Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6bf30116-0604-4f8d-a90c-5e05368282b7.roa
File:                     6bf30116-0604-4f8d-a90c-5e05368282b7.roa (raw, json)
Hash identifier:          UvLz7nvYmxpc0LZmQp89eYxRiP/uxbYkOxGWPRALDiE=
Subject key identifier:   A4:D0:C6:37:5D:FF:B7:A7:42:69:0B:85:BA:74:2B:C4:9D:0A:CE:AE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5517CE91BBEB208483685B921CA8C0FF6FDA3D2C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6bf30116-0604-4f8d-a90c-5e05368282b7.roa
Signing time:             Fri 01 Aug 2025 16:01:28 +0000
ROA not before:           Fri 01 Aug 2025 16:01:28 +0000
ROA not after:            Fri 05 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f00:8180::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:17:ce:91:bb:eb:20:84:83:68:5b:92:1c:a8:c0:ff:6f:da:3d:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  1 16:01:28 2025 GMT
            Not After : Sep  5 23:59:59 2025 GMT
        Subject: serialNumber=28ce1035e43e16ad2a81e36df19666a2a87b3c22102eaaca8645ca06923e3a19, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:aa:79:ea:21:b8:d1:b7:f6:68:b0:55:8a:f9:
                    dc:be:5a:a0:57:85:1b:3b:38:59:d0:3f:e9:41:60:
                    0f:84:3c:e8:13:2f:64:ac:4a:9f:7b:49:c0:0e:3e:
                    57:64:81:61:d3:bf:39:0c:d9:83:d3:ac:e0:20:4a:
                    c5:fd:81:5d:b5:4b:13:9f:fb:3f:28:cf:73:4e:c2:
                    7e:21:a6:12:98:b9:0f:b0:cc:9d:83:0e:71:75:25:
                    bb:15:95:3f:fb:80:50:a8:03:d5:45:72:d3:fa:e2:
                    74:85:2c:1e:55:f6:40:75:66:28:c0:3d:a0:1d:ad:
                    b0:0b:73:d6:db:85:9f:a9:2b:f9:a9:69:38:45:43:
                    04:07:7c:5e:63:b2:c3:a7:80:02:8f:5a:44:20:d7:
                    5f:06:2e:90:53:2a:84:69:fe:86:2e:ad:10:31:81:
                    4c:a9:73:ce:b3:ca:52:23:86:ae:07:9f:ea:fd:2c:
                    87:4e:5c:dc:9f:12:48:24:e3:48:53:0b:88:e1:d2:
                    1d:b9:4e:63:45:3a:86:94:7b:02:c0:69:c6:a8:02:
                    8a:0e:e8:36:17:0b:62:52:06:68:c0:f5:ec:01:01:
                    2c:9d:1f:4e:29:26:68:ef:0b:63:2c:5a:78:6a:17:
                    8e:49:75:5e:88:51:1f:68:41:9c:a5:f1:a0:4a:29:
                    a7:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:D0:C6:37:5D:FF:B7:A7:42:69:0B:85:BA:74:2B:C4:9D:0A:CE:AE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6bf30116-0604-4f8d-a90c-5e05368282b7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00:8180::/48

    Signature Algorithm: sha256WithRSAEncryption
         50:1a:b2:e7:91:5a:66:24:cb:07:60:bd:f1:7e:25:f8:98:6f:
         56:6d:d2:3f:85:c8:29:6d:1d:26:4c:1f:35:6b:4f:33:f7:48:
         aa:53:18:35:e9:bd:d2:b7:52:95:f9:d5:ba:ca:a2:23:34:1b:
         28:81:d1:c6:76:3a:6e:9f:38:f7:14:62:1d:b1:63:21:ac:3b:
         85:f4:3e:47:47:21:6d:5e:92:3e:27:1c:af:b8:77:cd:64:c2:
         51:3d:02:85:4a:f5:01:4d:f7:84:a9:74:f5:57:80:48:ed:6a:
         ea:3e:7d:bd:ce:80:20:36:52:30:d1:d7:db:81:44:0d:e9:70:
         bd:39:42:9f:77:8e:07:0f:09:fe:e5:87:ab:13:2b:a6:58:3e:
         10:20:77:0d:7a:03:98:b2:6a:ad:13:e2:1d:b8:10:31:17:b2:
         d7:8f:77:d5:e9:83:97:4c:92:94:77:50:0b:5a:8e:6d:0b:c9:
         07:d0:bf:0b:91:08:39:b8:4d:5d:49:f2:49:81:9c:7b:55:ca:
         68:2f:ea:f0:70:56:21:ba:62:a6:ad:64:7b:01:2c:e7:4f:09:
         91:2d:92:d6:f6:7b:48:54:12:84:7a:e6:16:03:4a:43:5e:d9:
         29:f2:e0:23:1d:05:8d:b8:8b:4d:91:30:08:ff:b7:99:49:5f:
         7c:ff:0f:d1
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUVRfOkbvrIISDaFuSHKjA/2/aPSwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODAxMTYwMTI4WhcNMjUwOTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AyOGNlMTAzNWU0M2UxNmFkMmE4MWUzNmRmMTk2NjZhMmE4
N2IzYzIyMTAyZWFhY2E4NjQ1Y2EwNjkyM2UzYTE5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqqnnqIbjRt/ZosFWK+dy+WqBXhRs7OFnQP+lBYA+EPOgT
L2SsSp97ScAOPldkgWHTvzkM2YPTrOAgSsX9gV21SxOf+z8oz3NOwn4hphKYuQ+w
zJ2DDnF1JbsVlT/7gFCoA9VFctP64nSFLB5V9kB1ZijAPaAdrbALc9bbhZ+pK/mp
aThFQwQHfF5jssOngAKPWkQg118GLpBTKoRp/oYurRAxgUypc86zylIjhq4Hn+r9
LIdOXNyfEkgk40hTC4jh0h25TmNFOoaUewLAacaoAooO6DYXC2JSBmjA9ewBASyd
H04pJmjvC2MsWnhqF45JdV6IUR9oQZyl8aBKKafJAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUpNDGN13/t6dCaQuFunQrxJ0Kzq4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZiZjMwMTE2LTA2MDQtNGY4ZC1hOTBjLTVlMDUzNjgyODJiNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB8AgYAwDQYJKoZIhvcNAQELBQADggEBAFAasueRWmYkywdgvfF+JfiY
b1Zt0j+FyCltHSZMHzVrTzP3SKpTGDXpvdK3UpX51brKoiM0GyiB0cZ2Om6fOPcU
Yh2xYyGsO4X0PkdHIW1ekj4nHK+4d81kwlE9AoVK9QFN94SpdPVXgEjtauo+fb3O
gCA2UjDR19uBRA3pcL05Qp93jgcPCf7lh6sTK6ZYPhAgdw16A5iyaq0T4h24EDEX
stePd9Xpg5dMkpR3UAtajm0LyQfQvwuRCDm4TV1J8kmBnHtVymgv6vBwViG6Yqat
ZHsBLOdPCZEtktb2e0hUEoR65hYDSkNe2Sny4CMdBY24i02RMAj/t5lJX3z/D9E=
-----END CERTIFICATE-----
Generated at Wed Aug 6 14:13:22 2025 by rpki-client