Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8f7700a2-6a4d-4cc9-9b7d-83aa88a7d298.roa
File:                     8f7700a2-6a4d-4cc9-9b7d-83aa88a7d298.roa (raw, json)
Hash identifier:          HtS8y+1jgeAh6tReoujQvMoKvyD1NLpHaOIHYHyuhkM=
Subject key identifier:   C7:34:AE:EA:76:AB:73:48:A9:9F:52:52:78:BE:E1:E5:5C:EB:39:30
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       78461A681872B762DFC7B4FE6A211E5C65D2BDD3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8f7700a2-6a4d-4cc9-9b7d-83aa88a7d298.roa
Signing time:             Fri 01 Aug 2025 16:41:20 +0000
ROA not before:           Fri 01 Aug 2025 16:41:20 +0000
ROA not after:            Fri 05 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f38:34c0::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:46:1a:68:18:72:b7:62:df:c7:b4:fe:6a:21:1e:5c:65:d2:bd:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  1 16:41:20 2025 GMT
            Not After : Sep  5 23:59:59 2025 GMT
        Subject: serialNumber=7a704e16fa8125f5a51023a1c08adf65143222ac7643ec239fa8e0a642ef57e0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:77:11:62:e0:7f:5e:9e:7f:1e:e4:f2:46:25:
                    b0:f6:68:1c:1b:5d:3a:bf:3f:6e:b0:88:62:be:1b:
                    d2:e5:91:61:f4:87:30:57:50:63:63:c6:e5:a4:14:
                    1e:4c:cf:86:08:4c:3e:2f:7a:33:f8:67:c7:4a:ba:
                    cc:47:78:8f:f5:bd:e5:f9:19:20:c1:94:7d:5a:de:
                    5d:5a:b9:61:69:20:b5:29:4e:99:99:d8:76:35:f3:
                    8e:6f:ff:4f:a0:fc:7c:99:79:ea:51:c2:09:15:da:
                    2b:c6:85:b7:a9:38:1a:34:e8:b4:bd:36:e0:cd:1b:
                    a1:52:7b:e6:d0:6e:7e:eb:a6:fe:39:4e:26:a6:b3:
                    96:40:8f:df:6b:be:12:51:4a:7c:76:8f:d3:06:3b:
                    ba:59:b9:7b:b4:a1:35:a7:b9:cb:49:df:a4:10:5e:
                    d6:8b:76:b6:f3:25:51:26:a6:35:10:90:95:07:0b:
                    37:b3:37:57:b1:51:67:c2:32:52:aa:b2:56:be:93:
                    0c:60:01:f2:ad:e0:c5:72:09:32:fd:d5:ea:ba:4d:
                    64:8e:80:99:25:29:b4:8d:f8:e0:50:e1:7b:36:4a:
                    37:68:d8:92:ec:56:75:00:b3:cd:17:bd:ea:4c:4c:
                    b8:55:10:2b:f7:bc:38:97:42:37:f0:d0:5b:1c:98:
                    d9:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:34:AE:EA:76:AB:73:48:A9:9F:52:52:78:BE:E1:E5:5C:EB:39:30
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8f7700a2-6a4d-4cc9-9b7d-83aa88a7d298.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f38:34c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         8f:bc:79:d9:c3:aa:59:bb:f4:96:a6:0a:bf:42:4d:e0:10:b2:
         b4:84:34:4a:23:b6:13:f5:57:65:7f:03:37:61:d3:8c:66:2f:
         81:c0:79:d0:ac:d5:b4:a1:42:d1:95:5f:4d:74:3f:78:ff:8e:
         2d:94:1a:64:03:93:cc:aa:43:6c:e2:20:30:2b:b8:a4:83:d5:
         99:a4:77:1b:ff:34:51:d0:28:c3:ed:de:f0:18:9b:ac:25:d6:
         0a:a4:48:20:88:06:0c:f7:ef:19:ec:c4:d8:73:b2:9e:63:13:
         ce:8b:8a:eb:43:5d:e4:91:9a:cd:28:2c:bc:9d:59:31:a0:0e:
         56:c0:7c:dc:40:7d:2b:3f:6f:15:fa:e0:82:3f:dc:d7:91:74:
         f0:cf:13:cb:07:ee:dc:a4:2d:43:41:59:b4:97:3c:a6:82:a5:
         b6:32:05:7b:50:ee:ef:90:74:7f:bb:b6:e3:81:08:86:bb:9b:
         1e:c9:58:74:94:b2:1f:d5:a1:28:f0:2e:be:85:d4:6b:39:07:
         dd:e0:70:e8:0a:ae:93:81:52:a5:fe:9f:04:31:d5:78:cf:e5:
         b1:9d:9e:0f:11:a2:f4:eb:95:1f:0e:2f:42:f5:0a:2f:9c:90:
         3a:30:81:4d:e2:7c:ae:aa:e0:7a:0d:ae:9d:26:9f:48:48:60:
         45:8e:d8:62
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUeEYaaBhyt2Lfx7T+aiEeXGXSvdMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODAxMTY0MTIwWhcNMjUwOTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A3YTcwNGUxNmZhODEyNWY1YTUxMDIzYTFjMDhhZGY2NTE0
MzIyMmFjNzY0M2VjMjM5ZmE4ZTBhNjQyZWY1N2UwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCQdxFi4H9enn8e5PJGJbD2aBwbXTq/P26wiGK+G9LlkWH0
hzBXUGNjxuWkFB5Mz4YITD4vejP4Z8dKusxHeI/1veX5GSDBlH1a3l1auWFpILUp
TpmZ2HY1845v/0+g/HyZeepRwgkV2ivGhbepOBo06LS9NuDNG6FSe+bQbn7rpv45
Tiams5ZAj99rvhJRSnx2j9MGO7pZuXu0oTWnuctJ36QQXtaLdrbzJVEmpjUQkJUH
CzezN1exUWfCMlKqsla+kwxgAfKt4MVyCTL91eq6TWSOgJklKbSN+OBQ4Xs2Sjdo
2JLsVnUAs80XvepMTLhVECv3vDiXQjfw0FscmNmdAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUxzSu6narc0ipn1JSeL7h5VzrOTAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhmNzcwMGEyLTZhNGQtNGNjOS05YjdkLTgzYWE4OGE3ZDI5OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB84NMAwDQYJKoZIhvcNAQELBQADggEBAI+8ednDqlm79JamCr9CTeAQ
srSENEojthP1V2V/Azdh04xmL4HAedCs1bShQtGVX010P3j/ji2UGmQDk8yqQ2zi
IDAruKSD1Zmkdxv/NFHQKMPt3vAYm6wl1gqkSCCIBgz37xnsxNhzsp5jE86LiutD
XeSRms0oLLydWTGgDlbAfNxAfSs/bxX64II/3NeRdPDPE8sH7tykLUNBWbSXPKaC
pbYyBXtQ7u+QdH+7tuOBCIa7mx7JWHSUsh/VoSjwLr6F1Gs5B93gcOgKrpOBUqX+
nwQx1XjP5bGdng8RovTrlR8OL0L1Ci+ckDowgU3ifK6q4HoNrp0mn0hIYEWO2GI=
-----END CERTIFICATE-----
Generated at Wed Aug 6 10:12:07 2025 by rpki-client