Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82624c93-a718-4b6c-b8d0-1502172fc711.roa
File:                     82624c93-a718-4b6c-b8d0-1502172fc711.roa (raw, json)
Hash identifier:          7sYfIsebUlpf/6/1xihmhAdUjheihRf2v05kBroPqs8=
Subject key identifier:   67:8F:DA:2B:DC:64:B3:11:62:10:23:18:3D:88:0C:84:35:15:E1:2F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       69ADFB3DCF3C6BC1EC86AF0416BD2B65FE11862F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82624c93-a718-4b6c-b8d0-1502172fc711.roa
Signing time:             Fri 01 Aug 2025 16:32:02 +0000
ROA not before:           Fri 01 Aug 2025 16:32:02 +0000
ROA not after:            Fri 05 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f61:8060::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:ad:fb:3d:cf:3c:6b:c1:ec:86:af:04:16:bd:2b:65:fe:11:86:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  1 16:32:02 2025 GMT
            Not After : Sep  5 23:59:59 2025 GMT
        Subject: serialNumber=7da65543edef174afc5579b767814eba9735e6a8be62260da8593e594e5daeba, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:4a:bc:e0:e0:d6:4d:5f:99:b5:85:d5:c8:90:
                    2a:65:f0:7d:c1:0d:3f:3e:c2:42:0a:cf:b7:2b:00:
                    e7:6e:03:3f:08:42:fc:2b:c1:ec:10:41:02:c6:d9:
                    34:51:8d:32:ca:fb:2f:92:bb:e6:af:39:2d:eb:76:
                    aa:7a:35:9e:20:eb:96:49:d4:03:7b:9d:1b:e8:a5:
                    ea:e4:2e:bb:e2:62:9f:7d:fb:ab:62:21:4b:9e:1a:
                    9d:73:75:37:89:56:d9:dc:c7:0b:cd:0e:a3:ed:77:
                    4c:79:28:69:2d:73:6e:81:76:58:55:c2:d3:bb:51:
                    5b:18:32:18:63:39:5c:31:cc:53:41:26:6e:f6:2f:
                    84:1e:5d:8f:65:c3:74:63:d9:b0:05:a9:00:07:c2:
                    90:9d:cd:43:64:92:c6:77:0a:ac:a1:a6:5d:e0:1f:
                    24:1b:0d:29:4e:7f:d1:cd:d0:c5:b5:6d:d6:ba:86:
                    57:11:50:d5:41:7f:dd:a7:6b:41:e8:cf:bf:c9:b6:
                    4e:21:62:b0:a6:73:af:85:ed:fc:c7:7f:a6:cf:d5:
                    5f:ef:4f:03:ed:cb:90:62:27:b6:f9:3c:25:d2:8a:
                    3c:d5:59:76:2b:1b:02:00:24:55:6e:81:68:98:67:
                    bd:3b:48:41:60:1a:58:6c:29:0f:c0:0f:74:97:e6:
                    76:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:8F:DA:2B:DC:64:B3:11:62:10:23:18:3D:88:0C:84:35:15:E1:2F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82624c93-a718-4b6c-b8d0-1502172fc711.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f61:8060::/48

    Signature Algorithm: sha256WithRSAEncryption
         ba:19:71:37:b5:42:b1:7b:73:30:e7:cb:62:c4:51:fe:41:e7:
         aa:dc:f2:f1:6c:c7:72:a8:cb:69:87:fe:68:a7:59:39:9c:0c:
         62:e9:d9:e7:f6:1c:39:8f:0c:e9:6f:8c:cb:b3:b2:d5:03:6b:
         a6:de:2d:41:2c:67:f5:f0:33:4e:1c:26:d5:1b:69:c4:93:21:
         30:df:8d:ee:3d:d7:c3:37:24:c4:9f:3b:20:5b:8c:a5:c3:9b:
         06:20:b6:c2:a4:1e:f6:54:36:0b:a3:04:25:16:84:1b:be:e0:
         c6:16:15:e1:15:69:d9:4e:23:ea:db:31:64:c4:56:4e:23:ae:
         7e:1f:4c:ed:38:c0:cd:72:38:4f:f5:9c:60:3e:34:a0:5b:43:
         86:af:71:2a:38:02:25:95:57:ae:7f:81:23:09:2f:bb:42:ec:
         ae:d1:51:35:11:51:2c:2b:cf:3e:d8:2a:bd:b9:10:d5:0e:4e:
         d9:48:d1:82:b0:93:26:f5:09:40:cc:7f:82:da:4b:4d:93:b4:
         27:18:d7:39:46:52:23:e0:b4:ac:77:6c:29:9b:c1:d4:a0:6b:
         52:e3:16:3f:9e:42:f9:6e:ef:d4:0c:1f:a8:95:e2:28:c2:7d:
         9e:6c:ef:c5:c5:23:91:1d:34:69:02:9a:83:73:60:39:37:0e:
         c4:a7:7e:8d
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUaa37Pc88a8Hshq8EFr0rZf4Rhi8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODAxMTYzMjAyWhcNMjUwOTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZGE2NTU0M2VkZWYxNzRhZmM1NTc5Yjc2NzgxNGViYTk3
MzVlNmE4YmU2MjI2MGRhODU5M2U1OTRlNWRhZWJhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6Srzg4NZNX5m1hdXIkCpl8H3BDT8+wkIKz7crAOduAz8I
QvwrwewQQQLG2TRRjTLK+y+Su+avOS3rdqp6NZ4g65ZJ1AN7nRvoperkLrviYp99
+6tiIUueGp1zdTeJVtncxwvNDqPtd0x5KGktc26BdlhVwtO7UVsYMhhjOVwxzFNB
Jm72L4QeXY9lw3Rj2bAFqQAHwpCdzUNkksZ3Cqyhpl3gHyQbDSlOf9HN0MW1bda6
hlcRUNVBf92na0Hoz7/Jtk4hYrCmc6+F7fzHf6bP1V/vTwPty5BiJ7b5PCXSijzV
WXYrGwIAJFVugWiYZ707SEFgGlhsKQ/AD3SX5nabAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUZ4/aK9xksxFiECMYPYgMhDUV4S8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgyNjI0YzkzLWE3MTgtNGI2Yy1iOGQwLTE1MDIxNzJmYzcxMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB9hgGAwDQYJKoZIhvcNAQELBQADggEBALoZcTe1QrF7czDny2LEUf5B
56rc8vFsx3Koy2mH/minWTmcDGLp2ef2HDmPDOlvjMuzstUDa6beLUEsZ/XwM04c
JtUbacSTITDfje4918M3JMSfOyBbjKXDmwYgtsKkHvZUNgujBCUWhBu+4MYWFeEV
adlOI+rbMWTEVk4jrn4fTO04wM1yOE/1nGA+NKBbQ4avcSo4AiWVV65/gSMJL7tC
7K7RUTURUSwrzz7YKr25ENUOTtlI0YKwkyb1CUDMf4LaS02TtCcY1zlGUiPgtKx3
bCmbwdSga1LjFj+eQvlu79QMH6iV4ijCfZ5s78XFI5EdNGkCmoNzYDk3DsSnfo0=
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:25:10 2025 by rpki-client