Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8babeb51-8816-4ffd-9a50-4f2bca25daf0.roa
File:                     8babeb51-8816-4ffd-9a50-4f2bca25daf0.roa (raw, json)
Hash identifier:          oIhU2PhAtcgeX2ruMTZU6W0OhifSKLZys0H316KFoLo=
Subject key identifier:   56:33:C6:F2:71:6C:C8:6E:D1:ED:6F:8F:D7:02:0B:2F:42:1C:CA:C4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1225DD7FA5C39E2F3839EC888123DEE7BA2959A6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8babeb51-8816-4ffd-9a50-4f2bca25daf0.roa
Signing time:             Mon 04 Aug 2025 16:01:05 +0000
ROA not before:           Mon 04 Aug 2025 16:01:05 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     7224
IP address blocks:        2600:1ffd:1700::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:25:dd:7f:a5:c3:9e:2f:38:39:ec:88:81:23:de:e7:ba:29:59:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  4 16:01:05 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=ca161fae0a6663231159f09308b5d51ec19463d33246eae69f2eb92332d7fa5b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:40:80:82:ca:f8:5f:58:43:63:d0:ce:2d:df:
                    4f:fe:d3:6f:f4:fb:1e:84:fc:d4:f3:80:b4:a3:8c:
                    45:db:13:ab:3d:9e:2f:a5:71:65:ad:65:7b:bb:2d:
                    21:91:fa:e7:52:2f:c8:a5:36:bb:49:9e:54:6d:c9:
                    3b:e6:27:23:34:e5:db:d0:63:e3:12:9e:eb:63:43:
                    d3:c7:6a:4e:ee:aa:f0:bb:3f:ce:33:6e:3c:47:cb:
                    f7:74:03:30:6b:d4:e9:e7:22:8b:5a:fc:50:d6:3c:
                    1d:7a:9a:84:26:d9:f2:13:6a:32:d0:8d:f7:fe:59:
                    05:ab:94:7d:77:61:03:7f:85:73:e8:ed:1b:d5:cb:
                    3b:9b:8f:35:91:ac:93:97:5e:b6:5c:8b:fa:38:62:
                    36:b0:20:02:59:94:3b:7f:90:51:6a:4e:12:98:37:
                    cf:92:39:dc:25:83:64:79:5e:8b:cd:6a:8b:3b:30:
                    39:37:05:55:d1:46:f1:56:69:52:c5:22:7f:9b:bf:
                    8c:6b:1c:d1:f6:57:d1:54:0f:cd:c0:94:35:ea:da:
                    77:a7:b4:44:d9:12:cf:39:78:5e:86:80:a2:a0:19:
                    c4:ba:e1:b8:7d:55:25:31:cb:76:9d:ec:8b:26:86:
                    11:e4:8b:ff:6b:d2:be:50:f5:bf:96:cc:50:85:b4:
                    fe:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:33:C6:F2:71:6C:C8:6E:D1:ED:6F:8F:D7:02:0B:2F:42:1C:CA:C4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8babeb51-8816-4ffd-9a50-4f2bca25daf0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffd:1700::/40

    Signature Algorithm: sha256WithRSAEncryption
         8a:40:cb:84:9c:7d:c1:d0:e6:a9:8c:15:cf:ae:cb:53:5b:ba:
         f0:d9:ce:30:ad:38:7a:54:b8:6d:27:cb:97:35:f7:55:53:5f:
         a8:a1:75:d8:8f:50:3d:7a:59:15:ac:b9:21:fe:2f:e3:11:4b:
         ff:54:75:eb:a3:69:ed:63:20:07:fc:45:97:b4:a2:aa:35:1c:
         88:c3:4e:6c:9b:15:ef:2a:93:c7:8b:96:c9:63:63:2a:0f:f2:
         83:d1:b4:b7:67:c7:b3:dc:e0:62:f7:55:50:73:1c:39:d2:45:
         4c:19:86:18:b8:ea:da:3f:78:64:fe:bd:f0:d7:73:a5:83:f0:
         88:b3:ef:8c:1c:47:66:56:af:39:ba:52:eb:f0:11:ce:5d:43:
         55:c8:7d:3b:1b:b6:11:de:f0:2d:38:f7:04:12:d2:2c:2f:5d:
         1c:4c:43:61:02:85:cb:77:fe:20:04:e0:6e:53:d7:d2:bf:08:
         a0:e8:b2:81:1e:d3:df:6c:af:34:8d:3d:60:c4:5c:26:0f:97:
         07:92:f3:97:0f:71:c2:f1:df:bb:c8:c6:26:f5:f0:ae:df:92:
         be:82:02:18:06:1c:99:3c:4b:c7:22:bb:9a:91:69:28:8f:5a:
         39:3f:c9:f8:7f:0a:5e:5c:2f:d9:f3:fb:eb:2c:03:76:b2:bd:
         4c:7e:94:de
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUEiXdf6XDni84OeyIgSPe57opWaYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA0MTYwMTA1WhcNMjUwOTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BjYTE2MWZhZTBhNjY2MzIzMTE1OWYwOTMwOGI1ZDUxZWMx
OTQ2M2QzMzI0NmVhZTY5ZjJlYjkyMzMyZDdmYTViMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDtQICCyvhfWENj0M4t30/+02/0+x6E/NTzgLSjjEXbE6s9
ni+lcWWtZXu7LSGR+udSL8ilNrtJnlRtyTvmJyM05dvQY+MSnutjQ9PHak7uqvC7
P84zbjxHy/d0AzBr1OnnIota/FDWPB16moQm2fITajLQjff+WQWrlH13YQN/hXPo
7RvVyzubjzWRrJOXXrZci/o4YjawIAJZlDt/kFFqThKYN8+SOdwlg2R5XovNaos7
MDk3BVXRRvFWaVLFIn+bv4xrHNH2V9FUD83AlDXq2nentETZEs85eF6GgKKgGcS6
4bh9VSUxy3ad7IsmhhHki/9r0r5Q9b+WzFCFtP6RAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUVjPG8nFsyG7R7W+P1wILL0IcysQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhiYWJlYjUxLTg4MTYtNGZmZC05YTUwLTRmMmJjYTI1ZGFmMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/9FzANBgkqhkiG9w0BAQsFAAOCAQEAikDLhJx9wdDmqYwVz67LU1u6
8NnOMK04elS4bSfLlzX3VVNfqKF12I9QPXpZFay5If4v4xFL/1R166Np7WMgB/xF
l7SiqjUciMNObJsV7yqTx4uWyWNjKg/yg9G0t2fHs9zgYvdVUHMcOdJFTBmGGLjq
2j94ZP698NdzpYPwiLPvjBxHZlavObpS6/ARzl1DVch9Oxu2Ed7wLTj3BBLSLC9d
HExDYQKFy3f+IATgblPX0r8IoOiygR7T32yvNI09YMRcJg+XB5Lzlw9xwvHfu8jG
JvXwrt+SvoICGAYcmTxLxyK7mpFpKI9aOT/J+H8KXlwv2fP76ywDdrK9TH6U3g==
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:59:22 2025 by rpki-client