Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a272600a-9414-4881-b3df-55f7c5722f94.roa
File:                     a272600a-9414-4881-b3df-55f7c5722f94.roa (raw, json)
Hash identifier:          IehZTIt8nLhJd98/MB5THmleSmVKIfo+yDUvGwP2boM=
Subject key identifier:   EC:E5:B9:C8:23:7A:25:5A:FD:BE:47:10:32:5D:0D:71:24:97:A2:7C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       053CDA1990BFAFFE725164812455F84431C5FD6A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a272600a-9414-4881-b3df-55f7c5722f94.roa
Signing time:             Fri 13 Jun 2025 17:01:19 +0000
ROA not before:           Fri 13 Jun 2025 17:01:19 +0000
ROA not after:            Fri 18 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f18:c000::/36 maxlen: 36
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:3c:da:19:90:bf:af:fe:72:51:64:81:24:55:f8:44:31:c5:fd:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 13 17:01:19 2025 GMT
            Not After : Jul 18 23:59:59 2025 GMT
        Subject: serialNumber=6341da7cb86aae709a81ee869421264f0a1f753590d837964a4cb114cca67f32, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:9a:34:e3:7f:63:a9:b7:0c:1c:f7:ae:7c:73:
                    ec:4e:e0:95:7f:f3:fc:4e:d0:0c:2d:22:fc:15:d9:
                    6f:e9:e8:13:4f:9b:e0:9e:b5:ff:c7:4e:e2:69:ea:
                    d6:73:38:96:a1:2d:32:cc:13:5b:44:e0:e8:77:d3:
                    1f:4f:2b:17:5d:f1:fd:e1:af:d7:81:33:8a:79:dd:
                    df:b1:a2:f6:71:8d:6c:b4:50:72:06:e5:7b:6d:16:
                    ac:7c:6d:d8:f9:b9:83:45:d3:f0:87:23:f8:e4:0a:
                    19:1b:8f:fe:23:b3:ca:5e:c5:19:2a:72:e9:78:be:
                    61:7e:e3:cc:35:19:90:20:f1:d9:c1:30:82:02:20:
                    e1:b4:fb:25:a5:50:e7:cb:9d:35:f0:f0:d9:67:cd:
                    82:a6:9b:da:b1:64:27:05:9b:ef:14:00:58:b8:4c:
                    76:64:17:4e:90:02:9a:ba:c6:13:b1:6b:ca:3b:21:
                    76:fe:45:b1:66:05:ce:81:16:25:e6:06:f3:2c:6a:
                    1f:d0:84:bc:ea:d1:56:35:f1:22:80:07:1c:28:82:
                    31:9c:14:e2:4a:5b:8d:a6:f1:83:aa:7e:8d:97:e1:
                    e8:38:5d:6d:fd:cf:4b:4c:39:ec:54:cc:ad:41:f0:
                    ca:57:80:cc:65:ac:f8:98:fc:7a:b5:aa:49:07:1e:
                    3f:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:E5:B9:C8:23:7A:25:5A:FD:BE:47:10:32:5D:0D:71:24:97:A2:7C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a272600a-9414-4881-b3df-55f7c5722f94.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f18:c000::/36

    Signature Algorithm: sha256WithRSAEncryption
         a7:40:84:cd:4c:dc:2c:ad:8a:2f:a9:7b:33:0a:89:bf:6a:21:
         21:24:49:96:39:a6:af:ee:fb:73:3f:af:6a:d1:6c:37:d8:57:
         cc:11:23:13:6e:32:d2:08:f7:b8:fb:9a:34:d4:bd:c3:e6:0c:
         f1:d6:54:7b:e3:36:a0:86:84:4e:0f:8a:e7:03:fc:db:e9:86:
         cd:03:d3:18:e6:b1:e1:61:24:05:91:0f:ae:2d:2f:90:99:23:
         2c:d3:59:c2:79:1b:e4:0a:ba:cb:a6:e4:21:44:5e:a3:b3:bc:
         22:2b:75:e2:27:59:94:d1:26:90:57:38:cb:5d:e7:67:4f:1d:
         cb:22:2e:05:fa:59:85:49:0e:95:1e:dc:2a:ba:dd:8c:55:a6:
         52:3b:ba:8a:79:54:c0:ed:8c:2b:72:4d:20:a0:5b:47:a9:89:
         92:e0:03:6f:80:f8:41:16:ca:1a:49:dd:4e:0d:39:7e:2b:c5:
         0c:40:a5:6c:28:f6:6f:9b:69:83:36:18:8e:f6:b9:a9:f5:db:
         cd:96:16:2e:34:5e:14:55:4b:e8:60:4c:f6:9c:3c:39:fe:1e:
         62:22:44:4b:aa:82:e9:1a:d6:1f:51:85:89:1b:a9:ea:21:b4:
         3c:7b:e1:48:1f:a2:b6:8e:c0:84:5a:22:ae:35:c7:79:45:9e:
         52:d1:2a:d7
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUBTzaGZC/r/5yUWSBJFX4RDHF/WowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjEzMTcwMTE5WhcNMjUwNzE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MzQxZGE3Y2I4NmFhZTcwOWE4MWVlODY5NDIxMjY0ZjBh
MWY3NTM1OTBkODM3OTY0YTRjYjExNGNjYTY3ZjMyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtmjTjf2Optwwc9658c+xO4JV/8/xO0AwtIvwV2W/p6BNP
m+Cetf/HTuJp6tZzOJahLTLME1tE4Oh30x9PKxdd8f3hr9eBM4p53d+xovZxjWy0
UHIG5XttFqx8bdj5uYNF0/CHI/jkChkbj/4js8pexRkqcul4vmF+48w1GZAg8dnB
MIICIOG0+yWlUOfLnTXw8NlnzYKmm9qxZCcFm+8UAFi4THZkF06QApq6xhOxa8o7
IXb+RbFmBc6BFiXmBvMsah/QhLzq0VY18SKABxwogjGcFOJKW42m8YOqfo2X4eg4
XW39z0tMOexUzK1B8MpXgMxlrPiY/Hq1qkkHHj/TAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU7OW5yCN6JVr9vkcQMl0NcSSXonwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2EyNzI2MDBhLTk0MTQtNDg4MS1iM2RmLTU1ZjdjNTcyMmY5NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8YwDANBgkqhkiG9w0BAQsFAAOCAQEAp0CEzUzcLK2KL6l7MwqJv2oh
ISRJljmmr+77cz+vatFsN9hXzBEjE24y0gj3uPuaNNS9w+YM8dZUe+M2oIaETg+K
5wP82+mGzQPTGOax4WEkBZEPri0vkJkjLNNZwnkb5Aq6y6bkIUReo7O8Iit14idZ
lNEmkFc4y13nZ08dyyIuBfpZhUkOlR7cKrrdjFWmUju6inlUwO2MK3JNIKBbR6mJ
kuADb4D4QRbKGkndTg05fivFDEClbCj2b5tpgzYYjva5qfXbzZYWLjReFFVL6GBM
9pw8Of4eYiJES6qC6RrWH1GFiRup6iG0PHvhSB+ito7AhFoirjXHeUWeUtEq1w==
-----END CERTIFICATE-----