Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ab2c5b4c-5318-4a5e-a629-9bea0f4ea85c.roa
File:                     ab2c5b4c-5318-4a5e-a629-9bea0f4ea85c.roa (raw, json)
Hash identifier:          LZvugSS1XU2rqv4ZlD36fs4tixqedlrFPa66VoX95Vg=
Subject key identifier:   8B:F0:0E:72:98:64:33:F0:F7:5C:34:63:50:56:0F:E8:C8:91:29:AA
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       77C139C622D2E4FAA415230C79F57E4084C339C4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ab2c5b4c-5318-4a5e-a629-9bea0f4ea85c.roa
Signing time:             Fri 13 Jun 2025 17:01:58 +0000
ROA not before:           Fri 13 Jun 2025 17:01:58 +0000
ROA not after:            Fri 18 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f2d:4000::/37 maxlen: 37
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:c1:39:c6:22:d2:e4:fa:a4:15:23:0c:79:f5:7e:40:84:c3:39:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 13 17:01:58 2025 GMT
            Not After : Jul 18 23:59:59 2025 GMT
        Subject: serialNumber=3e93ffdbc00d5376e7df501dbd316a16c0c0aca4dedba5ebe20d366fd73f16da, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:fc:a6:56:11:6d:a4:d7:1c:98:29:cc:f0:7f:
                    53:86:31:30:c0:e8:15:b9:61:ca:de:18:41:dd:cc:
                    f6:ec:54:2a:ea:1c:28:82:48:dd:8e:28:40:8c:56:
                    88:e3:57:80:28:5b:5e:26:f3:46:d4:fc:3b:64:15:
                    43:d2:f6:b0:73:87:05:ad:33:18:f0:92:b9:c5:e1:
                    7d:0d:df:a8:a9:22:03:22:16:bc:75:82:e6:09:58:
                    d4:0f:4a:cf:7b:5e:4f:83:17:a5:9a:f3:91:50:2d:
                    90:09:1a:fa:ea:94:88:86:b4:c8:1a:b1:66:8b:48:
                    3f:de:cb:eb:ae:f5:bb:ed:de:25:66:3a:54:eb:70:
                    7f:cc:36:1c:20:46:c2:7b:4b:c9:bb:54:19:70:0c:
                    b5:71:fd:f1:ec:e9:f1:a3:b7:88:7c:ae:db:bc:de:
                    f5:83:d4:f4:ab:9f:e3:52:3c:41:5b:36:20:32:82:
                    59:83:31:82:f1:91:92:94:44:a4:61:68:07:da:af:
                    6c:1f:36:b6:54:71:72:70:64:6e:40:ce:c6:e8:96:
                    6d:7f:70:dd:f5:d1:a3:e6:3c:02:e6:19:b3:19:b9:
                    7b:68:47:df:a7:3d:d2:c5:3f:fe:70:29:1a:d7:77:
                    90:b4:1d:e6:f1:a2:9c:81:d5:a9:cf:1a:9d:d1:16:
                    b1:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:F0:0E:72:98:64:33:F0:F7:5C:34:63:50:56:0F:E8:C8:91:29:AA
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ab2c5b4c-5318-4a5e-a629-9bea0f4ea85c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f2d:4000::/37

    Signature Algorithm: sha256WithRSAEncryption
         d5:f8:a1:88:ac:cf:1b:ee:13:84:1f:ed:8a:bd:45:ae:70:86:
         9c:58:56:99:8c:cb:95:66:46:57:1f:8b:e4:d5:8f:aa:9a:20:
         9e:19:a9:ed:83:82:ed:46:04:d9:d0:6b:c0:b0:7b:62:0a:4e:
         e5:b6:ea:2b:cc:4e:50:9d:a3:8e:6f:18:e7:5e:03:89:a5:62:
         e2:df:6d:70:b1:69:23:b1:21:4d:fb:75:c0:34:b1:0a:29:3f:
         b5:e6:19:17:38:22:51:53:61:f6:bd:ad:c2:bd:bc:93:60:31:
         71:64:af:a8:45:19:ef:03:a6:43:f3:40:d2:7e:02:4c:26:43:
         a1:3b:0e:72:ac:64:23:fa:fb:e0:c4:9b:2c:6e:29:ab:b7:83:
         dc:7a:5a:1c:7e:a8:fb:83:5f:6b:79:9e:9e:8e:62:37:c0:6a:
         ed:93:79:21:ff:6e:01:27:c2:0f:f2:69:35:51:0a:13:52:03:
         88:5b:62:43:28:f7:4a:e0:76:c1:98:95:a1:a9:29:f5:13:b1:
         65:ce:31:e6:5c:a2:76:52:c0:0d:15:d0:8e:bc:64:1d:f3:3c:
         11:9c:b2:24:04:fb:79:9c:e2:0b:4b:e1:ae:ef:7b:9b:48:3e:
         1d:fe:f9:38:8f:3c:14:f9:ec:e3:1f:34:49:ec:45:66:d9:c7:
         3d:b3:79:a9
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUd8E5xiLS5PqkFSMMefV+QITDOcQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjEzMTcwMTU4WhcNMjUwNzE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzZTkzZmZkYmMwMGQ1Mzc2ZTdkZjUwMWRiZDMxNmExNmMw
YzBhY2E0ZGVkYmE1ZWJlMjBkMzY2ZmQ3M2YxNmRhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDM/KZWEW2k1xyYKczwf1OGMTDA6BW5YcreGEHdzPbsVCrq
HCiCSN2OKECMVojjV4AoW14m80bU/DtkFUPS9rBzhwWtMxjwkrnF4X0N36ipIgMi
Frx1guYJWNQPSs97Xk+DF6Wa85FQLZAJGvrqlIiGtMgasWaLSD/ey+uu9bvt3iVm
OlTrcH/MNhwgRsJ7S8m7VBlwDLVx/fHs6fGjt4h8rtu83vWD1PSrn+NSPEFbNiAy
glmDMYLxkZKURKRhaAfar2wfNrZUcXJwZG5Azsbolm1/cN310aPmPALmGbMZuXto
R9+nPdLFP/5wKRrXd5C0HebxopyB1anPGp3RFrEbAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUi/AOcphkM/D3XDRjUFYP6MiRKaowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FiMmM1YjRjLTUzMTgtNGE1ZS1hNjI5LTliZWEwZjRlYTg1Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgMmAB8tQDANBgkqhkiG9w0BAQsFAAOCAQEA1fihiKzPG+4ThB/tir1FrnCG
nFhWmYzLlWZGVx+L5NWPqpognhmp7YOC7UYE2dBrwLB7YgpO5bbqK8xOUJ2jjm8Y
514DiaVi4t9tcLFpI7EhTft1wDSxCik/teYZFzgiUVNh9r2twr28k2AxcWSvqEUZ
7wOmQ/NA0n4CTCZDoTsOcqxkI/r74MSbLG4pq7eD3HpaHH6o+4Nfa3meno5iN8Bq
7ZN5If9uASfCD/JpNVEKE1IDiFtiQyj3SuB2wZiVoakp9ROxZc4x5lyidlLADRXQ
jrxkHfM8EZyyJAT7eZziC0vhru97m0g+Hf75OI88FPns4x80SexFZtnHPbN5qQ==
-----END CERTIFICATE-----