at Wed Aug 6 13:22:59 2025 by rpki-client