Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dc0cafac-6ed2-4b4a-beff-4dcb51dc6cbc.roa
File:                     dc0cafac-6ed2-4b4a-beff-4dcb51dc6cbc.roa (raw, json)
Hash identifier:          6gS0PWp7y9ymXiDFNpzN8fzuTD2mRcKIwRI452xXXcc=
Subject key identifier:   0E:B1:95:E6:CB:A8:43:6E:10:4F:54:77:C7:E8:1C:B3:70:81:0E:EC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       51C3FD002ABC28D0AE21554C8D2D66814AC953CC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dc0cafac-6ed2-4b4a-beff-4dcb51dc6cbc.roa
Signing time:             Fri 13 Jun 2025 16:41:28 +0000
ROA not before:           Fri 13 Jun 2025 16:41:28 +0000
ROA not after:            Fri 18 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f15:400::/38 maxlen: 38
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:c3:fd:00:2a:bc:28:d0:ae:21:55:4c:8d:2d:66:81:4a:c9:53:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 13 16:41:28 2025 GMT
            Not After : Jul 18 23:59:59 2025 GMT
        Subject: serialNumber=d82c9eab2a57e9fc322a447bcb604faeb93d89999d25ceee202c93dceded8dae, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:e8:cc:c6:79:f1:72:9e:e2:e8:9b:f6:72:60:
                    d5:ac:1a:c0:a3:f7:f0:1b:18:ef:77:6d:85:84:a7:
                    de:da:10:e3:e1:5e:cc:39:bf:38:b5:be:4f:c5:32:
                    cd:ff:51:a5:9b:6b:95:31:6d:66:e6:9a:68:5a:c7:
                    91:4a:9d:d8:40:f3:9f:6e:49:ae:39:b0:37:b4:1d:
                    84:ec:55:d4:c5:17:b8:ee:8b:ba:e9:5c:8d:fd:f6:
                    c1:84:36:a4:af:3c:d0:c0:d4:e7:60:46:b1:1f:b6:
                    39:f2:df:89:29:ff:f3:35:4a:9b:66:78:c7:62:95:
                    20:98:42:4d:07:6c:f1:b1:28:e0:e7:a9:49:e4:e4:
                    79:8b:cc:5d:98:dd:df:43:66:e6:b2:aa:23:ef:d6:
                    a7:07:c8:e6:00:cd:72:f2:85:f0:85:91:53:ae:0c:
                    a6:a5:ce:94:5c:f1:7c:9b:23:bf:eb:5d:be:a6:33:
                    3b:fa:9e:32:fa:e4:25:1e:d3:8e:9c:12:dc:e8:63:
                    bd:e9:45:37:d3:c2:af:d8:3c:13:4d:40:4a:51:2b:
                    1d:ee:81:e2:67:60:de:b7:08:b5:30:dc:56:e1:0a:
                    4c:71:13:a3:ea:0f:be:da:40:2f:69:0f:22:57:a2:
                    82:b3:d1:db:66:ca:00:ab:ee:9f:9b:be:b2:cd:a5:
                    4d:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:B1:95:E6:CB:A8:43:6E:10:4F:54:77:C7:E8:1C:B3:70:81:0E:EC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dc0cafac-6ed2-4b4a-beff-4dcb51dc6cbc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f15:400::/38

    Signature Algorithm: sha256WithRSAEncryption
         50:9d:2d:ac:a8:d2:70:7d:7b:bd:54:0b:24:c9:7f:71:fd:e5:
         3c:60:e1:7d:57:c7:26:c2:1a:91:ff:2b:59:d1:ac:c0:cc:bd:
         2e:b7:45:3a:75:4d:3b:e0:d0:ef:6f:a4:50:1a:f2:82:1a:d5:
         1d:f9:ea:b6:45:22:85:9e:50:7b:b9:6f:b5:83:38:81:83:91:
         fc:5f:e1:cd:d9:c4:27:ad:e8:24:a0:f3:b3:00:50:4b:9f:1c:
         c5:2a:d8:b3:36:2b:b0:4b:a5:dd:24:6f:f9:ec:b4:c6:86:59:
         49:be:20:bf:e1:8e:8e:ac:f0:84:ce:f2:4b:10:1e:45:e2:2a:
         5f:53:12:5b:03:4b:84:bd:72:f5:2b:67:c9:6c:da:e2:d7:fd:
         02:8c:ef:e3:4a:43:83:8d:7f:b1:a7:0d:65:17:dc:3b:d8:78:
         8c:8b:bc:61:bc:c3:02:9a:84:7d:b3:ea:48:3a:10:f3:cf:dc:
         5f:7a:76:93:3e:55:ff:6b:7b:32:31:c0:c7:b0:c9:13:45:af:
         1a:bd:0c:10:3a:4b:61:cd:1f:fa:54:94:81:8d:fa:4f:ca:98:
         ab:20:45:0c:1b:bc:01:f1:5a:b3:77:96:f2:45:9f:b9:9c:c2:
         fd:e3:43:3f:27:08:73:64:ff:25:33:c1:6a:34:7a:fd:72:b9:
         db:4b:20:da
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUUcP9ACq8KNCuIVVMjS1mgUrJU8wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjEzMTY0MTI4WhcNMjUwNzE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BkODJjOWVhYjJhNTdlOWZjMzIyYTQ0N2JjYjYwNGZhZWI5
M2Q4OTk5OWQyNWNlZWUyMDJjOTNkY2VkZWQ4ZGFlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDl6MzGefFynuLom/ZyYNWsGsCj9/AbGO93bYWEp97aEOPh
Xsw5vzi1vk/FMs3/UaWba5UxbWbmmmhax5FKndhA859uSa45sDe0HYTsVdTFF7ju
i7rpXI399sGENqSvPNDA1OdgRrEftjny34kp//M1SptmeMdilSCYQk0HbPGxKODn
qUnk5HmLzF2Y3d9DZuayqiPv1qcHyOYAzXLyhfCFkVOuDKalzpRc8XybI7/rXb6m
Mzv6njL65CUe046cEtzoY73pRTfTwq/YPBNNQEpRKx3ugeJnYN63CLUw3FbhCkxx
E6PqD77aQC9pDyJXooKz0dtmygCr7p+bvrLNpU2NAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUDrGV5suoQ24QT1R3x+gcs3CBDuwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RjMGNhZmFjLTZlZDItNGI0YS1iZWZmLTRkY2I1MWRjNmNiYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgImAB8VBDANBgkqhkiG9w0BAQsFAAOCAQEAUJ0trKjScH17vVQLJMl/cf3l
PGDhfVfHJsIakf8rWdGswMy9LrdFOnVNO+DQ72+kUBryghrVHfnqtkUihZ5Qe7lv
tYM4gYOR/F/hzdnEJ63oJKDzswBQS58cxSrYszYrsEul3SRv+ey0xoZZSb4gv+GO
jqzwhM7ySxAeReIqX1MSWwNLhL1y9StnyWza4tf9Aozv40pDg41/sacNZRfcO9h4
jIu8YbzDApqEfbPqSDoQ88/cX3p2kz5V/2t7MjHAx7DJE0WvGr0MEDpLYc0f+lSU
gY36T8qYqyBFDBu8AfFas3eW8kWfuZzC/eNDPycIc2T/JTPBajR6/XK520sg2g==
-----END CERTIFICATE-----