Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d6185de8-a4ea-4ece-82e3-974af53b3f82.roa
File:                     d6185de8-a4ea-4ece-82e3-974af53b3f82.roa (raw, json)
Hash identifier:          JUasuHiygaUUN98/vzazipO/+JXHKGT6dOENnm57iDA=
Subject key identifier:   66:51:19:9F:BD:2E:52:8C:1C:E6:41:F0:5F:09:2B:D6:3E:60:C0:C6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2BCA446CAD645FC25B94432FC0E557C796C5BBCB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d6185de8-a4ea-4ece-82e3-974af53b3f82.roa
Signing time:             Wed 06 Aug 2025 00:21:43 +0000
ROA not before:           Wed 06 Aug 2025 00:21:43 +0000
ROA not after:            Wed 10 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1fef:e000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 08 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:ca:44:6c:ad:64:5f:c2:5b:94:43:2f:c0:e5:57:c7:96:c5:bb:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  6 00:21:43 2025 GMT
            Not After : Sep 10 23:59:59 2025 GMT
        Subject: serialNumber=00768ed018d80b9fd7928efbdec816ffe567d3bea8e47f7d460ae767f9519f4f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:50:4d:aa:59:c4:10:51:6e:ff:66:cb:1d:7e:
                    e6:e9:df:cc:ae:af:41:d9:c5:94:32:b0:1e:62:bc:
                    c8:e3:1a:fd:21:92:23:c8:14:fb:30:e3:6a:b1:0a:
                    19:50:85:fc:73:b6:4b:05:6a:31:c5:58:03:bc:1f:
                    91:7c:0b:9d:ea:0b:62:f1:31:34:a6:cb:d0:1d:a0:
                    06:13:f3:9b:7e:f0:81:e4:25:fb:36:18:ce:e5:fa:
                    f9:1d:0b:f1:88:56:a5:79:92:68:58:75:b9:e2:15:
                    ec:21:c1:f2:83:fb:44:3b:3f:53:e4:af:0c:95:51:
                    07:5c:c9:0f:75:c0:f0:46:e3:48:b7:0e:57:23:ae:
                    a8:05:7a:60:02:d6:de:bf:09:0b:cc:8a:0e:fb:05:
                    d1:11:0e:ab:42:58:8c:1d:1f:1f:25:52:82:bb:d7:
                    3d:ca:bc:32:22:c1:bf:b1:27:d3:45:aa:75:e7:39:
                    87:68:a5:4c:28:ef:d6:01:8c:f9:12:ed:8b:bd:a7:
                    8c:2e:13:0a:7c:5a:ed:aa:80:e1:2f:3f:8b:d2:b7:
                    5e:c2:96:cf:5a:9c:f7:51:e0:e0:57:85:91:5b:f0:
                    ba:c1:67:02:80:30:4a:de:39:e3:df:37:57:24:5d:
                    9e:5c:0d:69:db:99:0e:a1:1f:6c:e7:bc:bd:aa:99:
                    a1:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:51:19:9F:BD:2E:52:8C:1C:E6:41:F0:5F:09:2B:D6:3E:60:C0:C6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d6185de8-a4ea-4ece-82e3-974af53b3f82.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fef:e000::/40

    Signature Algorithm: sha256WithRSAEncryption
         0b:6a:dc:f8:f7:2f:fc:34:bc:84:2b:54:55:a5:8a:fb:b9:36:
         bd:f3:0b:00:85:5a:5f:31:86:e6:cb:12:f7:e0:5a:67:69:4c:
         1f:35:37:05:eb:af:a8:2d:3c:e5:f1:90:5b:01:ef:1e:10:c3:
         73:dc:b5:ba:be:0e:1c:5f:00:73:82:33:74:ad:ef:41:c3:ed:
         ff:4f:9b:bb:c0:6c:8a:ba:b1:53:8a:72:89:ac:66:1d:cb:ce:
         41:95:01:1b:1f:54:f4:dc:ee:3a:49:0a:6e:19:43:51:3e:3d:
         82:d5:19:49:75:16:75:3e:16:81:0e:6d:12:a1:0c:48:52:ae:
         7e:63:8b:1a:1b:8e:29:f0:85:ac:25:38:f7:61:09:82:6a:c6:
         c3:d4:75:70:2c:0b:0f:ef:1c:a0:07:cd:64:b1:d2:ef:8f:4a:
         59:60:be:75:47:71:18:97:24:65:6b:a2:6c:ee:8a:01:46:14:
         ff:d2:cb:19:c0:b8:3e:2c:cf:17:b5:9a:09:5b:d2:93:88:1f:
         d3:39:22:f0:f4:96:1c:5a:68:3f:f0:66:fa:7a:64:95:5f:fd:
         bd:6a:80:2c:07:db:af:88:73:b8:2b:73:12:de:0b:8e:fc:6f:
         30:49:b3:8c:4e:c5:45:8c:60:ec:83:e2:45:73:9d:8b:5c:3f:
         7e:5b:9f:20
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUK8pEbK1kX8JblEMvwOVXx5bFu8swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA2MDAyMTQzWhcNMjUwOTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AwMDc2OGVkMDE4ZDgwYjlmZDc5MjhlZmJkZWM4MTZmZmU1
NjdkM2JlYThlNDdmN2Q0NjBhZTc2N2Y5NTE5ZjRmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDPUE2qWcQQUW7/Zssdfubp38yur0HZxZQysB5ivMjjGv0h
kiPIFPsw42qxChlQhfxztksFajHFWAO8H5F8C53qC2LxMTSmy9AdoAYT85t+8IHk
Jfs2GM7l+vkdC/GIVqV5kmhYdbniFewhwfKD+0Q7P1PkrwyVUQdcyQ91wPBG40i3
DlcjrqgFemAC1t6/CQvMig77BdERDqtCWIwdHx8lUoK71z3KvDIiwb+xJ9NFqnXn
OYdopUwo79YBjPkS7Yu9p4wuEwp8Wu2qgOEvP4vSt17Cls9anPdR4OBXhZFb8LrB
ZwKAMEreOePfN1ckXZ5cDWnbmQ6hH2znvL2qmaE/AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUZlEZn70uUowc5kHwXwkr1j5gwMYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q2MTg1ZGU4LWE0ZWEtNGVjZS04MmUzLTk3NGFmNTNiM2Y4Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/v4DANBgkqhkiG9w0BAQsFAAOCAQEAC2rc+Pcv/DS8hCtUVaWK+7k2
vfMLAIVaXzGG5ssS9+BaZ2lMHzU3BeuvqC085fGQWwHvHhDDc9y1ur4OHF8Ac4Iz
dK3vQcPt/0+bu8BsirqxU4pyiaxmHcvOQZUBGx9U9NzuOkkKbhlDUT49gtUZSXUW
dT4WgQ5tEqEMSFKufmOLGhuOKfCFrCU492EJgmrGw9R1cCwLD+8coAfNZLHS749K
WWC+dUdxGJckZWuibO6KAUYU/9LLGcC4PizPF7WaCVvSk4gf0zki8PSWHFpoP/Bm
+npklV/9vWqALAfbr4hzuCtzEt4LjvxvMEmzjE7FRYxg7IPiRXOdi1w/flufIA==
-----END CERTIFICATE-----
Generated at Wed Aug 6 19:37:52 2025 by rpki-client