Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1f1d9458-2428-43f4-8951-9061986bfe05.roa
File:                     1f1d9458-2428-43f4-8951-9061986bfe05.roa (raw, json)
Hash identifier:          MaqVy/NGmgFRR8Gb8Hh2xKcenHiDOkyWwMZ20xl+lW4=
Subject key identifier:   7D:2A:19:6C:4A:8D:D9:24:B5:0F:4F:56:D8:A2:1D:BC:ED:25:81:19
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3BE677DAE2A135978F0FB330B4A71065F97760F7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1f1d9458-2428-43f4-8951-9061986bfe05.roa
Signing time:             Mon 04 Aug 2025 16:21:09 +0000
ROA not before:           Mon 04 Aug 2025 16:21:09 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f15:800::/38 maxlen: 38
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:e6:77:da:e2:a1:35:97:8f:0f:b3:30:b4:a7:10:65:f9:77:60:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  4 16:21:09 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=fb3fb88f3eff90e06b5bd54aac370e923f35e0fc8d550eda36935ffc97cfac51, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:7c:84:ba:77:98:cf:14:19:99:73:74:f9:3b:
                    9a:00:75:42:3b:2e:f9:e5:cf:c9:75:7e:23:b7:d4:
                    49:ec:e4:f8:88:07:02:2f:34:ce:8b:60:b7:25:2b:
                    d7:a0:ee:4d:b7:2b:ca:46:ee:46:a1:f9:b7:07:f7:
                    ae:1d:86:40:93:a0:f5:2c:71:d8:2c:88:14:bb:c7:
                    88:90:9e:14:8e:27:60:57:4f:bd:e6:eb:20:1c:c2:
                    b9:bd:ba:c5:bf:aa:ac:ac:ef:59:6f:ea:13:b0:8c:
                    ff:f5:3f:ea:45:38:81:86:53:3a:e7:3f:dd:2b:32:
                    a5:5f:02:71:c1:5d:58:2c:00:45:7d:cd:c0:af:77:
                    be:61:34:f0:a9:5b:4b:e5:fb:70:08:67:e7:3d:fd:
                    82:65:12:dc:e3:30:a7:99:96:9a:80:a4:37:7b:ef:
                    ab:a6:b8:d0:5c:61:6d:16:0b:3d:c6:c6:91:2c:d2:
                    7e:82:67:72:c3:8a:9a:18:2c:65:cc:a4:d5:49:9c:
                    fc:90:e2:2d:05:b3:71:40:c4:3b:36:7b:97:e1:78:
                    dd:f4:44:26:1b:8e:a5:22:6a:f6:f1:b2:95:2e:c0:
                    d2:74:8d:fc:8e:30:85:65:33:7e:c1:95:1f:62:d8:
                    b2:27:2c:1b:fe:de:0b:44:c1:63:7e:6a:04:c4:13:
                    78:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:2A:19:6C:4A:8D:D9:24:B5:0F:4F:56:D8:A2:1D:BC:ED:25:81:19
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1f1d9458-2428-43f4-8951-9061986bfe05.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f15:800::/38

    Signature Algorithm: sha256WithRSAEncryption
         89:21:d7:bc:15:85:4f:d4:15:f4:b6:05:8d:1b:12:6a:b8:22:
         e9:e2:7d:2c:69:11:69:fc:7d:7b:46:6a:c9:91:f7:b4:70:3e:
         61:08:72:c5:d8:64:a4:ed:d3:5a:76:da:b8:cb:a0:9e:a9:56:
         0f:11:15:da:22:22:98:d8:de:02:69:0a:1f:c8:dd:97:84:55:
         61:ea:3c:28:15:59:51:f2:d9:b8:84:39:4c:7b:64:37:9d:84:
         84:35:ad:86:59:a6:d4:4a:c2:a1:5d:f3:5b:1d:73:43:b1:c4:
         0a:33:68:96:6c:13:ec:a4:44:18:5d:03:b2:6c:55:42:fc:09:
         e2:f3:e2:af:92:12:c7:39:9b:de:46:a6:2a:83:81:70:fc:4d:
         0a:f7:0a:03:fe:ba:62:f2:f5:38:8e:b8:cd:e9:f6:a7:35:29:
         11:21:5d:4b:98:83:75:89:bd:12:8f:bc:ef:30:85:30:10:ca:
         f7:54:6c:cc:a4:22:35:49:2d:6f:5a:38:4d:f4:a2:36:dc:ef:
         9d:48:48:e3:1e:4e:af:a4:3e:ef:fa:55:25:4b:26:94:e8:bc:
         fa:7b:d5:4d:e3:5c:a8:48:2c:6c:ec:22:a6:f4:a3:3b:b0:ce:
         75:77:fd:c5:d2:cc:e5:f7:ba:9f:bf:af:89:82:8d:df:89:1d:
         21:63:e5:5c
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUO+Z32uKhNZePD7MwtKcQZfl3YPcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA0MTYyMTA5WhcNMjUwOTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BmYjNmYjg4ZjNlZmY5MGUwNmI1YmQ1NGFhYzM3MGU5MjNm
MzVlMGZjOGQ1NTBlZGEzNjkzNWZmYzk3Y2ZhYzUxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCffIS6d5jPFBmZc3T5O5oAdUI7Lvnlz8l1fiO31Ens5PiI
BwIvNM6LYLclK9eg7k23K8pG7kah+bcH964dhkCToPUscdgsiBS7x4iQnhSOJ2BX
T73m6yAcwrm9usW/qqys71lv6hOwjP/1P+pFOIGGUzrnP90rMqVfAnHBXVgsAEV9
zcCvd75hNPCpW0vl+3AIZ+c9/YJlEtzjMKeZlpqApDd776umuNBcYW0WCz3GxpEs
0n6CZ3LDipoYLGXMpNVJnPyQ4i0Fs3FAxDs2e5fheN30RCYbjqUiavbxspUuwNJ0
jfyOMIVlM37BlR9i2LInLBv+3gtEwWN+agTEE3iFAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUfSoZbEqN2SS1D09W2KIdvO0lgRkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFmMWQ5NDU4LTI0MjgtNDNmNC04OTUxLTkwNjE5ODZiZmUwNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgImAB8VCDANBgkqhkiG9w0BAQsFAAOCAQEAiSHXvBWFT9QV9LYFjRsSargi
6eJ9LGkRafx9e0ZqyZH3tHA+YQhyxdhkpO3TWnbauMugnqlWDxEV2iIimNjeAmkK
H8jdl4RVYeo8KBVZUfLZuIQ5THtkN52EhDWthlmm1ErCoV3zWx1zQ7HECjNolmwT
7KREGF0DsmxVQvwJ4vPir5ISxzmb3kamKoOBcPxNCvcKA/66YvL1OI64zen2pzUp
ESFdS5iDdYm9Eo+87zCFMBDK91RszKQiNUktb1o4TfSiNtzvnUhI4x5Or6Q+7/pV
JUsmlOi8+nvVTeNcqEgsbOwipvSjO7DOdXf9xdLM5fe6n7+viYKN34kdIWPlXA==
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:59:18 2025 by rpki-client