Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a97fd684-0832-49ce-ad32-e5222a2a4cc7.roa
File:                     a97fd684-0832-49ce-ad32-e5222a2a4cc7.roa (raw, json)
Hash identifier:          0fldkGBSwXFHmH4wb83GZPHIDUdHi2eTyWZ1SJDnXmY=
Subject key identifier:   E6:AB:A8:2F:63:78:52:F8:DD:34:11:65:E9:E8:40:BA:5C:BA:E9:32
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       20264E5399DB370C8339580563FA4F4E4BA7A999
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a97fd684-0832-49ce-ad32-e5222a2a4cc7.roa
Signing time:             Fri 01 Aug 2025 15:31:20 +0000
ROA not before:           Fri 01 Aug 2025 15:31:20 +0000
ROA not after:            Fri 05 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f38:50c0::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:26:4e:53:99:db:37:0c:83:39:58:05:63:fa:4f:4e:4b:a7:a9:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  1 15:31:20 2025 GMT
            Not After : Sep  5 23:59:59 2025 GMT
        Subject: serialNumber=36314c12b766b99a59a55c77816eee49618bd674ea8be8c0696a38eb49b10e15, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:b4:a8:d5:d1:7a:87:fd:23:7c:01:fa:63:46:
                    ec:38:d8:15:1c:55:4b:36:a8:8a:fc:e6:a0:ff:b7:
                    91:4f:2b:f6:ee:93:11:f4:75:c0:13:d5:7f:db:4a:
                    10:b8:88:47:9c:25:03:b0:fc:81:bf:d5:a4:66:71:
                    eb:08:bc:da:37:3e:94:ce:7e:91:84:9e:85:80:07:
                    7c:6b:9c:9a:eb:44:d5:36:bb:86:8a:b1:72:7a:cd:
                    fb:06:90:09:80:35:c6:12:44:be:de:72:02:99:ec:
                    b3:7e:e9:06:0d:c6:98:5a:12:33:b3:43:c7:3b:d2:
                    ce:a5:09:a1:2f:c0:b9:c1:8f:f5:56:7f:1b:b3:67:
                    19:65:3d:4c:ac:d2:2a:f4:6f:77:f8:96:03:7d:bd:
                    40:22:78:86:d7:65:e7:00:8b:78:30:3b:c6:d2:14:
                    1e:36:93:01:1a:be:99:e3:c3:8d:e3:fd:68:c5:1c:
                    90:b0:88:11:b5:ac:12:68:65:3f:30:ac:f9:4d:22:
                    be:c8:ea:ee:89:4a:b2:da:32:19:9b:30:42:0b:7e:
                    ed:a6:46:e4:ac:1a:71:86:b0:fb:73:5f:23:08:e8:
                    15:bd:44:d8:b7:5c:fa:64:3d:60:9b:82:e3:70:5f:
                    68:75:c5:bf:67:7e:5f:96:a5:3a:58:b4:12:d1:07:
                    e7:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:AB:A8:2F:63:78:52:F8:DD:34:11:65:E9:E8:40:BA:5C:BA:E9:32
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a97fd684-0832-49ce-ad32-e5222a2a4cc7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f38:50c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         13:79:5a:c9:e5:2f:e1:8c:c0:29:59:17:ad:b5:7f:0a:89:b1:
         ac:ea:82:39:e2:06:4a:9c:9e:37:da:40:77:c6:b3:da:da:83:
         d8:4c:2a:d9:c0:3a:b5:96:52:93:90:e8:33:11:50:5b:9a:af:
         a0:64:70:d5:b2:84:c2:00:96:2a:2c:b6:f1:a7:15:77:9b:66:
         60:d5:04:26:5b:30:d4:cc:62:e8:17:bd:0e:ad:cb:c0:0f:cc:
         79:e2:e7:7d:23:d7:d7:9b:a2:f3:4b:e2:35:12:37:f1:7f:1f:
         dc:53:c7:43:9e:61:13:9b:2a:9c:e0:89:32:92:e0:41:28:d5:
         3c:d0:a6:fa:f8:a6:c8:f1:38:93:a5:25:3d:a0:bc:92:28:30:
         e6:0a:73:ba:59:95:d3:87:7a:8e:e1:8b:e0:4b:2e:10:51:de:
         74:76:92:6a:09:7e:f0:aa:04:4c:da:65:4d:64:79:dc:27:60:
         c0:3a:68:95:c0:9a:fa:18:28:08:23:08:4b:db:2d:5a:04:02:
         92:2b:ba:41:24:6e:5a:66:b8:88:bb:ab:31:d1:dd:ad:fe:9d:
         52:6d:73:e2:45:92:68:bc:ec:f3:25:d1:63:96:ec:87:5a:fa:
         d1:87:26:80:ae:8a:3e:67:dc:3c:75:e5:ae:3b:1a:9a:57:4e:
         07:96:62:c4
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUICZOU5nbNwyDOVgFY/pPTkunqZkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODAxMTUzMTIwWhcNMjUwOTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNjMxNGMxMmI3NjZiOTlhNTlhNTVjNzc4MTZlZWU0OTYx
OGJkNjc0ZWE4YmU4YzA2OTZhMzhlYjQ5YjEwZTE1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9tKjV0XqH/SN8AfpjRuw42BUcVUs2qIr85qD/t5FPK/bu
kxH0dcAT1X/bShC4iEecJQOw/IG/1aRmcesIvNo3PpTOfpGEnoWAB3xrnJrrRNU2
u4aKsXJ6zfsGkAmANcYSRL7ecgKZ7LN+6QYNxphaEjOzQ8c70s6lCaEvwLnBj/VW
fxuzZxllPUys0ir0b3f4lgN9vUAieIbXZecAi3gwO8bSFB42kwEavpnjw43j/WjF
HJCwiBG1rBJoZT8wrPlNIr7I6u6JSrLaMhmbMEILfu2mRuSsGnGGsPtzXyMI6BW9
RNi3XPpkPWCbguNwX2h1xb9nfl+WpTpYtBLRB+dHAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU5quoL2N4UvjdNBFl6ehAuly66TIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E5N2ZkNjg0LTA4MzItNDljZS1hZDMyLWU1MjIyYTJhNGNjNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB84UMAwDQYJKoZIhvcNAQELBQADggEBABN5WsnlL+GMwClZF621fwqJ
sazqgjniBkqcnjfaQHfGs9rag9hMKtnAOrWWUpOQ6DMRUFuar6BkcNWyhMIAlios
tvGnFXebZmDVBCZbMNTMYugXvQ6ty8APzHni530j19ebovNL4jUSN/F/H9xTx0Oe
YRObKpzgiTKS4EEo1TzQpvr4psjxOJOlJT2gvJIoMOYKc7pZldOHeo7hi+BLLhBR
3nR2kmoJfvCqBEzaZU1kedwnYMA6aJXAmvoYKAgjCEvbLVoEApIrukEkblpmuIi7
qzHR3a3+nVJtc+JFkmi87PMl0WOW7Ida+tGHJoCuij5n3Dx15a47GppXTgeWYsQ=
-----END CERTIFICATE-----
Generated at Wed Aug 6 13:05:40 2025 by rpki-client