Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a1c06e57-fc5f-4705-8c07-450199fb8ad7.roa
File:                     a1c06e57-fc5f-4705-8c07-450199fb8ad7.roa (raw, json)
Hash identifier:          HkKHAqSCOiLH05SxwkTi4CPPFfJFG6CtY3AU1H22UAM=
Subject key identifier:   38:FD:90:F3:6D:01:02:0E:14:3C:DE:6E:22:C4:16:59:6E:0D:40:73
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2766DA7FBC988DE4B4F3E1B960D382629AABE3EC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a1c06e57-fc5f-4705-8c07-450199fb8ad7.roa
Signing time:             Fri 01 Aug 2025 15:51:19 +0000
ROA not before:           Fri 01 Aug 2025 15:51:19 +0000
ROA not after:            Fri 05 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f00:81c0::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:66:da:7f:bc:98:8d:e4:b4:f3:e1:b9:60:d3:82:62:9a:ab:e3:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  1 15:51:19 2025 GMT
            Not After : Sep  5 23:59:59 2025 GMT
        Subject: serialNumber=072b9c46493134cf6bba19b56b6002e8779b01cea72a012f4c51e49286ae7925, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ce:6c:13:a7:d3:5c:df:f8:2a:61:23:34:a9:
                    ab:ad:7b:53:ac:9c:29:49:b9:96:77:83:90:87:a8:
                    87:9d:e9:24:8a:5b:82:55:3e:db:f8:c1:97:00:08:
                    ad:49:49:99:86:01:2f:ee:64:26:5c:c9:3d:c3:26:
                    73:50:93:f2:c1:f3:44:7e:12:6c:b4:ed:9a:69:23:
                    c7:fd:ba:42:4e:ad:59:6d:b2:82:ce:1b:3c:b0:41:
                    53:8c:db:45:7d:04:29:47:2b:66:c2:3b:a5:6a:f7:
                    7f:3d:68:f4:83:26:fe:70:e9:c4:23:e7:d3:da:05:
                    82:d7:04:04:4b:da:07:31:98:de:19:4b:d0:43:ad:
                    7d:51:0a:f4:83:57:41:43:21:e1:06:4d:6f:d1:c2:
                    c3:46:29:13:1f:4c:98:30:11:7f:d7:10:6d:ad:af:
                    b1:fc:6d:27:7f:da:b3:ec:5a:89:b5:4b:d9:b8:05:
                    23:71:7e:53:41:5c:02:52:bf:ec:20:cb:31:b0:6e:
                    05:24:24:f6:f1:5c:c8:39:1b:19:8b:ce:f2:bc:1c:
                    d2:8f:41:0b:39:00:af:41:81:32:1e:c1:f0:82:4c:
                    7a:4e:5c:e7:5b:9f:3f:f4:ce:26:20:f5:b7:88:a7:
                    db:19:f2:ff:29:5e:95:69:a4:cc:4c:e0:60:d5:37:
                    03:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:FD:90:F3:6D:01:02:0E:14:3C:DE:6E:22:C4:16:59:6E:0D:40:73
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a1c06e57-fc5f-4705-8c07-450199fb8ad7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00:81c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         9d:4c:86:a2:9a:de:10:90:bb:8f:7a:65:38:d3:6b:91:2b:70:
         2f:e7:44:6e:25:b0:81:2b:0a:66:d9:31:e0:24:32:c1:05:48:
         b8:5e:b8:e2:34:0e:d1:e8:80:6b:46:8e:dc:40:28:25:d6:de:
         3a:cc:93:43:dc:bd:19:27:09:9e:02:51:f7:34:a1:22:56:0c:
         26:fd:32:98:69:bf:2e:d3:d1:c8:8a:26:3e:0d:fd:9b:f8:ba:
         d7:e3:cf:46:a1:76:d8:56:57:43:97:22:f3:5a:e2:c0:92:2a:
         65:58:dc:76:17:9a:de:9d:b8:8d:35:9f:3f:d7:33:f9:1c:8a:
         53:2a:84:f7:b5:99:c4:d1:8d:69:33:85:31:38:20:d9:56:a2:
         61:e2:b5:1a:31:fe:14:3a:34:73:ea:0c:88:b8:06:58:8e:05:
         26:55:1a:ef:4c:74:40:63:81:bc:5c:52:a2:85:dd:87:b9:40:
         8e:24:b0:02:9c:3f:86:35:a3:ff:0b:65:c9:91:5c:f2:d8:46:
         d1:b9:6d:31:3f:73:f7:10:e5:64:47:9b:e5:9b:5e:61:5c:67:
         35:59:f3:a7:0a:82:60:f1:24:52:4f:a1:40:28:2c:ee:5d:46:
         e5:d0:7a:52:68:ca:d5:9f:b1:65:b9:3c:ab:0b:d3:9e:b3:1e:
         be:67:6d:c2
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUJ2baf7yYjeS08+G5YNOCYpqr4+wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODAxMTU1MTE5WhcNMjUwOTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNzJiOWM0NjQ5MzEzNGNmNmJiYTE5YjU2YjYwMDJlODc3
OWIwMWNlYTcyYTAxMmY0YzUxZTQ5Mjg2YWU3OTI1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9zmwTp9Nc3/gqYSM0qaute1OsnClJuZZ3g5CHqIed6SSK
W4JVPtv4wZcACK1JSZmGAS/uZCZcyT3DJnNQk/LB80R+Emy07ZppI8f9ukJOrVlt
soLOGzywQVOM20V9BClHK2bCO6Vq9389aPSDJv5w6cQj59PaBYLXBARL2gcxmN4Z
S9BDrX1RCvSDV0FDIeEGTW/RwsNGKRMfTJgwEX/XEG2tr7H8bSd/2rPsWom1S9m4
BSNxflNBXAJSv+wgyzGwbgUkJPbxXMg5GxmLzvK8HNKPQQs5AK9BgTIewfCCTHpO
XOdbnz/0ziYg9beIp9sZ8v8pXpVppMxM4GDVNwPjAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUOP2Q820BAg4UPN5uIsQWWW4NQHMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ExYzA2ZTU3LWZjNWYtNDcwNS04YzA3LTQ1MDE5OWZiOGFkNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB8AgcAwDQYJKoZIhvcNAQELBQADggEBAJ1MhqKa3hCQu496ZTjTa5Er
cC/nRG4lsIErCmbZMeAkMsEFSLheuOI0DtHogGtGjtxAKCXW3jrMk0PcvRknCZ4C
Ufc0oSJWDCb9Mphpvy7T0ciKJj4N/Zv4utfjz0ahdthWV0OXIvNa4sCSKmVY3HYX
mt6duI01nz/XM/kcilMqhPe1mcTRjWkzhTE4INlWomHitRox/hQ6NHPqDIi4BliO
BSZVGu9MdEBjgbxcUqKF3Ye5QI4ksAKcP4Y1o/8LZcmRXPLYRtG5bTE/c/cQ5WRH
m+WbXmFcZzVZ86cKgmDxJFJPoUAoLO5dRuXQelJoytWfsWW5PKsL056zHr5nbcI=
-----END CERTIFICATE-----
Generated at Wed Aug 6 05:19:08 2025 by rpki-client