Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bd071994-2f6d-4abe-9d59-0adb3a6c8a49.roa
File:                     bd071994-2f6d-4abe-9d59-0adb3a6c8a49.roa (raw, json)
Hash identifier:          aWo/goUBwNNefeAxPUS4kRPX8l7HSyEiyEONT7GtVyg=
Subject key identifier:   37:30:6A:1B:74:77:8E:C5:6C:C9:18:0F:30:58:3B:93:FE:22:C2:CF
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0319A3572DE333AF1991D6C6EC1F8F850449A00A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bd071994-2f6d-4abe-9d59-0adb3a6c8a49.roa
Signing time:             Tue 22 Apr 2025 17:20:20 +0000
ROA not before:           Tue 22 Apr 2025 17:20:20 +0000
ROA not after:            Tue 27 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f14:4000::/37 maxlen: 37
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:19:a3:57:2d:e3:33:af:19:91:d6:c6:ec:1f:8f:85:04:49:a0:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 22 17:20:20 2025 GMT
            Not After : May 27 23:59:59 2025 GMT
        Subject: serialNumber=28ca8f41da78523f78037c213b4aa35eee850c66c6b4c992b0f375e7382c1bb0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:7c:71:ac:62:59:4b:a2:b8:84:ba:9a:90:ef:
                    4e:32:1d:19:93:a7:02:92:f6:be:24:e3:29:98:3a:
                    88:1a:ea:8c:55:54:ee:c4:81:57:92:ed:3b:28:1d:
                    4f:3f:b7:0a:23:fa:f4:ea:2d:48:5e:11:c8:0d:e5:
                    37:04:82:8d:6d:d1:78:47:af:5d:96:b7:14:25:65:
                    8b:67:fd:8a:05:a5:37:d5:a1:28:84:dd:a3:68:32:
                    37:ee:94:30:4a:a8:37:73:c4:9b:25:95:ce:91:83:
                    17:7b:ce:ed:3e:22:12:ec:d4:3a:c7:50:17:88:45:
                    74:8d:b8:0e:db:e1:46:c2:e3:de:ea:3e:1e:40:dc:
                    61:b7:88:ff:33:e3:f8:e8:02:cb:eb:04:94:23:61:
                    47:b7:9e:97:d4:2b:03:f3:cb:7c:45:36:0b:ab:39:
                    f7:89:f8:32:50:a1:d6:25:1a:76:89:b7:b3:6b:0e:
                    9c:fe:6e:08:2c:3f:d5:ed:03:3c:93:0c:aa:9b:42:
                    d0:fd:6c:fc:7c:5a:4f:b2:03:f9:fb:81:7e:50:89:
                    91:4a:92:c3:e1:67:00:26:bd:c9:27:f9:eb:ba:5e:
                    f1:81:a3:f1:65:12:36:3c:4e:99:14:ee:93:1d:f1:
                    de:49:f6:75:f8:13:fa:33:13:69:09:7e:d6:70:70:
                    0e:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:30:6A:1B:74:77:8E:C5:6C:C9:18:0F:30:58:3B:93:FE:22:C2:CF
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bd071994-2f6d-4abe-9d59-0adb3a6c8a49.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f14:4000::/37

    Signature Algorithm: sha256WithRSAEncryption
         d1:0c:5d:3c:1c:53:9e:37:dd:be:b2:50:46:4d:1c:f4:6d:8d:
         fc:2c:ab:28:95:b1:d4:a9:55:06:9d:f5:b0:14:61:38:34:94:
         59:8e:c6:84:7a:0f:27:99:5b:1c:87:a2:15:0a:df:07:57:93:
         fb:3d:53:55:9c:f9:25:dc:1c:0c:da:32:2f:7d:3a:d9:a6:c8:
         1d:71:fd:8e:67:11:65:a2:15:c7:ae:08:8d:88:24:db:9f:72:
         c7:74:fe:d0:3f:0a:fc:6f:ca:59:93:54:60:73:28:bb:4c:9d:
         a2:4a:66:0e:2f:2b:f1:81:01:f8:90:86:be:07:d4:5e:e9:7d:
         20:af:6a:28:f9:c0:8d:e8:f6:f9:2b:a0:6a:8e:f6:58:43:5a:
         a0:c0:ca:00:c6:89:e3:eb:9d:87:f7:db:a7:6d:07:8f:c3:da:
         94:38:10:a4:af:86:d6:cf:5a:2d:10:4f:b7:f4:e6:cb:3c:3d:
         52:99:5f:ff:bf:f8:2d:15:b4:c4:94:45:c7:7e:fe:de:82:bd:
         92:07:9e:ac:55:06:c3:02:2f:7c:b9:e9:73:1c:0c:db:d7:be:
         a7:db:fc:40:d4:3b:51:fa:1b:13:0a:f5:40:dc:60:be:9d:9a:
         bd:5f:16:f1:91:7c:75:8a:01:3c:ec:ad:82:0a:3a:e4:0e:be:
         09:21:d4:fb
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUAxmjVy3jM68ZkdbG7B+PhQRJoAowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDIyMTcyMDIwWhcNMjUwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyOGNhOGY0MWRhNzg1MjNmNzgwMzdjMjEzYjRhYTM1ZWVl
ODUwYzY2YzZiNGM5OTJiMGYzNzVlNzM4MmMxYmIwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDRfHGsYllLoriEupqQ704yHRmTpwKS9r4k4ymYOoga6oxV
VO7EgVeS7TsoHU8/twoj+vTqLUheEcgN5TcEgo1t0XhHr12WtxQlZYtn/YoFpTfV
oSiE3aNoMjfulDBKqDdzxJsllc6Rgxd7zu0+IhLs1DrHUBeIRXSNuA7b4UbC497q
Ph5A3GG3iP8z4/joAsvrBJQjYUe3npfUKwPzy3xFNgurOfeJ+DJQodYlGnaJt7Nr
Dpz+bggsP9XtAzyTDKqbQtD9bPx8Wk+yA/n7gX5QiZFKksPhZwAmvckn+eu6XvGB
o/FlEjY8TpkU7pMd8d5J9nX4E/ozE2kJftZwcA7BAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUNzBqG3R3jsVsyRgPMFg7k/4iws8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JkMDcxOTk0LTJmNmQtNGFiZS05ZDU5LTBhZGIzYTZjOGE0OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgMmAB8UQDANBgkqhkiG9w0BAQsFAAOCAQEA0QxdPBxTnjfdvrJQRk0c9G2N
/CyrKJWx1KlVBp31sBRhODSUWY7GhHoPJ5lbHIeiFQrfB1eT+z1TVZz5JdwcDNoy
L3062abIHXH9jmcRZaIVx64IjYgk259yx3T+0D8K/G/KWZNUYHMou0ydokpmDi8r
8YEB+JCGvgfUXul9IK9qKPnAjej2+Sugao72WENaoMDKAMaJ4+udh/fbp20Hj8Pa
lDgQpK+G1s9aLRBPt/Tmyzw9Uplf/7/4LRW0xJRFx37+3oK9kgeerFUGwwIvfLnp
cxwM29e+p9v8QNQ7UfobEwr1QNxgvp2avV8W8ZF8dYoBPOytggo65A6+CSHU+w==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:58:37 2025 by rpki-client