Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/600d62a4-e5e5-46cd-9b8b-9a7f3ddeac2d.roa
File:                     600d62a4-e5e5-46cd-9b8b-9a7f3ddeac2d.roa (raw, json)
Hash identifier:          2MLnLYdBkRysjbEb6a+ThUWNtMJJgdT3SO4asgQAmPE=
Subject key identifier:   FD:F6:29:58:74:6E:13:6E:BC:C0:FB:1D:DA:67:5F:2F:6F:35:A6:D3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       612222E40FBF63561157E9A3E877F7C51616AB7A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/600d62a4-e5e5-46cd-9b8b-9a7f3ddeac2d.roa
Signing time:             Fri 01 Aug 2025 16:10:29 +0000
ROA not before:           Fri 01 Aug 2025 16:10:29 +0000
ROA not after:            Fri 05 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff2:a440::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:22:22:e4:0f:bf:63:56:11:57:e9:a3:e8:77:f7:c5:16:16:ab:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  1 16:10:29 2025 GMT
            Not After : Sep  5 23:59:59 2025 GMT
        Subject: serialNumber=8e81b4457f2a26ef91cf4c81d201d678f1d0acaac9c3562143ac1e59ed0855c2, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:e5:cc:ce:56:21:22:42:a4:99:90:37:9c:a5:
                    79:9f:e3:0a:ec:bc:98:1e:5d:9d:04:be:61:55:7a:
                    11:c3:fb:a6:57:3a:cb:be:c4:91:0c:49:e5:f5:3b:
                    d9:da:5f:a6:92:e6:66:1f:76:bb:66:b7:aa:17:20:
                    a8:cf:eb:7d:aa:44:71:06:b4:9e:4c:5b:a1:3a:92:
                    5e:a9:59:2f:c3:33:dc:07:eb:d5:af:d9:7f:9f:2a:
                    3f:8d:82:12:66:56:ab:75:cf:77:2d:43:5f:42:80:
                    bf:45:f1:25:8f:eb:54:4c:68:06:75:8a:6a:09:8e:
                    1c:5e:ef:d7:73:1a:e3:b0:66:08:7d:9a:58:19:b6:
                    10:93:09:0b:29:c2:ef:cc:63:69:21:be:76:ea:a8:
                    07:30:25:98:e6:3d:5a:03:8a:71:e6:86:fb:e5:64:
                    51:ad:25:99:70:43:96:d2:e9:24:8e:8d:a4:95:8e:
                    75:90:a5:ea:61:17:33:1a:92:08:04:7c:4b:93:35:
                    55:9d:23:95:0c:dc:f1:db:56:26:94:23:d1:83:98:
                    3c:a6:4b:46:d5:9a:9d:f0:b1:54:08:64:80:e1:98:
                    69:a2:df:27:64:dd:b1:4e:60:57:2b:c4:1e:08:64:
                    43:66:40:90:f6:6e:b4:d2:64:3b:22:d5:3f:e6:d5:
                    b4:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:F6:29:58:74:6E:13:6E:BC:C0:FB:1D:DA:67:5F:2F:6F:35:A6:D3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/600d62a4-e5e5-46cd-9b8b-9a7f3ddeac2d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff2:a440::/48

    Signature Algorithm: sha256WithRSAEncryption
         09:5c:6e:0a:98:02:0a:0d:7d:3b:31:dd:e4:ed:9e:61:b0:a4:
         6f:30:c8:58:0a:4a:7b:e2:e7:e0:56:c1:3b:b7:9f:7b:6c:f7:
         7e:21:9c:35:ae:22:18:88:37:bc:55:c1:90:da:03:a1:02:d9:
         cb:90:4a:a9:6b:6c:04:34:4a:10:d3:4b:21:db:4d:6a:b0:2c:
         95:ce:36:6e:7c:34:01:b2:d2:b7:62:ca:8f:0f:04:18:fc:6d:
         ff:e0:80:4e:9c:b1:5f:78:c0:87:a8:88:92:eb:88:2d:04:66:
         b3:76:05:cd:06:b6:d3:21:91:ee:a0:61:89:30:12:e1:ef:05:
         ab:56:58:70:f1:3e:66:71:f1:e7:64:f2:a1:be:51:98:cc:33:
         8a:57:13:d4:68:48:6f:ca:37:57:87:e0:cc:5e:d4:3d:94:44:
         5c:45:be:f1:44:5a:96:d7:7a:fc:28:90:0b:e4:b1:02:82:b2:
         16:46:3c:23:ae:07:c2:2c:0d:19:92:fa:5e:17:61:9c:9c:50:
         9b:e9:2e:b9:1a:11:63:33:91:43:36:36:2a:ce:86:d1:df:14:
         1e:2f:db:f6:a9:12:82:cd:7e:87:a3:21:9b:8e:6e:bf:09:27:
         5a:05:10:a0:02:bc:4d:be:20:72:e8:39:cf:c4:4b:51:f1:1f:
         65:9c:46:c5
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUYSIi5A+/Y1YRV+mj6Hf3xRYWq3owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODAxMTYxMDI5WhcNMjUwOTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZTgxYjQ0NTdmMmEyNmVmOTFjZjRjODFkMjAxZDY3OGYx
ZDBhY2FhYzljMzU2MjE0M2FjMWU1OWVkMDg1NWMyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC55czOViEiQqSZkDecpXmf4wrsvJgeXZ0EvmFVehHD+6ZX
Osu+xJEMSeX1O9naX6aS5mYfdrtmt6oXIKjP632qRHEGtJ5MW6E6kl6pWS/DM9wH
69Wv2X+fKj+NghJmVqt1z3ctQ19CgL9F8SWP61RMaAZ1imoJjhxe79dzGuOwZgh9
mlgZthCTCQspwu/MY2khvnbqqAcwJZjmPVoDinHmhvvlZFGtJZlwQ5bS6SSOjaSV
jnWQpephFzMakggEfEuTNVWdI5UM3PHbViaUI9GDmDymS0bVmp3wsVQIZIDhmGmi
3ydk3bFOYFcrxB4IZENmQJD2brTSZDsi1T/m1bR/AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU/fYpWHRuE268wPsd2mdfL281ptMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYwMGQ2MmE0LWU1ZTUtNDZjZC05YjhiLTlhN2YzZGRlYWMyZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/ypEAwDQYJKoZIhvcNAQELBQADggEBAAlcbgqYAgoNfTsx3eTtnmGw
pG8wyFgKSnvi5+BWwTu3n3ts934hnDWuIhiIN7xVwZDaA6EC2cuQSqlrbAQ0ShDT
SyHbTWqwLJXONm58NAGy0rdiyo8PBBj8bf/ggE6csV94wIeoiJLriC0EZrN2Bc0G
ttMhke6gYYkwEuHvBatWWHDxPmZx8edk8qG+UZjMM4pXE9RoSG/KN1eH4Mxe1D2U
RFxFvvFEWpbXevwokAvksQKCshZGPCOuB8IsDRmS+l4XYZycUJvpLrkaEWMzkUM2
NirOhtHfFB4v2/apEoLNfoejIZuObr8JJ1oFEKACvE2+IHLoOc/ES1HxH2WcRsU=
-----END CERTIFICATE-----