Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/445ec936-4ab3-46e7-bfa6-2ffd1095678c.roa
File:                     445ec936-4ab3-46e7-bfa6-2ffd1095678c.roa (raw, json)
Hash identifier:          5Vctbrlr5ehlvJ6lD7CTM1TMhlF3J9WmlVHRq0dkk3Q=
Subject key identifier:   84:F4:4E:5E:33:48:05:E4:B5:91:3B:24:C3:76:ED:CE:B3:E3:3F:AB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       370B1BD2BCE85F2CFCE319D7C88003543C775085
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/445ec936-4ab3-46e7-bfa6-2ffd1095678c.roa
Signing time:             Fri 13 Jun 2025 16:21:56 +0000
ROA not before:           Fri 13 Jun 2025 16:21:56 +0000
ROA not after:            Fri 18 Jul 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1fb9:c000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 16 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:0b:1b:d2:bc:e8:5f:2c:fc:e3:19:d7:c8:80:03:54:3c:77:50:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 13 16:21:56 2025 GMT
            Not After : Jul 18 23:59:59 2025 GMT
        Subject: serialNumber=302f923504613b488f03a1deff0d58d623dfb4207b74c01bc4368552a453a3dd, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:21:fc:2b:2d:bf:14:b6:87:07:2a:de:64:63:
                    53:14:6c:d0:24:12:8e:9a:2d:56:cd:14:5b:b7:2e:
                    68:61:1e:c1:7c:65:a2:ac:39:56:1f:29:4d:62:43:
                    c2:7b:3e:97:15:86:98:86:08:a6:3e:dc:1a:28:33:
                    8d:f0:ff:d9:3a:79:85:e6:67:68:ff:e1:1b:cc:f4:
                    d3:f8:6d:dc:1f:2b:d3:c5:41:4b:94:44:d8:0e:9a:
                    cd:09:dc:2e:a7:64:ac:f2:9c:14:99:f3:e9:80:a5:
                    8a:a0:2e:f1:26:a1:1e:de:d0:0d:b8:ef:40:74:85:
                    d8:db:75:86:e1:90:59:74:26:42:d5:e1:07:6c:60:
                    28:74:a7:04:a4:e4:1f:63:8b:a8:7d:9b:e6:1d:38:
                    ee:f9:34:03:36:93:32:b8:2c:ec:3f:67:00:f2:6c:
                    3e:78:8a:fb:bc:ba:bc:c1:7b:b4:a5:5c:34:04:1e:
                    c2:ad:60:58:09:8d:0c:46:fa:dd:ec:30:e1:de:2c:
                    db:ea:c0:4d:be:99:f8:f0:e9:3d:2a:78:e3:4c:f8:
                    a0:f0:62:b9:11:9b:3a:e4:4d:1b:35:78:f9:3c:61:
                    1c:df:9c:35:2c:fe:14:00:3d:6e:c9:f4:35:9f:8f:
                    68:1e:cb:12:9b:df:84:7f:42:db:67:9d:65:2a:85:
                    e9:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:F4:4E:5E:33:48:05:E4:B5:91:3B:24:C3:76:ED:CE:B3:E3:3F:AB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/445ec936-4ab3-46e7-bfa6-2ffd1095678c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fb9:c000::/40

    Signature Algorithm: sha256WithRSAEncryption
         31:d2:38:9e:75:00:aa:d4:03:5d:08:67:b5:ca:1e:9b:a6:ca:
         ed:88:ca:4c:f4:a4:03:93:a0:69:28:99:16:29:97:be:db:43:
         f1:09:24:9a:f4:86:47:2e:68:a5:75:a0:ef:f7:b7:8a:9c:46:
         7b:f8:35:d3:75:2e:db:1e:a4:98:0d:91:57:fb:74:51:f1:3a:
         62:dc:13:29:57:bc:5a:78:53:c6:f9:02:46:a5:a9:1c:90:f0:
         16:08:4f:59:f8:ec:41:89:1a:dd:44:80:a5:b4:1f:81:9a:42:
         2d:39:d8:6b:53:b5:a9:78:87:b3:67:4f:de:59:ea:1e:9e:17:
         1f:e6:b8:49:f4:92:a2:c2:5f:e0:ae:38:df:a7:40:a9:c3:74:
         0e:f8:2f:5b:e5:fa:d5:79:8e:b9:6b:c2:f9:9b:8b:7f:cd:a1:
         28:c4:e3:5d:3e:41:4e:c8:13:eb:98:7c:e9:6b:f3:1e:5e:ab:
         05:c0:57:9a:2c:58:b7:51:90:dc:9d:6c:47:f1:98:af:80:f8:
         37:ff:95:5b:8c:45:b7:4d:8c:56:b9:a8:6c:30:23:cb:6a:e2:
         d5:cf:21:9e:b8:99:7a:2b:23:aa:41:db:35:11:66:36:29:34:
         7f:15:81:f4:a2:e2:a9:d2:a4:5a:b1:4a:12:e4:8d:8a:71:e9:
         83:ad:f8:06
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUNwsb0rzoXyz84xnXyIADVDx3UIUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjEzMTYyMTU2WhcNMjUwNzE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzMDJmOTIzNTA0NjEzYjQ4OGYwM2ExZGVmZjBkNThkNjIz
ZGZiNDIwN2I3NGMwMWJjNDM2ODU1MmE0NTNhM2RkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdIfwrLb8UtocHKt5kY1MUbNAkEo6aLVbNFFu3LmhhHsF8
ZaKsOVYfKU1iQ8J7PpcVhpiGCKY+3BooM43w/9k6eYXmZ2j/4RvM9NP4bdwfK9PF
QUuURNgOms0J3C6nZKzynBSZ8+mApYqgLvEmoR7e0A2470B0hdjbdYbhkFl0JkLV
4QdsYCh0pwSk5B9ji6h9m+YdOO75NAM2kzK4LOw/ZwDybD54ivu8urzBe7SlXDQE
HsKtYFgJjQxG+t3sMOHeLNvqwE2+mfjw6T0qeONM+KDwYrkRmzrkTRs1ePk8YRzf
nDUs/hQAPW7J9DWfj2geyxKb34R/QttnnWUqhekpAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUhPROXjNIBeS1kTskw3btzrPjP6swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ0NWVjOTM2LTRhYjMtNDZlNy1iZmE2LTJmZmQxMDk1Njc4Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB+5wDANBgkqhkiG9w0BAQsFAAOCAQEAMdI4nnUAqtQDXQhntcoem6bK
7YjKTPSkA5OgaSiZFimXvttD8QkkmvSGRy5opXWg7/e3ipxGe/g103Uu2x6kmA2R
V/t0UfE6YtwTKVe8WnhTxvkCRqWpHJDwFghPWfjsQYka3USApbQfgZpCLTnYa1O1
qXiHs2dP3lnqHp4XH+a4SfSSosJf4K4436dAqcN0DvgvW+X61XmOuWvC+ZuLf82h
KMTjXT5BTsgT65h86WvzHl6rBcBXmixYt1GQ3J1sR/GYr4D4N/+VW4xFt02MVrmo
bDAjy2ri1c8hnriZeisjqkHbNRFmNik0fxWB9KLiqdKkWrFKEuSNinHpg634Bg==
-----END CERTIFICATE-----
Generated at Sun Jun 15 01:10:56 2025 by rpki-client