Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4efc828a-9663-4121-9eb7-bc79eba4c3f0.roa
File:                     4efc828a-9663-4121-9eb7-bc79eba4c3f0.roa (raw, json)
Hash identifier:          aqhHeMbyrQ8WuprYTdzkxuT8fXKCs2Lpqpxf9ZB8ynU=
Subject key identifier:   AD:83:28:FE:FB:2F:41:D3:47:6E:1D:D5:A4:CA:E9:30:46:A3:41:E2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       72EA58EC0DB90EEED54579E05A923F52C6CA22BE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4efc828a-9663-4121-9eb7-bc79eba4c3f0.roa
Signing time:             Fri 13 Jun 2025 17:32:07 +0000
ROA not before:           Fri 13 Jun 2025 17:32:07 +0000
ROA not after:            Fri 18 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f24:4000::/36 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:ea:58:ec:0d:b9:0e:ee:d5:45:79:e0:5a:92:3f:52:c6:ca:22:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 13 17:32:07 2025 GMT
            Not After : Jul 18 23:59:59 2025 GMT
        Subject: serialNumber=11e5b522b4c008a84bc9a21f95f5a58a0b0a7c7fcead21f966448bf108bd40b4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:75:dd:d5:da:4b:cf:a2:7e:dd:4e:b5:c7:bc:
                    25:14:fa:ca:80:af:6b:62:95:fc:49:cf:d2:f9:c8:
                    bc:d4:75:11:fb:cf:df:e8:df:5f:87:7f:37:82:1a:
                    35:95:ae:15:e6:a7:31:d3:52:a6:f5:c5:de:d6:6c:
                    51:28:7b:b7:a3:ab:1a:3b:ab:86:5d:52:71:57:8f:
                    a1:1c:81:40:c4:7f:af:8f:d3:77:bc:ea:b3:23:19:
                    52:bf:9a:b6:3d:bc:a2:3c:7d:ce:b5:af:11:3f:43:
                    13:13:e5:a6:71:88:df:66:66:4c:0c:43:62:8f:47:
                    cb:6b:4d:ac:b9:b6:12:77:b3:59:b3:60:c2:d5:f4:
                    2f:7c:10:2b:88:d3:44:60:b0:98:d4:d5:e1:6a:7c:
                    51:ab:97:52:f3:d8:8e:0f:af:76:a5:32:52:3b:72:
                    40:0f:94:bf:2d:13:4c:da:69:20:57:e6:4e:96:f8:
                    e5:4b:e7:51:80:8e:54:33:32:58:7c:ce:88:58:4b:
                    d8:cf:75:e8:f6:e2:10:65:e2:36:60:e1:b2:27:74:
                    bd:43:9a:ba:0c:8e:77:2e:56:da:00:dd:25:9d:6c:
                    f7:17:9f:1f:54:9b:b1:95:19:10:c3:18:fd:eb:18:
                    91:a4:42:e0:c4:74:73:27:98:68:e8:17:ae:a2:01:
                    f7:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:83:28:FE:FB:2F:41:D3:47:6E:1D:D5:A4:CA:E9:30:46:A3:41:E2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4efc828a-9663-4121-9eb7-bc79eba4c3f0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f24:4000::/36

    Signature Algorithm: sha256WithRSAEncryption
         a6:85:b5:d4:70:79:1c:56:ca:ac:bf:96:9f:52:84:60:75:58:
         fd:0d:c3:cb:68:d9:93:39:71:43:db:d7:58:d9:9c:26:1c:75:
         2c:de:fc:b7:97:12:c7:2f:3d:1f:2f:e1:c4:dd:c0:68:f3:48:
         3d:32:e7:30:05:03:82:90:de:43:cc:86:77:26:61:24:25:09:
         07:e9:ca:e5:16:a6:11:1b:66:c6:f7:13:f5:c1:0e:81:d7:49:
         d5:96:ef:20:d8:60:ea:90:44:3b:80:85:76:03:db:0f:ed:c6:
         ed:7a:6c:d0:86:8f:67:af:f2:84:ec:44:af:26:4c:a6:89:f4:
         38:86:b7:75:89:92:bf:7a:a6:74:ed:e9:63:99:40:28:b9:55:
         11:85:e2:94:69:5d:79:bf:64:9c:c8:ba:ed:ef:54:0d:89:ed:
         62:e1:dc:cf:55:4e:47:d7:49:90:27:4c:c6:1c:c5:00:86:b7:
         50:d1:cf:8f:b1:25:fe:00:7a:a3:a6:eb:40:2c:3e:fc:2c:be:
         2d:aa:e9:da:0a:89:a6:f2:57:da:7b:24:40:db:2a:5f:c0:19:
         06:9b:5f:c4:23:a9:3e:7d:7b:19:a8:b0:6b:81:24:37:00:84:
         7f:03:c5:cb:91:c7:74:cb:f1:d6:2d:59:7c:68:c2:39:43:5d:
         c9:85:3a:b5
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUcupY7A25Du7VRXngWpI/UsbKIr4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjEzMTczMjA3WhcNMjUwNzE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMWU1YjUyMmI0YzAwOGE4NGJjOWEyMWY5NWY1YTU4YTBi
MGE3YzdmY2VhZDIxZjk2NjQ0OGJmMTA4YmQ0MGI0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDwdd3V2kvPon7dTrXHvCUU+sqAr2tilfxJz9L5yLzUdRH7
z9/o31+HfzeCGjWVrhXmpzHTUqb1xd7WbFEoe7ejqxo7q4ZdUnFXj6EcgUDEf6+P
03e86rMjGVK/mrY9vKI8fc61rxE/QxMT5aZxiN9mZkwMQ2KPR8trTay5thJ3s1mz
YMLV9C98ECuI00RgsJjU1eFqfFGrl1Lz2I4Pr3alMlI7ckAPlL8tE0zaaSBX5k6W
+OVL51GAjlQzMlh8zohYS9jPdej24hBl4jZg4bIndL1DmroMjncuVtoA3SWdbPcX
nx9Um7GVGRDDGP3rGJGkQuDEdHMnmGjoF66iAffBAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUrYMo/vsvQdNHbh3VpMrpMEajQeIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRlZmM4MjhhLTk2NjMtNDEyMS05ZWI3LWJjNzllYmE0YzNmMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8kQDANBgkqhkiG9w0BAQsFAAOCAQEApoW11HB5HFbKrL+Wn1KEYHVY
/Q3Dy2jZkzlxQ9vXWNmcJhx1LN78t5cSxy89Hy/hxN3AaPNIPTLnMAUDgpDeQ8yG
dyZhJCUJB+nK5RamERtmxvcT9cEOgddJ1ZbvINhg6pBEO4CFdgPbD+3G7Xps0IaP
Z6/yhOxEryZMpon0OIa3dYmSv3qmdO3pY5lAKLlVEYXilGldeb9knMi67e9UDYnt
YuHcz1VOR9dJkCdMxhzFAIa3UNHPj7El/gB6o6brQCw+/Cy+Larp2gqJpvJX2nsk
QNsqX8AZBptfxCOpPn17Gaiwa4EkNwCEfwPFy5HHdMvx1i1ZfGjCOUNdyYU6tQ==
-----END CERTIFICATE-----