Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d7fe2419-f59a-4ab1-9c98-0d66a172149d.roa
File:                     d7fe2419-f59a-4ab1-9c98-0d66a172149d.roa (raw, json)
Hash identifier:          MoVA3Yff/ShaQu3foyMfY0vwqEZc3M1RWNCwMsNvoqM=
Subject key identifier:   ED:4A:FC:B4:8C:66:C5:F8:C2:AE:62:9C:84:DD:29:6A:16:33:EC:84
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3D43B4D604CEDFA421C55F1DB64954EADF0696FF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d7fe2419-f59a-4ab1-9c98-0d66a172149d.roa
Signing time:             Fri 25 Jul 2025 00:10:23 +0000
ROA not before:           Fri 25 Jul 2025 00:10:23 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f32:8000::/39 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:43:b4:d6:04:ce:df:a4:21:c5:5f:1d:b6:49:54:ea:df:06:96:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 25 00:10:23 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=9e761c979502c4c12c8d057a8b1ad5dcc58a2ce0e65c94b2ff54b8e136c71ac2, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:e1:c7:27:9d:25:8b:6d:33:cb:ff:d6:62:c2:
                    5b:45:80:53:80:2a:f8:2e:54:38:a8:33:73:8e:b0:
                    a2:92:f0:30:47:cf:91:cd:85:1b:0f:18:12:b9:fb:
                    10:82:ec:91:df:15:ed:d6:f6:8a:75:9e:6c:7e:03:
                    ae:6a:f0:5a:5b:6b:a0:4e:d3:53:19:1f:e2:21:19:
                    ec:1f:7f:da:72:a9:3d:4d:04:c3:3f:40:59:2e:70:
                    39:41:44:a8:05:f3:74:94:db:f4:76:70:5e:eb:7e:
                    1b:d8:31:60:e5:45:1f:a2:29:9f:ad:db:5b:1d:9a:
                    28:5e:c8:be:72:9d:43:26:94:d7:4c:49:93:37:90:
                    b3:e9:ec:1a:1e:02:e2:60:20:39:a7:65:36:79:77:
                    c6:1c:7b:75:50:46:d6:52:24:7e:4a:c4:f1:f8:53:
                    a5:29:f3:84:35:a6:0e:44:45:e1:fd:38:bf:cb:bd:
                    41:94:fd:42:0c:ef:25:de:52:cc:6c:3e:fd:1f:8c:
                    2e:01:49:cc:91:a3:c9:b0:32:ed:36:20:67:93:2d:
                    bf:f5:64:36:5d:f1:48:0c:5a:07:43:eb:52:52:40:
                    7c:4d:6f:d9:a4:f7:2c:6f:fb:f3:3c:9c:b6:99:6a:
                    2e:de:74:14:13:31:c6:4f:80:fd:c3:c6:d7:2b:ad:
                    19:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:4A:FC:B4:8C:66:C5:F8:C2:AE:62:9C:84:DD:29:6A:16:33:EC:84
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d7fe2419-f59a-4ab1-9c98-0d66a172149d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f32:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         2c:1c:bd:82:d2:50:3c:b8:88:89:09:74:83:f0:2c:13:60:c1:
         db:25:d6:3c:1c:26:71:f2:95:87:49:9e:9e:16:66:27:65:f2:
         37:9c:ad:7a:2f:2a:2b:5c:08:0e:e1:65:94:d4:21:5c:11:d1:
         5a:19:23:a9:eb:02:22:11:c2:47:d7:c9:d9:58:e9:2b:0a:a8:
         91:b6:a2:4d:bb:43:a8:a1:ee:aa:ef:9c:f7:9f:b4:9a:3c:56:
         85:13:84:9a:9f:bd:40:20:e5:b3:0c:c8:4a:ad:27:ad:9a:14:
         76:be:20:09:b8:df:bd:b2:a2:10:c2:97:0d:4b:81:24:61:e6:
         c5:f7:e7:33:4a:a7:53:96:55:fc:ad:4f:52:b2:c7:57:58:25:
         42:53:94:1c:34:77:fe:a9:35:72:d7:99:45:d2:29:b1:4e:fa:
         42:61:bd:5b:34:81:8e:97:ed:92:4f:6c:d9:de:25:cc:50:14:
         c5:94:22:f5:e7:ba:c2:f2:2b:b4:63:7c:70:bf:be:de:52:44:
         da:fa:a1:0d:35:da:61:94:04:72:da:f0:23:cd:c7:f1:91:98:
         a4:dd:e4:a9:92:21:1e:80:18:9c:23:63:a5:94:1c:58:33:bd:
         1c:d8:fd:d5:12:64:56:78:09:0d:96:24:65:5d:c4:27:77:90:
         78:5f:a6:65
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUPUO01gTO36QhxV8dtklU6t8Glv8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzI1MDAxMDIzWhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZTc2MWM5Nzk1MDJjNGMxMmM4ZDA1N2E4YjFhZDVkY2M1
OGEyY2UwZTY1Yzk0YjJmZjU0YjhlMTM2YzcxYWMyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCq4ccnnSWLbTPL/9ZiwltFgFOAKvguVDioM3OOsKKS8DBH
z5HNhRsPGBK5+xCC7JHfFe3W9op1nmx+A65q8Fpba6BO01MZH+IhGewff9pyqT1N
BMM/QFkucDlBRKgF83SU2/R2cF7rfhvYMWDlRR+iKZ+t21sdmiheyL5ynUMmlNdM
SZM3kLPp7BoeAuJgIDmnZTZ5d8Yce3VQRtZSJH5KxPH4U6Up84Q1pg5EReH9OL/L
vUGU/UIM7yXeUsxsPv0fjC4BScyRo8mwMu02IGeTLb/1ZDZd8UgMWgdD61JSQHxN
b9mk9yxv+/M8nLaZai7edBQTMcZPgP3DxtcrrRkFAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU7Ur8tIxmxfjCrmKchN0pahYz7IQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q3ZmUyNDE5LWY1OWEtNGFiMS05Yzk4LTBkNjZhMTcyMTQ5ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB8ygDANBgkqhkiG9w0BAQsFAAOCAQEALBy9gtJQPLiIiQl0g/AsE2DB
2yXWPBwmcfKVh0menhZmJ2XyN5ytei8qK1wIDuFllNQhXBHRWhkjqesCIhHCR9fJ
2VjpKwqokbaiTbtDqKHuqu+c95+0mjxWhROEmp+9QCDlswzISq0nrZoUdr4gCbjf
vbKiEMKXDUuBJGHmxffnM0qnU5ZV/K1PUrLHV1glQlOUHDR3/qk1cteZRdIpsU76
QmG9WzSBjpftkk9s2d4lzFAUxZQi9ee6wvIrtGN8cL++3lJE2vqhDTXaYZQEctrw
I83H8ZGYpN3kqZIhHoAYnCNjpZQcWDO9HNj91RJkVngJDZYkZV3EJ3eQeF+mZQ==
-----END CERTIFICATE-----
Generated at Tue Aug 5 20:06:08 2025 by rpki-client