Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3b39f42e-3903-4926-ae1f-f90681592c51.roa
File:                     3b39f42e-3903-4926-ae1f-f90681592c51.roa (raw, json)
Hash identifier:          czpPRGjo91WALA5QI8B3gISkqoYi75U6VCEO2MbyTSs=
Subject key identifier:   ED:C0:DD:E8:95:EF:60:E0:75:D4:A4:BD:72:36:4B:A1:0F:E7:77:6D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5C3682D3E43C551F234B079E7CC0B1C889BA6F29
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3b39f42e-3903-4926-ae1f-f90681592c51.roa
Signing time:             Mon 04 Aug 2025 15:32:19 +0000
ROA not before:           Mon 04 Aug 2025 15:32:19 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f61:7440::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:36:82:d3:e4:3c:55:1f:23:4b:07:9e:7c:c0:b1:c8:89:ba:6f:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  4 15:32:19 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=d06d258f54079e24d5333912436defd31dc8af7a1d23cb433b30dbf9385cfc89, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:86:30:24:3e:48:03:32:78:05:77:8c:86:a8:
                    47:d0:ac:ce:df:a7:0e:17:f1:12:23:55:8d:37:a2:
                    2d:6b:5f:4f:9e:28:e4:e3:a0:dd:f9:25:ab:2a:72:
                    ab:fc:da:b0:7d:9b:f2:d2:00:e1:17:f7:28:c5:8a:
                    4a:8b:ee:91:47:a5:3f:85:f8:e2:db:54:fa:35:ed:
                    11:83:f8:69:ad:d9:d1:2d:ff:7a:2a:a6:96:21:bd:
                    da:2e:ae:cc:56:16:e2:df:47:1d:23:69:d2:ec:43:
                    bf:6f:e2:4e:e9:c0:0a:e5:a7:92:b3:02:72:0c:45:
                    35:33:89:dc:31:db:ba:66:c1:a1:b3:99:23:1c:61:
                    c6:f5:48:9a:5c:88:fc:99:f9:29:e7:94:26:76:0f:
                    b2:6c:c5:d3:46:f4:a0:d6:ff:b8:0c:a7:a8:2d:f7:
                    46:ea:ae:4b:38:6f:13:d3:ed:62:c7:be:e0:3d:30:
                    49:bc:2e:97:61:1e:e4:fc:d5:d0:c9:2f:f1:3b:d9:
                    2f:cc:e1:1b:25:66:85:79:f7:a7:36:89:78:da:d4:
                    27:5c:1e:f9:8e:8c:cf:b4:fa:99:d4:45:a2:87:d3:
                    6f:26:0e:31:6f:81:f6:f7:cc:da:3d:95:89:f2:03:
                    31:07:b8:77:7e:3a:98:ed:25:8d:ca:f6:02:cc:94:
                    e0:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:C0:DD:E8:95:EF:60:E0:75:D4:A4:BD:72:36:4B:A1:0F:E7:77:6D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3b39f42e-3903-4926-ae1f-f90681592c51.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f61:7440::/48

    Signature Algorithm: sha256WithRSAEncryption
         b3:cf:8b:04:5d:db:ad:cd:6b:1f:ee:70:dc:73:83:b9:b7:63:
         9b:14:d7:1e:d1:2a:a1:17:f2:91:12:79:61:2d:21:3a:28:17:
         19:59:21:e4:d7:2b:7e:ac:14:cd:89:d4:0e:b5:bb:d7:a3:ae:
         53:6f:67:fe:e0:13:c3:90:0b:46:06:ca:5a:6d:87:eb:aa:98:
         98:54:99:bd:20:20:99:53:e6:f1:f2:a5:34:12:e2:5b:15:ce:
         9b:a8:2d:03:6b:a5:92:e2:cb:91:d9:59:a7:70:4c:19:43:8f:
         2c:92:50:c0:f8:46:b1:b7:31:67:93:df:b7:19:0c:89:de:9d:
         42:ad:f1:f2:ff:71:4b:36:bd:a2:50:82:f8:fe:b1:40:63:ee:
         4f:51:21:ea:c7:6a:73:e0:0b:fc:fa:7d:0b:f0:50:b3:c4:62:
         17:1e:3b:1a:e8:c2:f3:8f:1b:05:20:b6:83:8c:71:c8:72:1b:
         6f:6c:51:6a:94:83:91:c3:29:db:37:d7:61:be:2c:a6:20:89:
         10:80:48:c2:be:b3:bd:24:8a:b7:ba:d9:94:a1:75:c5:f3:70:
         a7:a2:6f:5f:a8:de:b6:cd:5b:27:84:d9:1b:de:ff:a2:44:be:
         d9:ca:b4:46:0f:b8:b6:29:34:d2:72:7d:32:38:48:57:ef:17:
         01:1c:06:10
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUXDaC0+Q8VR8jSweefMCxyIm6bykwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA0MTUzMjE5WhcNMjUwOTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BkMDZkMjU4ZjU0MDc5ZTI0ZDUzMzM5MTI0MzZkZWZkMzFk
YzhhZjdhMWQyM2NiNDMzYjMwZGJmOTM4NWNmYzg5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCchjAkPkgDMngFd4yGqEfQrM7fpw4X8RIjVY03oi1rX0+e
KOTjoN35Jasqcqv82rB9m/LSAOEX9yjFikqL7pFHpT+F+OLbVPo17RGD+Gmt2dEt
/3oqppYhvdoursxWFuLfRx0jadLsQ79v4k7pwArlp5KzAnIMRTUzidwx27pmwaGz
mSMcYcb1SJpciPyZ+SnnlCZ2D7JsxdNG9KDW/7gMp6gt90bqrks4bxPT7WLHvuA9
MEm8LpdhHuT81dDJL/E72S/M4RslZoV596c2iXja1CdcHvmOjM+0+pnURaKH028m
DjFvgfb3zNo9lYnyAzEHuHd+OpjtJY3K9gLMlODRAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU7cDd6JXvYOB11KS9cjZLoQ/nd20wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNiMzlmNDJlLTM5MDMtNDkyNi1hZTFmLWY5MDY4MTU5MmM1MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB9hdEAwDQYJKoZIhvcNAQELBQADggEBALPPiwRd263Nax/ucNxzg7m3
Y5sU1x7RKqEX8pESeWEtITooFxlZIeTXK36sFM2J1A61u9ejrlNvZ/7gE8OQC0YG
ylpth+uqmJhUmb0gIJlT5vHypTQS4lsVzpuoLQNrpZLiy5HZWadwTBlDjyySUMD4
RrG3MWeT37cZDInenUKt8fL/cUs2vaJQgvj+sUBj7k9RIerHanPgC/z6fQvwULPE
YhceOxrowvOPGwUgtoOMcchyG29sUWqUg5HDKds312G+LKYgiRCASMK+s70kire6
2ZShdcXzcKeib1+o3rbNWyeE2Rve/6JEvtnKtEYPuLYpNNJyfTI4SFfvFwEcBhA=
-----END CERTIFICATE-----
Generated at Wed Aug 6 14:08:30 2025 by rpki-client