Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b35e1422-797a-49b6-b1f5-bf9b752403e2.roa
File:                     b35e1422-797a-49b6-b1f5-bf9b752403e2.roa (raw, json)
Hash identifier:          0pg4vcEUsTOYyOLY/fuo3bYgs2AHFrm0JhzjBbUKxzI=
Subject key identifier:   66:7A:F2:C7:EC:23:C9:55:3F:7B:EC:32:77:1B:91:E0:8C:42:EE:B5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5092A0B0B08D6719793A00EE55CB5C3DE8177932
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b35e1422-797a-49b6-b1f5-bf9b752403e2.roa
Signing time:             Tue 10 Jun 2025 16:21:47 +0000
ROA not before:           Tue 10 Jun 2025 16:21:47 +0000
ROA not after:            Tue 15 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f38:5040::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:92:a0:b0:b0:8d:67:19:79:3a:00:ee:55:cb:5c:3d:e8:17:79:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 10 16:21:47 2025 GMT
            Not After : Jul 15 23:59:59 2025 GMT
        Subject: serialNumber=a79d69149f6717307eb705b8db8c5478c56cec2422e8cf668a35054c7b79154d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:f6:c0:c6:54:29:5a:a7:96:e3:ba:0c:d6:b5:
                    27:8b:29:3c:32:ab:9c:d2:41:5c:0e:40:59:1f:b3:
                    6d:3e:fc:a1:7a:53:dd:91:4f:4f:68:e8:a7:6d:ec:
                    b5:e4:86:a0:86:90:51:17:fc:bf:b1:b5:d0:e8:32:
                    e8:ad:db:ea:6f:1c:70:84:af:ae:67:25:13:c9:90:
                    1a:c0:9d:a7:30:f0:c7:66:e3:5d:68:63:1f:59:aa:
                    2f:a4:64:b0:dd:bb:30:72:85:b1:5d:df:84:da:60:
                    8c:c1:9e:6b:db:6f:56:5c:e7:80:05:fe:1f:54:39:
                    1a:3a:d0:5f:37:0c:e0:2a:44:2c:b9:59:a8:f9:df:
                    d9:70:da:83:7a:8c:1e:52:dd:93:29:61:bb:d5:e6:
                    3c:c7:72:19:63:a5:09:1f:bd:9c:8a:3e:e4:45:24:
                    e8:42:d9:94:e0:66:f7:8e:98:bd:cb:06:f4:1a:e0:
                    0e:cd:25:a9:cb:ec:aa:39:0c:23:5c:d1:d1:c0:f9:
                    45:fd:0d:73:69:d7:5a:dc:79:31:41:56:db:fb:fa:
                    21:a3:0d:36:68:1d:a8:9a:8e:aa:6b:0e:80:d4:75:
                    43:e4:f6:c7:2a:bd:de:43:32:8f:1c:04:77:8d:d8:
                    55:98:a6:c3:d4:81:de:38:d4:66:b5:7c:8b:e7:19:
                    54:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:7A:F2:C7:EC:23:C9:55:3F:7B:EC:32:77:1B:91:E0:8C:42:EE:B5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b35e1422-797a-49b6-b1f5-bf9b752403e2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f38:5040::/48

    Signature Algorithm: sha256WithRSAEncryption
         6d:1c:22:10:2d:a0:48:40:58:d1:ae:e2:41:b8:19:76:2c:2d:
         a0:2c:57:72:d6:f7:e9:8d:a0:57:46:7f:f8:e8:70:07:c1:62:
         3c:ff:ea:b4:fe:7c:79:be:0f:71:2c:c8:ac:93:7a:80:f8:ac:
         53:bf:6e:1e:b8:be:31:ec:04:f9:e9:29:e0:d1:d5:40:74:bc:
         e2:90:26:74:bc:d0:d0:1e:ef:1f:25:15:e3:d0:94:f2:90:5a:
         fa:7e:d3:b2:ba:ed:eb:8f:1f:88:18:7b:95:f0:e7:6f:1e:b0:
         c6:29:dd:40:08:a6:8c:15:cd:d9:28:5b:03:76:10:50:72:2b:
         59:d1:c8:21:cc:24:9a:e2:93:b3:8e:38:0f:a7:ca:2b:d8:90:
         d8:cf:c9:c8:16:64:f1:30:2d:c2:6a:d1:5c:7c:af:bd:97:cb:
         29:15:6e:e6:7c:17:8b:11:74:84:6e:78:3e:5d:5e:54:d5:57:
         5a:1c:a6:28:d9:53:83:ae:8f:51:d4:77:47:f2:cf:f8:1a:d6:
         33:7e:54:e3:83:d6:fa:1f:6b:4c:68:60:61:bc:fe:69:09:0a:
         5b:16:9b:03:0f:e1:b3:86:9c:05:b5:75:8e:be:de:c6:97:79:
         42:54:83:23:f2:db:af:9c:20:0d:95:79:20:bb:0a:e5:1b:77:
         81:29:61:7d
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUUJKgsLCNZxl5OgDuVctcPegXeTIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjEwMTYyMTQ3WhcNMjUwNzE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNzlkNjkxNDlmNjcxNzMwN2ViNzA1YjhkYjhjNTQ3OGM1
NmNlYzI0MjJlOGNmNjY4YTM1MDU0YzdiNzkxNTRkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDG9sDGVClap5bjugzWtSeLKTwyq5zSQVwOQFkfs20+/KF6
U92RT09o6Kdt7LXkhqCGkFEX/L+xtdDoMuit2+pvHHCEr65nJRPJkBrAnacw8Mdm
411oYx9Zqi+kZLDduzByhbFd34TaYIzBnmvbb1Zc54AF/h9UORo60F83DOAqRCy5
Waj539lw2oN6jB5S3ZMpYbvV5jzHchljpQkfvZyKPuRFJOhC2ZTgZveOmL3LBvQa
4A7NJanL7Ko5DCNc0dHA+UX9DXNp11rceTFBVtv7+iGjDTZoHaiajqprDoDUdUPk
9scqvd5DMo8cBHeN2FWYpsPUgd441Ga1fIvnGVQDAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUZnryx+wjyVU/e+wydxuR4IxC7rUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IzNWUxNDIyLTc5N2EtNDliNi1iMWY1LWJmOWI3NTI0MDNlMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB84UEAwDQYJKoZIhvcNAQELBQADggEBAG0cIhAtoEhAWNGu4kG4GXYs
LaAsV3LW9+mNoFdGf/jocAfBYjz/6rT+fHm+D3EsyKyTeoD4rFO/bh64vjHsBPnp
KeDR1UB0vOKQJnS80NAe7x8lFePQlPKQWvp+07K67euPH4gYe5Xw528esMYp3UAI
powVzdkoWwN2EFByK1nRyCHMJJrik7OOOA+nyivYkNjPycgWZPEwLcJq0Vx8r72X
yykVbuZ8F4sRdIRueD5dXlTVV1ocpijZU4Ouj1HUd0fyz/ga1jN+VOOD1vofa0xo
YGG8/mkJClsWmwMP4bOGnAW1dY6+3saXeUJUgyPy26+cIA2VeSC7CuUbd4EpYX0=
-----END CERTIFICATE-----