Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/338fdc47-3615-4058-8892-7f965b8f45a4.roa
File:                     338fdc47-3615-4058-8892-7f965b8f45a4.roa (raw, json)
Hash identifier:          6KuMNxM3h6OfDB7/7bwokPi79lu5RpptLLrnsK5nrkY=
Subject key identifier:   45:42:35:66:66:45:B8:EA:1F:DB:1E:45:44:F0:A7:BC:EC:E1:FC:6E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       47C114FAC1913E026F09281BFE52E1739CA91CA7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/338fdc47-3615-4058-8892-7f965b8f45a4.roa
Signing time:             Tue 22 Apr 2025 16:30:22 +0000
ROA not before:           Tue 22 Apr 2025 16:30:22 +0000
ROA not after:            Tue 27 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f70:c000::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:c1:14:fa:c1:91:3e:02:6f:09:28:1b:fe:52:e1:73:9c:a9:1c:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 22 16:30:22 2025 GMT
            Not After : May 27 23:59:59 2025 GMT
        Subject: serialNumber=bb3a3bbcc977b00a670320d644b6842e5a9cd734f8e8e477989564b22f05243e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:e0:94:e0:1d:27:b3:f4:b4:e5:23:d5:15:1e:
                    cf:17:95:27:d1:30:2f:3e:b7:e2:c1:93:72:5c:2d:
                    05:0d:7e:62:a5:da:20:6c:8e:3d:13:7c:e1:d4:18:
                    91:9e:7b:14:41:28:68:2e:d5:f5:cd:a3:3e:e9:a1:
                    17:2d:52:7c:70:d0:dc:97:71:82:54:be:c2:b9:b7:
                    3a:43:df:fd:86:8e:f2:18:f1:ed:42:b4:d9:55:7c:
                    eb:cc:41:73:2d:2c:f6:03:62:16:27:1a:24:07:4e:
                    ed:bf:92:49:4f:2b:7f:38:ad:45:8e:25:7b:73:f5:
                    15:b1:49:ce:5a:97:7a:0c:fc:2e:ec:3f:93:15:b0:
                    7a:eb:a7:03:6b:f9:e0:02:b9:97:5e:c5:30:17:c0:
                    c2:b9:f3:b6:13:03:fb:97:b4:8e:82:cb:b0:77:56:
                    7a:9c:87:34:c2:26:b1:ae:28:2e:9f:26:cd:eb:48:
                    d2:2d:2d:61:ff:f1:14:d6:92:22:9c:7f:2e:e3:f2:
                    67:fa:2c:31:f2:09:7d:a8:26:51:c7:91:f0:29:49:
                    e4:f5:22:8e:ac:76:56:1d:f3:84:83:d6:47:67:ef:
                    fc:8c:13:f2:5e:7d:9b:a3:60:d5:d1:06:1a:08:5a:
                    d9:d9:d6:d1:5e:dd:e6:52:47:f0:fe:ef:fa:a7:d8:
                    07:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:42:35:66:66:45:B8:EA:1F:DB:1E:45:44:F0:A7:BC:EC:E1:FC:6E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/338fdc47-3615-4058-8892-7f965b8f45a4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f70:c000::/40

    Signature Algorithm: sha256WithRSAEncryption
         15:a0:12:a7:0c:b3:1a:fe:9f:45:a2:c4:90:7d:44:75:76:b0:
         d6:ce:3e:b7:73:77:d5:40:5e:41:b8:c9:6c:db:35:c6:f9:09:
         80:88:d7:49:bf:61:11:26:01:f4:ba:2a:f7:e3:ae:69:7c:52:
         af:a9:f2:53:f4:51:16:4d:58:78:9c:28:6d:40:01:84:e0:23:
         f1:a1:09:05:4d:21:18:d3:86:fa:68:de:af:53:e5:50:9a:65:
         08:94:76:03:3e:2f:9a:01:bd:36:13:c1:0f:68:e6:67:bf:7b:
         f7:51:64:ea:92:45:92:36:19:5e:2f:6a:a7:19:14:3d:08:23:
         da:41:d5:35:cf:90:f3:f8:70:ec:a7:06:45:f7:87:33:91:f5:
         04:80:5a:ac:89:cc:d7:9e:b7:ee:5d:ef:85:33:1f:ff:ff:13:
         5b:84:08:e2:f5:84:1d:cf:7f:5c:82:d5:10:1b:1b:35:32:9c:
         94:d6:34:d7:fe:95:ab:41:81:da:5c:14:2a:f1:36:43:40:18:
         f6:5d:ee:5c:d2:31:28:4f:4a:98:f1:bc:dc:6c:8c:a1:bb:4a:
         1e:49:f7:32:5d:ec:4a:2b:11:16:59:e9:c6:b5:c7:65:09:ec:
         c5:78:42:62:b2:56:aa:d3:85:6f:21:ce:c3:9a:ce:30:0a:52:
         43:34:6b:22
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUR8EU+sGRPgJvCSgb/lLhc5ypHKcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDIyMTYzMDIyWhcNMjUwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BiYjNhM2JiY2M5NzdiMDBhNjcwMzIwZDY0NGI2ODQyZTVh
OWNkNzM0ZjhlOGU0Nzc5ODk1NjRiMjJmMDUyNDNlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCy4JTgHSez9LTlI9UVHs8XlSfRMC8+t+LBk3JcLQUNfmKl
2iBsjj0TfOHUGJGeexRBKGgu1fXNoz7poRctUnxw0NyXcYJUvsK5tzpD3/2GjvIY
8e1CtNlVfOvMQXMtLPYDYhYnGiQHTu2/kklPK384rUWOJXtz9RWxSc5al3oM/C7s
P5MVsHrrpwNr+eACuZdexTAXwMK587YTA/uXtI6Cy7B3VnqchzTCJrGuKC6fJs3r
SNItLWH/8RTWkiKcfy7j8mf6LDHyCX2oJlHHkfApSeT1Io6sdlYd84SD1kdn7/yM
E/JefZujYNXRBhoIWtnZ1tFe3eZSR/D+7/qn2AcPAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQURUI1ZmZFuOof2x5FRPCnvOzh/G4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMzOGZkYzQ3LTM2MTUtNDA1OC04ODkyLTdmOTY1YjhmNDVhNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9wwDANBgkqhkiG9w0BAQsFAAOCAQEAFaASpwyzGv6fRaLEkH1EdXaw
1s4+t3N31UBeQbjJbNs1xvkJgIjXSb9hESYB9Loq9+OuaXxSr6nyU/RRFk1YeJwo
bUABhOAj8aEJBU0hGNOG+mjer1PlUJplCJR2Az4vmgG9NhPBD2jmZ79791Fk6pJF
kjYZXi9qpxkUPQgj2kHVNc+Q8/hw7KcGRfeHM5H1BIBarInM15637l3vhTMf//8T
W4QI4vWEHc9/XILVEBsbNTKclNY01/6Vq0GB2lwUKvE2Q0AY9l3uXNIxKE9KmPG8
3GyMobtKHkn3Ml3sSisRFlnpxrXHZQnsxXhCYrJWqtOFbyHOw5rOMApSQzRrIg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:40:22 2025 by rpki-client