Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ee30742-54a5-414b-a1c8-3db9abf29cb3.roa
File:                     7ee30742-54a5-414b-a1c8-3db9abf29cb3.roa (raw, json)
Hash identifier:          FQfZDTYQQo/tVy9x+Ts3dTd980PpE6Ae0GTTdUaaTdY=
Subject key identifier:   C0:E6:29:51:4E:43:D4:92:CF:EB:E2:0F:7B:98:30:FD:AB:65:6A:E0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1DC6450BC1AFA749B44B5EDBE94BD05A865C40F3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ee30742-54a5-414b-a1c8-3db9abf29cb3.roa
Signing time:             Fri 13 Jun 2025 15:50:27 +0000
ROA not before:           Fri 13 Jun 2025 15:50:27 +0000
ROA not after:            Fri 18 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f69:3440::/46 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:c6:45:0b:c1:af:a7:49:b4:4b:5e:db:e9:4b:d0:5a:86:5c:40:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 13 15:50:27 2025 GMT
            Not After : Jul 18 23:59:59 2025 GMT
        Subject: serialNumber=0e41590fce466d17e86211d956fa07a73f167da1650934d55d8b0ef41d56c90c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:6a:64:26:cb:aa:ad:23:8e:99:c8:ce:62:ae:
                    82:02:76:ff:3a:86:45:94:42:d3:f7:6d:d2:14:05:
                    27:db:b2:0d:be:4a:12:6c:94:9a:fd:a7:d8:77:ca:
                    11:df:65:1b:d2:61:fa:53:51:f2:0e:d9:fe:72:d1:
                    ea:7e:2a:cb:5d:33:0c:9b:67:20:4b:51:1d:83:a6:
                    8f:aa:31:9d:c4:29:9e:de:9e:e8:0c:6c:f2:4e:73:
                    81:d1:e5:43:e4:90:36:39:db:74:6a:bb:69:97:7d:
                    40:42:84:5e:33:89:ed:e5:91:ec:7d:eb:08:74:b7:
                    5d:80:0d:a0:69:47:73:16:8d:98:db:83:4b:d5:69:
                    1b:e0:ad:8f:92:63:d5:6d:a8:b2:e0:26:07:18:6d:
                    c9:4c:b9:c4:d6:c7:42:64:79:1a:1b:47:11:bc:cb:
                    61:67:1b:fb:89:7d:8b:a7:9d:ae:bb:0d:fb:1e:34:
                    47:8e:0f:e1:23:22:27:cf:1a:85:17:59:69:7b:86:
                    d8:6f:ef:c5:c6:e1:8c:07:4f:5b:40:61:ff:68:29:
                    27:c8:a9:3f:cc:d0:ed:38:63:bc:15:68:41:aa:5f:
                    63:72:c3:fa:dc:cc:b7:b0:67:68:a0:d7:50:46:d1:
                    69:82:2d:96:cf:04:9f:8d:b7:6c:bf:38:62:10:6e:
                    98:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:E6:29:51:4E:43:D4:92:CF:EB:E2:0F:7B:98:30:FD:AB:65:6A:E0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ee30742-54a5-414b-a1c8-3db9abf29cb3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f69:3440::/46

    Signature Algorithm: sha256WithRSAEncryption
         4d:6e:25:01:0e:17:e0:d5:bf:7b:f2:ae:b2:1d:12:dd:e5:26:
         cd:d7:d8:73:3c:9f:dc:e0:fe:fc:fb:81:64:17:26:8b:bc:45:
         21:ff:1c:37:43:59:39:ba:3b:64:ee:7f:24:f3:34:34:11:00:
         fb:3b:23:1d:57:99:3b:0a:83:bb:e3:7a:67:91:24:fb:b4:ab:
         60:6f:a1:77:16:57:73:a4:0b:21:92:81:2a:86:aa:b5:0f:a6:
         85:40:41:57:01:1b:83:cd:7f:01:15:7f:a7:7a:7a:3e:22:4a:
         47:f4:b0:c1:03:ba:3c:56:23:35:3a:df:8b:37:cc:ea:a2:8f:
         1c:41:f7:47:37:d3:e1:2e:4b:03:c0:96:14:d2:e0:33:bf:3a:
         95:54:82:2f:7b:e6:38:ae:e5:1d:26:64:fa:91:55:2a:7b:0e:
         54:07:30:83:9a:c9:e0:50:b8:49:90:c7:bf:83:44:8e:30:18:
         48:bb:8f:94:0c:43:12:d4:56:44:61:91:49:92:7e:c8:5f:2a:
         4e:e7:ad:b2:8a:9d:13:01:5b:26:20:1d:88:8b:8f:7d:80:d2:
         43:8f:46:bf:7f:19:77:d3:a6:e9:04:58:93:94:e4:09:dd:9f:
         66:60:36:8a:65:a2:28:dd:24:cb:d7:88:dd:1f:1b:3b:12:d5:
         77:d6:70:b6
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUHcZFC8Gvp0m0S17b6UvQWoZcQPMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjEzMTU1MDI3WhcNMjUwNzE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwZTQxNTkwZmNlNDY2ZDE3ZTg2MjExZDk1NmZhMDdhNzNm
MTY3ZGExNjUwOTM0ZDU1ZDhiMGVmNDFkNTZjOTBjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJamQmy6qtI46ZyM5iroICdv86hkWUQtP3bdIUBSfbsg2+
ShJslJr9p9h3yhHfZRvSYfpTUfIO2f5y0ep+KstdMwybZyBLUR2Dpo+qMZ3EKZ7e
nugMbPJOc4HR5UPkkDY523Rqu2mXfUBChF4zie3lkex96wh0t12ADaBpR3MWjZjb
g0vVaRvgrY+SY9VtqLLgJgcYbclMucTWx0JkeRobRxG8y2FnG/uJfYunna67Dfse
NEeOD+EjIifPGoUXWWl7hthv78XG4YwHT1tAYf9oKSfIqT/M0O04Y7wVaEGqX2Ny
w/rczLewZ2ig11BG0WmCLZbPBJ+Nt2y/OGIQbpgDAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUwOYpUU5D1JLP6+IPe5gw/atlauAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdlZTMwNzQyLTU0YTUtNDE0Yi1hMWM4LTNkYjlhYmYyOWNiMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwImAB9pNEAwDQYJKoZIhvcNAQELBQADggEBAE1uJQEOF+DVv3vyrrIdEt3l
Js3X2HM8n9zg/vz7gWQXJou8RSH/HDdDWTm6O2TufyTzNDQRAPs7Ix1XmTsKg7vj
emeRJPu0q2BvoXcWV3OkCyGSgSqGqrUPpoVAQVcBG4PNfwEVf6d6ej4iSkf0sMED
ujxWIzU634s3zOqijxxB90c30+EuSwPAlhTS4DO/OpVUgi975jiu5R0mZPqRVSp7
DlQHMIOayeBQuEmQx7+DRI4wGEi7j5QMQxLUVkRhkUmSfshfKk7nrbKKnRMBWyYg
HYiLj32A0kOPRr9/GXfTpukEWJOU5Andn2ZgNoploijdJMvXiN0fGzsS1XfWcLY=
-----END CERTIFICATE-----