Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98210af0-508f-49b8-a5e8-71d021460617.roa
File:                     98210af0-508f-49b8-a5e8-71d021460617.roa (raw, json)
Hash identifier:          ePbbhzilJBpt+Rijp76Apwu/tvkuP/o4KWhMj5LIxD8=
Subject key identifier:   34:29:0B:31:2B:79:FF:11:28:CA:CD:14:7F:73:E0:29:6D:09:A1:CB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       115F31DC57A8C703F34A42A884F5CB83369823C8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98210af0-508f-49b8-a5e8-71d021460617.roa
Signing time:             Fri 13 Jun 2025 17:40:43 +0000
ROA not before:           Fri 13 Jun 2025 17:40:43 +0000
ROA not after:            Fri 18 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f18:6000::/35 maxlen: 35
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 16 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:5f:31:dc:57:a8:c7:03:f3:4a:42:a8:84:f5:cb:83:36:98:23:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 13 17:40:43 2025 GMT
            Not After : Jul 18 23:59:59 2025 GMT
        Subject: serialNumber=345f502644b4007ed61d94600e50b89b3bf34825d448c82d0cfab292005645ca, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:05:12:f6:8a:91:4b:75:d4:33:91:0a:4d:a2:
                    58:9d:37:0c:4d:56:8d:d9:0a:7b:3c:49:ab:93:bf:
                    b8:db:c1:41:0e:7e:13:ed:34:41:0d:7d:8a:72:3c:
                    08:1e:2b:74:bd:b2:e6:06:8d:1a:b6:a2:01:f7:89:
                    60:e4:9a:4e:f2:99:54:7f:cd:c3:47:98:97:ff:6b:
                    6e:1b:87:9a:b5:27:d8:50:74:d0:0a:f4:6f:5b:f7:
                    a3:35:9b:ef:93:62:7f:0f:d7:28:23:39:1e:b1:02:
                    d8:53:e3:ab:7b:c4:9a:2a:70:de:50:4a:4f:0e:d7:
                    a8:65:2e:c9:7f:37:98:57:26:a2:08:a2:41:bb:26:
                    fd:af:45:19:79:18:b5:38:44:45:d8:c4:6c:c5:06:
                    b3:17:c2:f7:fa:00:08:b9:cc:c6:4b:59:80:a4:9a:
                    5c:ce:db:ed:ac:23:cc:1c:ab:0b:a3:82:66:83:de:
                    41:5f:55:bc:38:d8:a9:c8:74:60:5c:ff:ec:5d:44:
                    bd:c1:0b:52:5b:ac:38:49:3d:0d:18:f6:75:37:58:
                    10:94:ee:f4:da:bb:fa:6e:70:4a:43:9a:8e:60:d8:
                    60:14:8b:ad:32:39:99:8e:e7:4e:1a:55:e0:7f:e8:
                    71:db:77:1b:6c:8c:19:f9:40:d8:c1:e1:06:cb:d8:
                    9d:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:29:0B:31:2B:79:FF:11:28:CA:CD:14:7F:73:E0:29:6D:09:A1:CB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98210af0-508f-49b8-a5e8-71d021460617.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f18:6000::/35

    Signature Algorithm: sha256WithRSAEncryption
         7e:8d:52:0e:af:e9:35:5b:0e:80:d0:5e:d1:fa:06:be:d4:30:
         db:1d:fe:c7:7e:72:df:c7:34:ba:f3:96:64:05:87:18:55:e4:
         4b:5f:a0:a3:1a:1f:57:f2:f6:60:85:18:a7:cf:1a:6e:e5:5c:
         a3:63:33:35:7f:7c:53:1a:99:8a:66:97:a6:8d:ed:96:aa:13:
         68:8e:ce:fe:77:dd:c1:b1:ee:b1:81:7d:38:8e:85:d1:d4:05:
         53:07:4c:c8:7a:65:b3:09:e5:00:ea:35:34:8b:42:22:0c:32:
         a5:81:3d:72:77:fa:9c:be:b2:2f:f0:11:10:3e:b5:d9:33:ca:
         22:73:b3:52:51:6f:96:46:bd:2f:51:26:8a:f8:be:c2:0d:2b:
         20:6f:3e:65:ec:93:33:60:4f:e2:79:b1:e6:30:58:12:cc:68:
         28:b5:2d:2e:3b:e0:75:dc:34:6c:43:69:a0:41:95:5d:ec:bf:
         21:9e:19:f4:29:00:44:cd:23:1d:5e:55:17:cc:21:19:5e:62:
         0f:63:5a:3e:00:26:9c:5e:1f:91:54:cb:32:29:44:a5:49:91:
         d6:01:2a:2e:a7:40:ef:4d:26:f2:f0:60:d6:04:00:d0:6e:7f:
         5d:d1:9c:ac:ee:e5:6f:c3:e4:d2:5a:62:ea:01:c7:35:78:f5:
         89:20:e6:41
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUEV8x3FeoxwPzSkKohPXLgzaYI8gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjEzMTc0MDQzWhcNMjUwNzE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNDVmNTAyNjQ0YjQwMDdlZDYxZDk0NjAwZTUwYjg5YjNi
ZjM0ODI1ZDQ0OGM4MmQwY2ZhYjI5MjAwNTY0NWNhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3BRL2ipFLddQzkQpNolidNwxNVo3ZCns8SauTv7jbwUEO
fhPtNEENfYpyPAgeK3S9suYGjRq2ogH3iWDkmk7ymVR/zcNHmJf/a24bh5q1J9hQ
dNAK9G9b96M1m++TYn8P1ygjOR6xAthT46t7xJoqcN5QSk8O16hlLsl/N5hXJqII
okG7Jv2vRRl5GLU4REXYxGzFBrMXwvf6AAi5zMZLWYCkmlzO2+2sI8wcqwujgmaD
3kFfVbw42KnIdGBc/+xdRL3BC1JbrDhJPQ0Y9nU3WBCU7vTau/pucEpDmo5g2GAU
i60yOZmO504aVeB/6HHbdxtsjBn5QNjB4QbL2J2lAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUNCkLMSt5/xEoys0Uf3PgKW0JocswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk4MjEwYWYwLTUwOGYtNDliOC1hNWU4LTcxZDAyMTQ2MDYxNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgUmAB8YYDANBgkqhkiG9w0BAQsFAAOCAQEAfo1SDq/pNVsOgNBe0foGvtQw
2x3+x35y38c0uvOWZAWHGFXkS1+goxofV/L2YIUYp88abuVco2MzNX98UxqZimaX
po3tlqoTaI7O/nfdwbHusYF9OI6F0dQFUwdMyHplswnlAOo1NItCIgwypYE9cnf6
nL6yL/ARED612TPKInOzUlFvlka9L1Emivi+wg0rIG8+ZeyTM2BP4nmx5jBYEsxo
KLUtLjvgddw0bENpoEGVXey/IZ4Z9CkARM0jHV5VF8whGV5iD2NaPgAmnF4fkVTL
MilEpUmR1gEqLqdA700m8vBg1gQA0G5/XdGcrO7lb8Pk0lpi6gHHNXj1iSDmQQ==
-----END CERTIFICATE-----