Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/796c70f8-9f34-44b3-8a4b-26d8a656fe19.roa
File:                     796c70f8-9f34-44b3-8a4b-26d8a656fe19.roa (raw, json)
Hash identifier:          g0uK8IGmg0NxONyOJ23sy9vsHC0RE0Wa52K9gdCPqTM=
Subject key identifier:   C7:29:47:7F:A8:AF:12:C0:A8:E6:EA:F2:9D:DB:CF:21:75:A8:63:B8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2E1E0D17C687BD4FBFD14B77F49E49D428CE8C95
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/796c70f8-9f34-44b3-8a4b-26d8a656fe19.roa
Signing time:             Mon 04 Aug 2025 16:31:18 +0000
ROA not before:           Mon 04 Aug 2025 16:31:18 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f68:7400::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 08 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:1e:0d:17:c6:87:bd:4f:bf:d1:4b:77:f4:9e:49:d4:28:ce:8c:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  4 16:31:18 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=40de794687ff9440d84976a12225927a89551bbec389930cce1a8c22e2643d09, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:97:0f:8a:0d:62:42:27:17:ec:ed:71:0e:11:
                    f0:e2:9c:76:ef:2e:ac:4e:31:df:7e:91:e4:65:2e:
                    c1:5a:58:30:61:e1:56:2d:c9:9e:67:2a:28:1d:87:
                    3b:17:04:f7:47:ef:97:68:f5:0c:cb:46:84:ec:89:
                    5e:0f:39:0b:4c:d0:71:e6:01:68:20:b2:3f:44:e8:
                    d1:69:5f:30:9a:2a:ae:c5:7c:55:0e:a7:9d:58:6c:
                    22:3e:3a:23:8f:76:33:b7:b9:92:4f:6e:7d:e2:7e:
                    c9:9c:da:ec:04:c3:90:ad:90:ac:a0:35:ff:b9:bb:
                    72:00:37:7e:80:91:19:01:db:df:e5:5d:31:20:49:
                    5e:4a:f0:19:73:10:3e:b7:fe:38:2d:6f:92:be:d8:
                    56:50:85:8c:f0:69:f4:ea:54:a9:10:00:bf:83:48:
                    9b:44:d7:3a:50:06:bc:1f:fb:7d:df:ad:d8:55:4e:
                    38:21:7d:d2:eb:ef:6f:78:d9:5c:49:ab:7f:3a:cd:
                    ea:71:0a:36:11:0a:36:d4:10:44:80:54:65:4d:5e:
                    16:55:2c:01:b3:fb:7a:8b:19:9c:0b:06:a4:2c:c0:
                    bc:95:3b:83:d5:9e:4d:26:dd:e3:65:2c:bc:68:d4:
                    c1:5d:96:34:01:69:ad:33:f8:54:dc:9c:1f:66:13:
                    dc:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:29:47:7F:A8:AF:12:C0:A8:E6:EA:F2:9D:DB:CF:21:75:A8:63:B8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/796c70f8-9f34-44b3-8a4b-26d8a656fe19.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f68:7400::/40

    Signature Algorithm: sha256WithRSAEncryption
         46:8e:6d:c7:98:dd:bb:fe:01:84:03:7f:89:97:58:00:a4:3a:
         07:57:f8:0e:58:a7:6d:1e:3e:a2:89:ff:65:cb:b2:2b:9f:d5:
         87:58:8c:be:27:ee:f9:f7:04:6c:89:b7:ce:82:c8:9f:04:dc:
         b5:52:c2:cf:0c:ab:bf:63:b8:a7:4c:94:94:ef:8b:1f:08:c3:
         43:50:6b:73:56:c9:09:5a:b2:5e:74:04:82:69:dd:e0:72:6e:
         af:74:62:e1:23:23:9d:d1:93:98:a0:b8:a0:69:7c:57:31:a5:
         d9:e0:d3:23:0a:bd:f7:1c:6f:e6:d6:12:85:51:50:74:ef:37:
         c1:7c:4f:22:6c:c6:a5:da:80:fd:72:23:98:d2:17:f2:e2:f2:
         07:9c:0e:f6:d2:2b:67:11:01:36:93:a1:b2:d4:e4:65:9e:34:
         c1:45:74:ea:c0:fa:96:30:be:1a:2c:5b:98:3e:b9:01:f2:b2:
         d1:2b:a5:ab:e4:92:01:d7:8c:e6:da:8b:9e:13:a0:f2:2e:3a:
         c9:19:52:89:61:03:e2:78:36:4e:cf:61:5d:8f:b2:be:84:d7:
         4b:da:d2:6e:94:84:4b:e2:3b:ad:04:38:33:e3:6e:f2:cf:d5:
         f3:fc:e0:4e:e8:71:7f:94:28:6f:eb:df:00:0e:98:95:b5:66:
         ab:72:1a:42
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIULh4NF8aHvU+/0Ut39J5J1CjOjJUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA0MTYzMTE4WhcNMjUwOTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MGRlNzk0Njg3ZmY5NDQwZDg0OTc2YTEyMjI1OTI3YTg5
NTUxYmJlYzM4OTkzMGNjZTFhOGMyMmUyNjQzZDA5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDwlw+KDWJCJxfs7XEOEfDinHbvLqxOMd9+keRlLsFaWDBh
4VYtyZ5nKigdhzsXBPdH75do9QzLRoTsiV4POQtM0HHmAWggsj9E6NFpXzCaKq7F
fFUOp51YbCI+OiOPdjO3uZJPbn3ifsmc2uwEw5CtkKygNf+5u3IAN36AkRkB29/l
XTEgSV5K8BlzED63/jgtb5K+2FZQhYzwafTqVKkQAL+DSJtE1zpQBrwf+33frdhV
TjghfdLr72942VxJq386zepxCjYRCjbUEESAVGVNXhZVLAGz+3qLGZwLBqQswLyV
O4PVnk0m3eNlLLxo1MFdljQBaa0z+FTcnB9mE9zdAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUxylHf6ivEsCo5uryndvPIXWoY7gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc5NmM3MGY4LTlmMzQtNDRiMy04YTRiLTI2ZDhhNjU2ZmUxOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9odDANBgkqhkiG9w0BAQsFAAOCAQEARo5tx5jdu/4BhAN/iZdYAKQ6
B1f4DlinbR4+oon/ZcuyK5/Vh1iMvifu+fcEbIm3zoLInwTctVLCzwyrv2O4p0yU
lO+LHwjDQ1Brc1bJCVqyXnQEgmnd4HJur3Ri4SMjndGTmKC4oGl8VzGl2eDTIwq9
9xxv5tYShVFQdO83wXxPImzGpdqA/XIjmNIX8uLyB5wO9tIrZxEBNpOhstTkZZ40
wUV06sD6ljC+GixbmD65AfKy0Sulq+SSAdeM5tqLnhOg8i46yRlSiWED4ng2Ts9h
XY+yvoTXS9rSbpSES+I7rQQ4M+Nu8s/V8/zgTuhxf5Qob+vfAA6YlbVmq3IaQg==
-----END CERTIFICATE-----