Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6053747c-2d18-4318-b6f0-8cc795ce2a12.roa
File:                     6053747c-2d18-4318-b6f0-8cc795ce2a12.roa (raw, json)
Hash identifier:          NMyMxnXQ+k/PMZp+Bmo5McPDO8yidLl6kefzMBd/fZo=
Subject key identifier:   D1:63:75:2A:57:15:A3:80:82:E4:1C:00:5F:C0:F3:B0:22:8D:66:2B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1DC4A68161458617207201E92A59AFCA3EAD63B9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6053747c-2d18-4318-b6f0-8cc795ce2a12.roa
Signing time:             Fri 13 Jun 2025 16:41:56 +0000
ROA not before:           Fri 13 Jun 2025 16:41:56 +0000
ROA not after:            Fri 18 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fb8:8000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 16 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:c4:a6:81:61:45:86:17:20:72:01:e9:2a:59:af:ca:3e:ad:63:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 13 16:41:56 2025 GMT
            Not After : Jul 18 23:59:59 2025 GMT
        Subject: serialNumber=c4d94db31392cdd4c454ac9edd380c35ff7e77e71cbd6b77f43a8fa18584c21f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:89:84:3f:44:be:70:a5:0d:1a:b5:45:f5:5e:
                    5f:10:66:c5:5b:76:04:64:16:fe:cf:55:d1:86:74:
                    d9:8c:80:b6:f8:96:8d:1b:6b:5e:94:ab:77:a3:06:
                    20:10:2d:f6:9b:82:9e:47:2d:f0:b3:a4:1f:d8:c6:
                    e8:f0:e4:d6:35:ec:c2:5a:a5:17:cc:88:76:64:17:
                    0f:bf:70:d2:a8:ff:08:10:ad:69:7e:80:41:75:a0:
                    c0:6c:74:7c:30:98:ce:36:af:70:47:fb:82:86:71:
                    b5:6c:c2:df:65:64:19:42:18:17:93:d3:a2:70:3d:
                    f0:d9:b6:f4:9f:98:1b:6d:9e:d2:a8:48:c3:b7:73:
                    d7:59:59:35:5d:79:87:fc:c5:3d:e7:e9:0c:aa:bd:
                    63:3c:0a:27:a6:13:27:25:03:0d:bd:ef:73:ec:95:
                    ef:28:c5:76:b6:06:f6:50:01:72:56:38:44:85:26:
                    2a:3c:52:02:54:5a:ee:e0:d0:36:0b:21:77:0b:b0:
                    c4:ad:b5:61:65:3f:91:bb:09:7b:73:a6:4c:ec:96:
                    fd:c1:2e:4a:78:ec:3f:f6:f7:b5:5a:d5:82:eb:21:
                    d2:55:08:d9:86:fe:75:b2:3e:3c:07:92:1b:fa:4d:
                    b6:1a:84:e2:bc:32:a2:68:0d:f5:49:3d:c8:ec:49:
                    36:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:63:75:2A:57:15:A3:80:82:E4:1C:00:5F:C0:F3:B0:22:8D:66:2B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6053747c-2d18-4318-b6f0-8cc795ce2a12.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fb8:8000::/40

    Signature Algorithm: sha256WithRSAEncryption
         28:11:74:8b:0e:b7:e4:26:e3:57:99:0a:ee:a5:5f:ec:23:ec:
         f0:a9:f9:fc:fd:ef:33:ce:57:53:71:c2:87:dd:78:20:59:55:
         5f:4e:02:fc:27:76:b3:69:a9:fd:d0:6f:8e:11:48:45:7c:09:
         4b:97:9c:a9:45:9a:85:42:f3:4a:c5:bf:19:7f:17:4f:78:35:
         d7:94:e0:f3:89:a3:36:91:9f:eb:6c:af:7a:73:9b:f1:09:4a:
         68:44:0d:f1:53:11:88:74:dc:29:e3:f2:4d:ca:52:0c:48:67:
         73:92:85:93:4b:bb:ca:fb:5f:de:6e:89:ba:b4:1f:4d:a4:f7:
         91:be:5f:29:ab:31:64:6c:50:18:7f:13:04:53:17:b7:e3:a3:
         21:bb:6d:a1:45:44:0f:04:35:22:4d:51:57:c6:4e:6e:48:09:
         cd:a8:61:ab:9c:c8:7f:f6:18:5e:05:da:ee:4b:5e:a7:9e:6f:
         06:41:0f:31:09:19:34:1d:15:27:19:ff:31:11:29:ce:47:49:
         35:ec:5b:a4:ca:df:b8:aa:45:12:20:d9:df:05:0f:05:d2:31:
         c5:28:09:0b:80:5c:d5:26:33:5a:03:8f:97:6a:d1:8b:85:63:
         35:c8:c6:2f:1b:9a:45:99:fb:60:dc:fb:59:32:82:2e:bc:a8:
         7d:d5:99:59
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUHcSmgWFFhhcgcgHpKlmvyj6tY7kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjEzMTY0MTU2WhcNMjUwNzE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BjNGQ5NGRiMzEzOTJjZGQ0YzQ1NGFjOWVkZDM4MGMzNWZm
N2U3N2U3MWNiZDZiNzdmNDNhOGZhMTg1ODRjMjFmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCWiYQ/RL5wpQ0atUX1Xl8QZsVbdgRkFv7PVdGGdNmMgLb4
lo0ba16Uq3ejBiAQLfabgp5HLfCzpB/Yxujw5NY17MJapRfMiHZkFw+/cNKo/wgQ
rWl+gEF1oMBsdHwwmM42r3BH+4KGcbVswt9lZBlCGBeT06JwPfDZtvSfmBttntKo
SMO3c9dZWTVdeYf8xT3n6QyqvWM8CiemEyclAw2973Psle8oxXa2BvZQAXJWOESF
Jio8UgJUWu7g0DYLIXcLsMSttWFlP5G7CXtzpkzslv3BLkp47D/297Va1YLrIdJV
CNmG/nWyPjwHkhv6TbYahOK8MqJoDfVJPcjsSTbpAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU0WN1KlcVo4CC5BwAX8DzsCKNZiswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYwNTM3NDdjLTJkMTgtNDMxOC1iNmYwLThjYzc5NWNlMmExMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB+4gDANBgkqhkiG9w0BAQsFAAOCAQEAKBF0iw635CbjV5kK7qVf7CPs
8Kn5/P3vM85XU3HCh914IFlVX04C/Cd2s2mp/dBvjhFIRXwJS5ecqUWahULzSsW/
GX8XT3g115Tg84mjNpGf62yvenOb8QlKaEQN8VMRiHTcKePyTcpSDEhnc5KFk0u7
yvtf3m6JurQfTaT3kb5fKasxZGxQGH8TBFMXt+OjIbttoUVEDwQ1Ik1RV8ZObkgJ
zahhq5zIf/YYXgXa7ktep55vBkEPMQkZNB0VJxn/MREpzkdJNexbpMrfuKpFEiDZ
3wUPBdIxxSgJC4Bc1SYzWgOPl2rRi4VjNcjGLxuaRZn7YNz7WTKCLryofdWZWQ==
-----END CERTIFICATE-----