Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8998c883-9e67-4bcf-a61e-660dce0482d2.roa
File:                     8998c883-9e67-4bcf-a61e-660dce0482d2.roa (raw, json)
Hash identifier:          ksYXHg0g09oT3XOMCIkerIRD8ftcCtTRPP2SOYlknpk=
Subject key identifier:   EC:F2:F2:8F:88:66:C0:1F:E3:CA:95:66:8C:4E:97:24:93:83:CA:F2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       05B38093E457759E7F35B02C455FB3ECD9F70795
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8998c883-9e67-4bcf-a61e-660dce0482d2.roa
Signing time:             Mon 04 Aug 2025 15:20:26 +0000
ROA not before:           Mon 04 Aug 2025 15:20:26 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f61:e040::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:b3:80:93:e4:57:75:9e:7f:35:b0:2c:45:5f:b3:ec:d9:f7:07:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  4 15:20:26 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=0b458eb8bd659747738ae88b73f3117aea8a5b04d408aaafe8a185b782066261, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:74:d7:c1:72:fd:4f:1f:69:ec:0a:93:7b:43:
                    f9:bd:f6:3b:11:47:5d:92:9e:2e:c3:22:67:8e:07:
                    e1:67:8a:47:f2:fd:ae:f8:71:1b:d2:7e:77:ad:b3:
                    66:36:45:ae:f6:6c:1d:1b:b6:bb:9a:5c:42:4c:f3:
                    dc:41:07:aa:0e:90:6e:e1:b4:4d:fb:9b:e1:9a:b4:
                    2c:4f:59:98:81:45:0f:ed:ea:39:ce:9a:9d:65:4d:
                    37:ac:04:0f:27:33:92:c5:c0:c4:83:14:6a:13:ef:
                    c5:1e:5d:ac:24:48:aa:48:5a:6f:06:24:76:70:24:
                    c9:26:92:0f:fb:53:8a:ab:5b:f3:a3:08:7c:55:42:
                    9e:e6:b8:d9:ad:16:9f:ff:f2:30:21:1c:bd:f5:8d:
                    b1:92:2a:0e:d7:e3:07:1c:fa:4e:62:00:4e:60:87:
                    d4:0b:6e:31:c2:bb:65:e7:c9:e1:83:cf:ad:73:45:
                    a7:8c:72:f9:f4:78:ac:81:aa:33:7f:48:b0:59:46:
                    e9:f1:8d:c0:c6:ec:b5:1f:26:5a:c4:75:93:eb:94:
                    e5:04:f1:c4:2a:67:9c:cc:6c:23:1f:08:2a:7a:d7:
                    5a:bc:62:d5:85:cd:40:28:b6:a9:30:e8:b0:02:06:
                    f3:1f:15:bf:e2:85:e5:c8:47:fd:c9:07:ec:d4:b1:
                    4b:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:F2:F2:8F:88:66:C0:1F:E3:CA:95:66:8C:4E:97:24:93:83:CA:F2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8998c883-9e67-4bcf-a61e-660dce0482d2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f61:e040::/48

    Signature Algorithm: sha256WithRSAEncryption
         99:d5:e1:a3:78:fc:8d:f9:1b:ce:25:9f:7f:80:db:f0:c0:ad:
         8a:15:fc:58:24:dc:b4:c6:cd:a4:23:d3:23:54:c9:4a:2c:0a:
         ff:a6:b1:7c:d9:23:6c:e3:77:cf:7c:d1:dc:d9:7e:27:aa:e1:
         58:e4:8e:31:a2:ce:b6:d8:de:c9:ec:e0:f4:36:8e:ed:54:74:
         0b:7c:d3:3b:e4:d3:b7:98:9e:b8:ff:14:1a:94:ad:67:8d:37:
         54:88:20:4b:2d:cc:3a:3e:1f:41:3c:f7:c5:f8:b3:99:9b:cb:
         21:8c:a7:0d:3e:38:ac:8a:f0:15:64:ab:5a:7b:34:df:18:13:
         1c:69:c4:c4:16:56:69:89:89:a8:54:63:71:c6:ca:c0:b2:06:
         31:fe:47:b4:c4:b0:2f:1b:12:d1:b5:3c:d6:5d:ec:cb:54:9c:
         79:2f:27:f0:8b:27:bf:32:10:cf:97:5e:d8:61:ad:4d:2a:54:
         6e:94:6a:cf:c8:59:cd:23:28:9f:5e:a5:b2:75:27:31:b2:69:
         68:f1:b7:f5:90:fe:11:28:48:c0:1f:e7:a2:7d:d6:eb:ee:ab:
         5c:a7:18:47:17:a8:67:a9:86:f4:fc:85:e6:08:9a:5e:d5:6a:
         6d:8a:72:11:d3:92:27:3e:03:46:88:39:86:98:ee:87:b4:86:
         67:c4:45:20
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUBbOAk+RXdZ5/NbAsRV+z7Nn3B5UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA0MTUyMDI2WhcNMjUwOTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwYjQ1OGViOGJkNjU5NzQ3NzM4YWU4OGI3M2YzMTE3YWVh
OGE1YjA0ZDQwOGFhYWZlOGExODViNzgyMDY2MjYxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqdNfBcv1PH2nsCpN7Q/m99jsRR12Sni7DImeOB+Fnikfy
/a74cRvSfnets2Y2Ra72bB0btruaXEJM89xBB6oOkG7htE37m+GatCxPWZiBRQ/t
6jnOmp1lTTesBA8nM5LFwMSDFGoT78UeXawkSKpIWm8GJHZwJMkmkg/7U4qrW/Oj
CHxVQp7muNmtFp//8jAhHL31jbGSKg7X4wcc+k5iAE5gh9QLbjHCu2XnyeGDz61z
RaeMcvn0eKyBqjN/SLBZRunxjcDG7LUfJlrEdZPrlOUE8cQqZ5zMbCMfCCp611q8
YtWFzUAotqkw6LACBvMfFb/iheXIR/3JB+zUsUt3AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU7PLyj4hmwB/jypVmjE6XJJODyvIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg5OThjODgzLTllNjctNGJjZi1hNjFlLTY2MGRjZTA0ODJkMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB9h4EAwDQYJKoZIhvcNAQELBQADggEBAJnV4aN4/I35G84ln3+A2/DA
rYoV/Fgk3LTGzaQj0yNUyUosCv+msXzZI2zjd8980dzZfieq4VjkjjGizrbY3sns
4PQ2ju1UdAt80zvk07eYnrj/FBqUrWeNN1SIIEstzDo+H0E898X4s5mbyyGMpw0+
OKyK8BVkq1p7NN8YExxpxMQWVmmJiahUY3HGysCyBjH+R7TEsC8bEtG1PNZd7MtU
nHkvJ/CLJ78yEM+XXthhrU0qVG6Uas/IWc0jKJ9epbJ1JzGyaWjxt/WQ/hEoSMAf
56J91uvuq1ynGEcXqGephvT8heYIml7Vam2KchHTkic+A0aIOYaY7oe0hmfERSA=
-----END CERTIFICATE-----
Generated at Wed Aug 6 10:11:46 2025 by rpki-client