Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/30b2f28c-86cf-492f-8dfc-8cacff8f8955.roa
File:                     30b2f28c-86cf-492f-8dfc-8cacff8f8955.roa (raw, json)
Hash identifier:          rzDxEKZCV7ovtzcVQiFYXBwFLI7lkXonexeHjgOHgLA=
Subject key identifier:   10:35:A3:16:B1:E3:C9:E9:D6:D6:B3:F7:63:79:56:B0:81:1C:40:7C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2AD4F2B49CA0AAA107CA947F0BE3DABA87F5D3DD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/30b2f28c-86cf-492f-8dfc-8cacff8f8955.roa
Signing time:             Wed 30 Jul 2025 19:09:40 +0000
ROA not before:           Wed 30 Jul 2025 19:09:40 +0000
ROA not after:            Wed 03 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ffb:6000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:d4:f2:b4:9c:a0:aa:a1:07:ca:94:7f:0b:e3:da:ba:87:f5:d3:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 30 19:09:40 2025 GMT
            Not After : Sep  3 23:59:59 2025 GMT
        Subject: serialNumber=b19864a9cd18b92dd80f5a454d363f8154c90591d8849113e1f2f1a7e39a52ab, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:18:12:07:04:fa:16:f2:11:47:15:4b:f6:41:
                    2f:48:f1:f8:f7:99:11:7e:0f:59:c1:f0:99:b4:6c:
                    81:ff:7c:19:d9:7b:80:43:e3:52:85:f6:51:ea:d4:
                    0a:f3:d7:73:70:86:c5:0b:69:65:91:e7:18:0d:d9:
                    d3:aa:35:be:a7:d7:7d:08:bc:9e:5c:5a:3a:43:6f:
                    37:74:c9:6c:ea:f5:a6:66:29:ba:58:6d:67:00:3b:
                    c2:9e:ea:18:5c:8b:af:db:88:70:45:aa:04:fe:8e:
                    5f:ca:ec:b0:8a:8e:c3:e6:94:fe:c8:68:5f:34:14:
                    f5:13:cb:77:c9:02:44:5d:24:9b:2c:d0:f8:16:c4:
                    a2:47:b9:67:f6:49:b7:57:92:67:9e:aa:07:38:6d:
                    bb:68:62:f7:9a:3b:00:e5:d1:35:93:a0:bf:63:c3:
                    44:e3:72:d9:da:71:2e:bc:3d:10:ab:12:a5:03:61:
                    bd:f1:89:ee:f6:29:1b:1f:fd:81:f9:c4:ac:81:8b:
                    d1:bf:04:01:cc:ca:56:d6:a6:b1:8c:a7:b1:f9:0e:
                    30:58:ea:74:31:5d:7c:30:d4:0e:08:34:d3:75:ed:
                    12:28:6c:0c:bc:d2:1e:17:00:63:77:9e:0f:5e:ff:
                    45:16:db:3e:88:a6:66:5e:95:ca:3b:06:c2:cd:0c:
                    02:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:35:A3:16:B1:E3:C9:E9:D6:D6:B3:F7:63:79:56:B0:81:1C:40:7C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/30b2f28c-86cf-492f-8dfc-8cacff8f8955.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffb:6000::/40

    Signature Algorithm: sha256WithRSAEncryption
         ae:bd:25:07:ce:0c:2c:2e:42:be:64:a8:79:61:5a:37:61:e6:
         27:90:3e:40:ae:54:64:80:26:28:cb:4a:54:b8:08:c5:80:0f:
         a1:26:9b:5c:b8:42:0b:f7:23:5f:ec:79:28:bc:7a:34:e9:23:
         52:fe:46:c7:5f:73:6a:eb:49:14:71:d6:75:d2:be:9a:49:b6:
         28:cf:f9:7e:e7:63:81:99:16:de:0c:88:2f:14:4a:f5:32:b1:
         e8:8e:f7:9d:25:72:29:e6:eb:f2:58:a0:7b:ed:61:5b:7e:c5:
         04:fa:e1:da:d7:09:07:5f:3a:74:72:9e:0b:61:ea:96:f9:e4:
         ad:22:a2:ab:51:d5:e3:a0:55:38:1f:b7:6e:47:8c:d4:0b:ca:
         77:f7:28:ad:76:ec:aa:10:a7:7d:54:b3:e5:22:ae:9b:91:02:
         5b:f8:59:19:46:7a:f5:04:c3:b7:b0:82:6c:0f:8b:fa:1b:f0:
         8f:ad:fe:14:11:0a:1c:97:63:b6:67:fa:59:ab:79:5a:91:df:
         28:30:0f:5f:96:fb:4c:32:a9:1e:3f:d7:9e:73:e5:65:85:57:
         f0:e8:56:fd:6a:7d:e7:fc:1d:3a:60:73:3c:9a:fb:61:e6:42:
         1d:63:b9:4e:b3:99:53:0f:3a:37:0c:61:6c:6b:48:98:53:fa:
         f0:9e:16:79
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUKtTytJygqqEHypR/C+Pauof1090wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzMwMTkwOTQwWhcNMjUwOTAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BiMTk4NjRhOWNkMThiOTJkZDgwZjVhNDU0ZDM2M2Y4MTU0
YzkwNTkxZDg4NDkxMTNlMWYyZjFhN2UzOWE1MmFiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5GBIHBPoW8hFHFUv2QS9I8fj3mRF+D1nB8Jm0bIH/fBnZ
e4BD41KF9lHq1Arz13NwhsULaWWR5xgN2dOqNb6n130IvJ5cWjpDbzd0yWzq9aZm
KbpYbWcAO8Ke6hhci6/biHBFqgT+jl/K7LCKjsPmlP7IaF80FPUTy3fJAkRdJJss
0PgWxKJHuWf2SbdXkmeeqgc4bbtoYveaOwDl0TWToL9jw0TjctnacS68PRCrEqUD
Yb3xie72KRsf/YH5xKyBi9G/BAHMylbWprGMp7H5DjBY6nQxXXww1A4INNN17RIo
bAy80h4XAGN3ng9e/0UW2z6IpmZelco7BsLNDAIBAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUEDWjFrHjyenW1rP3Y3lWsIEcQHwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMwYjJmMjhjLTg2Y2YtNDkyZi04ZGZjLThjYWNmZjhmODk1NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/7YDANBgkqhkiG9w0BAQsFAAOCAQEArr0lB84MLC5CvmSoeWFaN2Hm
J5A+QK5UZIAmKMtKVLgIxYAPoSabXLhCC/cjX+x5KLx6NOkjUv5Gx19zautJFHHW
ddK+mkm2KM/5fudjgZkW3gyILxRK9TKx6I73nSVyKebr8lige+1hW37FBPrh2tcJ
B186dHKeC2HqlvnkrSKiq1HV46BVOB+3bkeM1AvKd/corXbsqhCnfVSz5SKum5EC
W/hZGUZ69QTDt7CCbA+L+hvwj63+FBEKHJdjtmf6Wat5WpHfKDAPX5b7TDKpHj/X
nnPlZYVX8OhW/Wp95/wdOmBzPJr7YeZCHWO5TrOZUw86NwxhbGtImFP68J4WeQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:10:28 2025 by rpki-client