Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2a06ef9a-306c-48a7-a898-08249a2104fa.roa
File:                     2a06ef9a-306c-48a7-a898-08249a2104fa.roa (raw, json)
Hash identifier:          8biPVk97urfHndNmPOp5kc2VS2KqN5m6RE1z5rxZqLc=
Subject key identifier:   CE:54:77:1A:A8:09:BB:2C:F1:5F:9C:13:5C:91:98:45:A7:A5:AF:0F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       307D189C06B2E55800E33137A421BDA8AEB2EE10
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2a06ef9a-306c-48a7-a898-08249a2104fa.roa
Signing time:             Wed 06 Aug 2025 00:21:44 +0000
ROA not before:           Wed 06 Aug 2025 00:21:44 +0000
ROA not after:            Wed 10 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f60:2000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:7d:18:9c:06:b2:e5:58:00:e3:31:37:a4:21:bd:a8:ae:b2:ee:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  6 00:21:44 2025 GMT
            Not After : Sep 10 23:59:59 2025 GMT
        Subject: serialNumber=da937255bdbfc064f422457840b3293609c0aef9220ae3da6305ee5cd186d650, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:90:f9:d5:ac:85:a2:a9:7a:c1:23:af:cb:61:
                    de:94:5d:82:66:cf:6a:f4:3c:a2:7c:6e:f3:12:dd:
                    91:43:68:b4:f4:9e:e0:e2:28:2c:b5:9d:63:bd:8c:
                    e6:52:5a:56:a4:9d:b5:6b:85:0d:13:93:7f:71:9f:
                    a3:0a:98:90:ea:d5:38:07:b3:ca:b9:88:1f:cd:2c:
                    a8:ca:c9:4e:45:65:30:26:e7:6a:0a:29:b4:ed:25:
                    75:ec:0f:c2:92:0f:21:3a:50:9d:9e:1b:30:b9:cd:
                    04:d6:9b:69:f8:99:e2:53:72:09:ad:17:a1:e8:1c:
                    c2:68:b5:fc:94:cf:c8:a6:0d:3e:08:8a:03:3a:1c:
                    05:0d:fc:cd:7d:09:dd:09:f4:8b:ac:96:0c:7f:5c:
                    e9:2a:aa:0d:87:6f:47:1f:8a:0a:4c:d6:d6:af:04:
                    0d:c6:96:90:b4:e0:63:04:7b:f1:15:fd:11:a4:f5:
                    34:15:85:b2:91:56:5b:aa:8c:7a:af:35:c2:4d:58:
                    86:c5:e4:81:8b:c4:f3:59:1f:42:b1:fd:d6:c2:6a:
                    36:76:9f:95:09:bf:9d:c7:84:8b:1d:bc:a6:80:40:
                    ac:41:40:98:ea:a9:ca:82:3a:f1:27:0b:c1:3c:d8:
                    aa:a9:e8:51:2b:a6:f6:be:fa:a0:2b:74:dc:f5:02:
                    43:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:54:77:1A:A8:09:BB:2C:F1:5F:9C:13:5C:91:98:45:A7:A5:AF:0F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2a06ef9a-306c-48a7-a898-08249a2104fa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f60:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         8e:7b:c2:43:96:2e:a3:68:7c:b1:c2:82:e9:75:11:23:03:69:
         a9:c9:e8:d3:bb:53:7f:3f:db:6c:90:85:8e:21:ef:f3:63:e6:
         77:e9:2c:1c:39:ec:bd:73:ab:bc:da:8d:79:05:ff:03:71:b9:
         4a:01:bf:99:f0:20:a7:6e:63:10:99:18:2d:bb:6f:c1:37:08:
         ab:14:59:64:71:79:b8:54:28:ac:94:c1:3e:5d:d3:d0:e0:15:
         63:10:6b:ba:10:af:3e:e4:e7:e5:3e:ba:6e:cd:5d:12:fe:0a:
         33:99:4a:e6:a9:72:86:13:70:4d:85:f3:6b:6d:07:78:1b:1b:
         ce:11:56:0a:27:8b:80:d0:03:2b:40:cd:e3:5c:4a:30:da:23:
         36:e0:a4:e6:09:c9:4b:72:be:aa:e0:50:98:47:30:e6:f9:bf:
         0d:7f:6f:af:47:48:e7:7c:66:66:72:fd:a0:d0:2c:44:7f:4e:
         e2:f3:42:c7:ec:22:73:a8:9f:0f:05:3f:27:55:1f:07:c3:03:
         86:6a:81:04:70:6b:10:2e:eb:d6:88:32:b5:42:9b:71:e5:96:
         8f:81:7b:27:bb:3b:11:b7:3a:a9:15:b6:91:b9:27:ce:4c:de:
         64:98:8e:02:21:e4:a1:8e:be:c7:27:85:5d:06:3d:70:63:88:
         9c:d8:91:a6
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUMH0YnAay5VgA4zE3pCG9qK6y7hAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA2MDAyMTQ0WhcNMjUwOTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkYTkzNzI1NWJkYmZjMDY0ZjQyMjQ1Nzg0MGIzMjkzNjA5
YzBhZWY5MjIwYWUzZGE2MzA1ZWU1Y2QxODZkNjUwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrkPnVrIWiqXrBI6/LYd6UXYJmz2r0PKJ8bvMS3ZFDaLT0
nuDiKCy1nWO9jOZSWlaknbVrhQ0Tk39xn6MKmJDq1TgHs8q5iB/NLKjKyU5FZTAm
52oKKbTtJXXsD8KSDyE6UJ2eGzC5zQTWm2n4meJTcgmtF6HoHMJotfyUz8imDT4I
igM6HAUN/M19Cd0J9Iuslgx/XOkqqg2Hb0cfigpM1tavBA3GlpC04GMEe/EV/RGk
9TQVhbKRVluqjHqvNcJNWIbF5IGLxPNZH0Kx/dbCajZ2n5UJv53HhIsdvKaAQKxB
QJjqqcqCOvEnC8E82Kqp6FErpva++qArdNz1AkMJAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUzlR3GqgJuyzxX5wTXJGYRaelrw8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJhMDZlZjlhLTMwNmMtNDhhNy1hODk4LTA4MjQ5YTIxMDRmYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9gIDANBgkqhkiG9w0BAQsFAAOCAQEAjnvCQ5Yuo2h8scKC6XURIwNp
qcno07tTfz/bbJCFjiHv82Pmd+ksHDnsvXOrvNqNeQX/A3G5SgG/mfAgp25jEJkY
LbtvwTcIqxRZZHF5uFQorJTBPl3T0OAVYxBruhCvPuTn5T66bs1dEv4KM5lK5qly
hhNwTYXza20HeBsbzhFWCieLgNADK0DN41xKMNojNuCk5gnJS3K+quBQmEcw5vm/
DX9vr0dI53xmZnL9oNAsRH9O4vNCx+wic6ifDwU/J1UfB8MDhmqBBHBrEC7r1ogy
tUKbceWWj4F7J7s7Ebc6qRW2kbknzkzeZJiOAiHkoY6+xyeFXQY9cGOInNiRpg==
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:57:33 2025 by rpki-client