Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4ae8d6eb-5da0-4728-b975-d6182b99d92e.roa
File:                     4ae8d6eb-5da0-4728-b975-d6182b99d92e.roa (raw, json)
Hash identifier:          ibHJG68SyL9DoNTZ35HPzNSLMqcvkE+wo/OHjdj9pMk=
Subject key identifier:   54:A9:36:26:7A:93:09:2D:A1:55:3A:B4:ED:E0:21:A8:52:DB:22:1D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       780713C549BE40B7132AE2DA4821ED253ECE8AB6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4ae8d6eb-5da0-4728-b975-d6182b99d92e.roa
Signing time:             Fri 01 Aug 2025 16:41:16 +0000
ROA not before:           Fri 01 Aug 2025 16:41:16 +0000
ROA not after:            Fri 05 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f61:10c0::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:07:13:c5:49:be:40:b7:13:2a:e2:da:48:21:ed:25:3e:ce:8a:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  1 16:41:16 2025 GMT
            Not After : Sep  5 23:59:59 2025 GMT
        Subject: serialNumber=310ddbcf1d576886c5cb3f2b7f00f0e8e6408c407d596f944e5d988b4039fa3d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:74:76:1e:06:b2:2d:c0:a1:2e:c5:15:37:97:
                    0e:67:7d:47:6a:03:de:fa:a2:cb:f0:7c:60:47:42:
                    35:35:a7:d4:8a:a2:71:d3:02:35:8b:a4:fd:27:13:
                    96:50:88:2b:bb:14:cf:95:cf:75:84:0f:89:f3:76:
                    96:49:4f:96:4c:55:01:71:b2:b3:6e:b7:0a:ee:5b:
                    30:b6:94:3f:67:35:74:e3:14:a7:2e:9e:eb:d6:5a:
                    03:b8:46:28:e2:09:82:c7:da:ba:89:0b:94:ec:8b:
                    db:8b:02:aa:1b:df:cc:ea:ae:46:ae:6c:eb:bb:25:
                    95:66:3e:af:9c:ca:47:7f:14:0f:37:74:06:16:54:
                    0c:8e:66:53:9b:7e:1a:c2:ed:df:30:7e:90:14:53:
                    6c:17:6e:2b:e3:e9:c0:d3:60:2b:4c:39:e0:f1:09:
                    bc:f1:52:61:13:62:f7:d0:9c:6c:c1:13:3b:db:15:
                    0c:ca:85:73:c0:d3:a4:e3:c8:f4:75:96:d2:93:c7:
                    df:7b:a5:c8:a9:9c:39:70:33:ab:8d:9d:32:1a:a4:
                    d9:47:11:68:2f:61:0e:8e:45:79:13:aa:4b:01:28:
                    ef:cf:cf:db:44:4d:c6:84:26:fe:52:af:6a:52:c7:
                    fb:86:03:6f:7f:1e:cd:bd:1c:d4:7f:f8:e2:af:70:
                    0e:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:A9:36:26:7A:93:09:2D:A1:55:3A:B4:ED:E0:21:A8:52:DB:22:1D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4ae8d6eb-5da0-4728-b975-d6182b99d92e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f61:10c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         09:30:d8:a3:49:69:88:1f:1a:f7:f5:1c:ba:fd:ab:0a:37:15:
         ab:20:e2:a1:cc:c4:35:fa:cc:91:49:92:7c:10:ca:88:d4:84:
         ff:8f:7e:94:d0:6f:58:0d:45:c3:5e:b9:71:ad:93:18:15:46:
         8d:42:90:e7:e4:b9:2a:1a:fb:0b:83:9d:c0:a0:fe:bf:1c:2d:
         24:a6:45:0b:94:90:43:2e:b3:32:b6:16:00:e3:99:db:e9:4a:
         1f:4f:f2:19:d5:02:5a:b7:62:c0:88:b0:f7:be:4b:21:5d:37:
         09:d5:cc:25:03:db:1d:18:c2:c7:10:03:bc:88:39:69:7e:ab:
         b8:e3:38:f9:c8:9e:44:4e:7f:cd:df:e6:a3:2b:1b:8b:77:de:
         75:00:c9:6e:6d:e6:0f:42:15:cb:3b:3f:8d:47:ca:51:13:71:
         36:d9:cd:a5:f2:cc:cd:db:6f:3b:48:68:9b:a6:8b:58:6b:ec:
         c2:fc:56:f6:9f:a8:ef:ae:79:29:16:9b:97:bc:5d:2e:7d:ff:
         f4:c1:47:ac:7a:56:1a:b2:71:9c:f3:d4:f4:23:2f:10:19:04:
         66:03:e9:fd:3d:0f:8e:34:f3:a2:af:83:26:db:9e:ed:d1:6f:
         cc:b5:0e:24:43:a4:29:c5:02:6a:35:ec:12:47:37:fb:11:f4:
         d3:11:d1:85
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUeAcTxUm+QLcTKuLaSCHtJT7OirYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODAxMTY0MTE2WhcNMjUwOTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AzMTBkZGJjZjFkNTc2ODg2YzVjYjNmMmI3ZjAwZjBlOGU2
NDA4YzQwN2Q1OTZmOTQ0ZTVkOTg4YjQwMzlmYTNkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjdHYeBrItwKEuxRU3lw5nfUdqA976osvwfGBHQjU1p9SK
onHTAjWLpP0nE5ZQiCu7FM+Vz3WED4nzdpZJT5ZMVQFxsrNutwruWzC2lD9nNXTj
FKcunuvWWgO4RijiCYLH2rqJC5Tsi9uLAqob38zqrkaubOu7JZVmPq+cykd/FA83
dAYWVAyOZlObfhrC7d8wfpAUU2wXbivj6cDTYCtMOeDxCbzxUmETYvfQnGzBEzvb
FQzKhXPA06TjyPR1ltKTx997pcipnDlwM6uNnTIapNlHEWgvYQ6ORXkTqksBKO/P
z9tETcaEJv5Sr2pSx/uGA29/Hs29HNR/+OKvcA5rAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUVKk2JnqTCS2hVTq07eAhqFLbIh0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRhZThkNmViLTVkYTAtNDcyOC1iOTc1LWQ2MTgyYjk5ZDkyZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB9hEMAwDQYJKoZIhvcNAQELBQADggEBAAkw2KNJaYgfGvf1HLr9qwo3
Fasg4qHMxDX6zJFJknwQyojUhP+PfpTQb1gNRcNeuXGtkxgVRo1CkOfkuSoa+wuD
ncCg/r8cLSSmRQuUkEMuszK2FgDjmdvpSh9P8hnVAlq3YsCIsPe+SyFdNwnVzCUD
2x0YwscQA7yIOWl+q7jjOPnInkROf83f5qMrG4t33nUAyW5t5g9CFcs7P41HylET
cTbZzaXyzM3bbztIaJumi1hr7ML8VvafqO+ueSkWm5e8XS59//TBR6x6VhqycZzz
1PQjLxAZBGYD6f09D44086Kvgybbnu3Rb8y1DiRDpCnFAmo17BJHN/sR9NMR0YU=
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:58:24 2025 by rpki-client