Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7afd30d1-aca2-41ba-af76-e8ddb5d9dd31.roa
File:                     7afd30d1-aca2-41ba-af76-e8ddb5d9dd31.roa (raw, json)
Hash identifier:          fMvLyC96GmABnTezEKenUrcPKrnvVRUDsjcNXn0rMMQ=
Subject key identifier:   D8:75:AB:57:E2:3E:12:7A:8B:7F:89:5A:8C:BD:BF:B2:DA:3D:92:4F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6D9713BFE024088BD0AD41FF4CA00B8B8C235158
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7afd30d1-aca2-41ba-af76-e8ddb5d9dd31.roa
Signing time:             Mon 04 Aug 2025 17:20:25 +0000
ROA not before:           Mon 04 Aug 2025 17:20:25 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f19:8000::/36 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:97:13:bf:e0:24:08:8b:d0:ad:41:ff:4c:a0:0b:8b:8c:23:51:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  4 17:20:25 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=d5fd201a3ad98031388563db153503d3a75e882476b4aa0206e47926b9427bc7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:c0:f1:ce:7e:22:db:ec:b1:e2:55:39:a4:76:
                    8d:c0:cd:80:d9:29:9a:f3:42:12:cb:ef:cc:47:7b:
                    09:51:92:00:d5:81:b8:44:78:6f:ed:e4:ed:f4:54:
                    18:ec:46:9d:42:02:7c:15:c8:01:a2:39:06:b7:f6:
                    80:24:18:0b:22:19:18:fb:13:c2:36:8f:2c:c3:6f:
                    e1:ee:1e:55:7a:ec:9d:06:1d:65:6c:af:f7:93:23:
                    74:5b:d7:c1:a6:72:4f:bf:4d:d4:70:3d:e1:49:bc:
                    62:5a:ac:06:2c:d1:6a:db:73:3d:61:a3:9a:1b:33:
                    c5:96:d7:b6:97:82:a7:08:cd:e4:20:62:e3:bf:2d:
                    40:d8:50:da:48:47:71:88:6d:13:a3:07:05:8a:c4:
                    0d:38:fa:75:04:d6:08:cf:1e:46:7c:14:e2:10:2c:
                    ee:ac:15:35:53:e4:e7:61:ef:54:e3:e5:a0:0e:43:
                    7d:29:1f:50:5c:9b:b5:e8:7a:d8:8a:03:c2:10:ed:
                    1b:74:5d:7a:de:90:36:da:c2:39:b5:c1:d8:5f:e4:
                    86:d7:97:e4:17:36:34:6d:ce:88:5c:0b:52:d9:3f:
                    c8:31:eb:55:75:e5:de:e7:79:71:c8:ee:d4:41:b2:
                    b6:bc:90:84:93:52:06:e0:f7:b0:eb:54:c1:1f:89:
                    b9:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:75:AB:57:E2:3E:12:7A:8B:7F:89:5A:8C:BD:BF:B2:DA:3D:92:4F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7afd30d1-aca2-41ba-af76-e8ddb5d9dd31.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f19:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         19:c3:d6:58:18:56:60:f2:e9:11:c4:c4:b3:ec:c8:f8:74:37:
         9b:cc:bb:aa:b6:bb:49:8e:83:aa:96:64:2e:c7:9e:ac:bf:4c:
         8a:25:3b:de:36:3a:15:eb:db:12:fb:6f:0b:42:e0:dc:be:c5:
         0a:87:06:92:00:ab:33:44:a6:02:be:af:d9:ea:5b:b2:4d:40:
         02:fc:5f:a3:88:99:5d:a3:68:9e:95:72:13:a9:db:a4:43:05:
         e8:ec:78:5e:df:14:1a:3c:21:f7:08:64:71:dc:0f:44:b0:55:
         7d:33:fd:7f:5a:6c:cd:33:d3:c2:10:8e:5e:5a:42:ac:94:d9:
         31:22:02:22:d6:11:43:ad:33:96:5e:47:70:6a:7c:31:56:06:
         9e:f1:2d:af:85:c7:1c:12:8b:bc:55:d1:db:c3:5e:d4:e2:d4:
         9a:5f:a0:91:92:9e:d0:07:df:8b:51:f8:26:e1:e3:57:43:d3:
         e5:48:01:f4:7e:b0:0a:8e:34:a0:85:72:d1:fc:00:84:37:bb:
         6f:fd:bd:fc:4f:c9:f6:80:01:ce:44:46:ba:be:b3:2d:9e:c8:
         c8:e1:e7:27:f1:5d:1a:56:61:4e:d7:c5:16:1a:ab:56:81:c0:
         3e:5b:7e:f5:a8:64:ea:15:df:53:4d:ea:f8:52:fd:46:ce:f7:
         99:4a:cc:c8
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUbZcTv+AkCIvQrUH/TKALi4wjUVgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA0MTcyMDI1WhcNMjUwOTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BkNWZkMjAxYTNhZDk4MDMxMzg4NTYzZGIxNTM1MDNkM2E3
NWU4ODI0NzZiNGFhMDIwNmU0NzkyNmI5NDI3YmM3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClwPHOfiLb7LHiVTmkdo3AzYDZKZrzQhLL78xHewlRkgDV
gbhEeG/t5O30VBjsRp1CAnwVyAGiOQa39oAkGAsiGRj7E8I2jyzDb+HuHlV67J0G
HWVsr/eTI3Rb18Gmck+/TdRwPeFJvGJarAYs0Wrbcz1ho5obM8WW17aXgqcIzeQg
YuO/LUDYUNpIR3GIbROjBwWKxA04+nUE1gjPHkZ8FOIQLO6sFTVT5Odh71Tj5aAO
Q30pH1Bcm7XoetiKA8IQ7Rt0XXrekDbawjm1wdhf5IbXl+QXNjRtzohcC1LZP8gx
61V15d7neXHI7tRBsra8kISTUgbg97DrVMEfibmhAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU2HWrV+I+EnqLf4lajL2/sto9kk8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdhZmQzMGQxLWFjYTItNDFiYS1hZjc2LWU4ZGRiNWQ5ZGQzMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8ZgDANBgkqhkiG9w0BAQsFAAOCAQEAGcPWWBhWYPLpEcTEs+zI+HQ3
m8y7qra7SY6DqpZkLseerL9MiiU73jY6FevbEvtvC0Lg3L7FCocGkgCrM0SmAr6v
2epbsk1AAvxfo4iZXaNonpVyE6nbpEMF6Ox4Xt8UGjwh9whkcdwPRLBVfTP9f1ps
zTPTwhCOXlpCrJTZMSICItYRQ60zll5HcGp8MVYGnvEtr4XHHBKLvFXR28Ne1OLU
ml+gkZKe0Affi1H4JuHjV0PT5UgB9H6wCo40oIVy0fwAhDe7b/29/E/J9oABzkRG
ur6zLZ7IyOHnJ/FdGlZhTtfFFhqrVoHAPlt+9ahk6hXfU03q+FL9Rs73mUrMyA==
-----END CERTIFICATE-----
Generated at Wed Aug 6 06:02:26 2025 by rpki-client