Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a97fd684-0832-49ce-ad32-e5222a2a4cc7.roa
File:                     a97fd684-0832-49ce-ad32-e5222a2a4cc7.roa (raw, json)
Hash identifier:          3icdiVDKPokzKMLwRerJkyO9LXmRAirLOeFj1iTBXck=
Subject key identifier:   01:56:F8:3D:E4:1D:1D:15:B4:B1:6C:40:AB:8A:1C:C3:35:A9:0C:09
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3DA646D45100E1C58C56242F230C3B01F62AB528
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a97fd684-0832-49ce-ad32-e5222a2a4cc7.roa
Signing time:             Tue 10 Jun 2025 16:21:43 +0000
ROA not before:           Tue 10 Jun 2025 16:21:43 +0000
ROA not after:            Tue 15 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f38:50c0::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:a6:46:d4:51:00:e1:c5:8c:56:24:2f:23:0c:3b:01:f6:2a:b5:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 10 16:21:43 2025 GMT
            Not After : Jul 15 23:59:59 2025 GMT
        Subject: serialNumber=a3d643db93acc9f856b90e295cbee2b79dd285a3c059b70f821d25084695c889, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:5e:8a:36:48:69:68:7a:55:3a:40:8b:86:79:
                    ad:3c:2c:67:6c:ad:ba:c1:f7:04:ad:3e:6a:11:83:
                    74:61:17:84:7e:46:8e:86:72:89:14:44:5f:09:0b:
                    ef:a3:42:bb:d2:07:ec:68:50:43:1a:fd:00:55:14:
                    b6:97:14:8d:61:12:80:db:1f:df:54:fe:2f:e1:ef:
                    ff:c9:10:c9:9c:f1:44:de:1e:30:72:79:5e:16:dc:
                    d2:3e:0d:d8:18:53:e0:62:8e:36:15:ad:4e:28:45:
                    b1:12:39:00:2a:6d:21:33:55:44:51:23:d1:f1:2e:
                    47:17:19:02:31:a2:41:78:39:27:6b:26:9b:31:af:
                    18:66:e0:42:6a:f2:b3:87:36:3c:4f:8e:59:0f:57:
                    c0:a8:1f:ca:82:2b:66:84:42:c3:9d:cc:79:52:c2:
                    f3:21:0f:6d:f8:76:fd:7f:8a:93:07:e9:a5:c9:97:
                    0c:75:71:28:5c:d3:f3:ca:fa:4c:6b:7d:7f:a3:49:
                    e6:08:b0:ed:6c:cf:56:39:f0:0c:ae:2d:69:1f:5a:
                    6e:61:38:1f:dd:26:a1:d5:14:7f:96:e9:a9:a5:fe:
                    1a:ec:45:26:fc:ee:a3:25:3c:bf:08:a1:a5:c3:4b:
                    8f:1d:79:55:40:36:60:43:6b:a7:72:de:e0:e2:40:
                    2b:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:56:F8:3D:E4:1D:1D:15:B4:B1:6C:40:AB:8A:1C:C3:35:A9:0C:09
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a97fd684-0832-49ce-ad32-e5222a2a4cc7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f38:50c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         c1:e4:89:e4:7e:43:94:6b:4a:86:34:9a:30:06:a8:96:d8:15:
         ba:9d:d3:86:87:03:1d:8a:30:08:94:14:5d:50:13:0d:44:79:
         6e:84:70:5b:78:88:2d:65:1b:8b:ec:fa:0b:11:79:00:3d:dc:
         01:43:6d:c6:12:21:18:51:d3:ac:b6:f4:ec:51:85:9b:b3:75:
         b7:6b:f5:99:54:ff:a9:af:f4:04:1b:40:76:88:93:b5:45:b3:
         3a:b2:aa:fe:77:27:38:b6:bd:a5:ac:64:27:ac:0b:e3:16:45:
         ed:61:61:ad:52:9e:89:19:4c:37:0f:e0:ca:35:46:1d:b9:6b:
         25:fd:cb:49:3a:95:8d:77:44:60:5f:0b:58:73:89:4c:49:0d:
         0a:70:c3:be:c0:71:ab:57:c8:f6:d1:59:10:00:90:c0:bb:f8:
         d9:6c:bb:a3:95:b6:08:06:f9:a4:cf:83:20:b3:bf:ef:2f:9e:
         5f:14:0c:52:c4:e2:b0:5d:e7:51:46:49:48:2d:c1:e7:eb:57:
         05:82:e3:63:be:fa:bb:58:0b:46:a3:22:ab:32:0b:19:2e:78:
         35:91:b8:34:94:9e:18:9f:a7:ea:5f:e7:70:a1:06:e8:e8:fa:
         9d:75:2a:af:d4:ef:30:6c:38:f9:5d:0b:cf:7c:ca:4a:bb:dd:
         92:b4:14:17
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUPaZG1FEA4cWMViQvIww7AfYqtSgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjEwMTYyMTQzWhcNMjUwNzE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BhM2Q2NDNkYjkzYWNjOWY4NTZiOTBlMjk1Y2JlZTJiNzlk
ZDI4NWEzYzA1OWI3MGY4MjFkMjUwODQ2OTVjODg5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqXoo2SGloelU6QIuGea08LGdsrbrB9wStPmoRg3RhF4R+
Ro6GcokURF8JC++jQrvSB+xoUEMa/QBVFLaXFI1hEoDbH99U/i/h7//JEMmc8UTe
HjByeV4W3NI+DdgYU+BijjYVrU4oRbESOQAqbSEzVURRI9HxLkcXGQIxokF4OSdr
Jpsxrxhm4EJq8rOHNjxPjlkPV8CoH8qCK2aEQsOdzHlSwvMhD234dv1/ipMH6aXJ
lwx1cShc0/PK+kxrfX+jSeYIsO1sz1Y58AyuLWkfWm5hOB/dJqHVFH+W6aml/hrs
RSb87qMlPL8IoaXDS48deVVANmBDa6dy3uDiQCtZAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUAVb4PeQdHRW0sWxAq4ocwzWpDAkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E5N2ZkNjg0LTA4MzItNDljZS1hZDMyLWU1MjIyYTJhNGNjNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB84UMAwDQYJKoZIhvcNAQELBQADggEBAMHkieR+Q5RrSoY0mjAGqJbY
Fbqd04aHAx2KMAiUFF1QEw1EeW6EcFt4iC1lG4vs+gsReQA93AFDbcYSIRhR06y2
9OxRhZuzdbdr9ZlU/6mv9AQbQHaIk7VFszqyqv53Jzi2vaWsZCesC+MWRe1hYa1S
nokZTDcP4Mo1Rh25ayX9y0k6lY13RGBfC1hziUxJDQpww77AcatXyPbRWRAAkMC7
+Nlsu6OVtggG+aTPgyCzv+8vnl8UDFLE4rBd51FGSUgtwefrVwWC42O++rtYC0aj
IqsyCxkueDWRuDSUnhifp+pf53ChBujo+p11Kq/U7zBsOPldC898ykq73ZK0FBc=
-----END CERTIFICATE-----