Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dc0cafac-6ed2-4b4a-beff-4dcb51dc6cbc.roa
File:                     dc0cafac-6ed2-4b4a-beff-4dcb51dc6cbc.roa (raw, json)
Hash identifier:          qbMdwra4L/T3OBN8lJ/+RN92Du89tLI/ucl5TUYdCFQ=
Subject key identifier:   39:3F:F0:73:B0:8C:D3:81:27:77:51:3F:7B:6F:15:9C:D6:97:2B:FE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       02E1056EA627D504DE1478C94A5ED1A44738CBFE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dc0cafac-6ed2-4b4a-beff-4dcb51dc6cbc.roa
Signing time:             Mon 04 Aug 2025 16:21:22 +0000
ROA not before:           Mon 04 Aug 2025 16:21:22 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f15:400::/38 maxlen: 38
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:e1:05:6e:a6:27:d5:04:de:14:78:c9:4a:5e:d1:a4:47:38:cb:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  4 16:21:22 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=425fee90b24a922e15007e38eb1fd66b304eea1a70aa2d2422b24de2b7ff2a71, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:35:3f:7e:21:93:ee:13:b5:78:4e:c3:6c:2b:
                    22:01:31:9e:de:1e:a2:21:4c:ea:d6:ab:93:49:cc:
                    99:30:c8:65:aa:7b:47:da:38:a9:ab:35:07:1a:21:
                    97:a9:06:7a:fb:28:02:05:6d:7a:75:0b:89:d3:7f:
                    ba:12:6f:6e:a1:82:a4:23:30:dd:63:31:b0:d0:1e:
                    f0:e0:44:3c:84:f7:a4:90:4c:c7:02:30:d6:85:2a:
                    b3:9c:16:6e:95:50:31:4e:18:e6:eb:97:53:8b:ff:
                    27:de:c0:7b:62:c5:7b:fe:bd:20:c2:14:da:f5:e0:
                    e8:fa:be:61:9c:14:88:3d:9b:b9:66:3f:f0:26:31:
                    0f:6d:e6:c9:c4:a2:bb:fa:f0:92:09:02:60:5d:3e:
                    ea:56:07:a5:6e:39:31:fb:57:41:84:28:73:68:f8:
                    0f:0b:82:5d:a6:75:4d:1f:11:2d:7f:34:fb:76:55:
                    9d:6c:d0:c5:ce:35:0b:c3:9d:fa:99:68:b3:c5:ad:
                    df:7b:2d:b6:13:97:70:63:99:a4:5c:e7:e9:9b:b8:
                    12:d8:ed:da:c5:1f:47:16:ef:d9:79:1a:c8:7c:bd:
                    aa:71:b8:3e:7c:4d:a6:71:05:49:ae:8c:14:04:86:
                    3b:5f:6f:53:0b:40:f5:5c:da:15:28:f8:89:d8:11:
                    90:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:3F:F0:73:B0:8C:D3:81:27:77:51:3F:7B:6F:15:9C:D6:97:2B:FE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dc0cafac-6ed2-4b4a-beff-4dcb51dc6cbc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f15:400::/38

    Signature Algorithm: sha256WithRSAEncryption
         3a:a5:16:15:43:31:c0:9a:37:22:56:f6:08:dd:52:58:70:34:
         9a:b3:25:f0:a3:7b:bd:4d:e2:59:55:09:b0:75:9e:67:ee:15:
         58:f4:9c:b4:0d:ab:b8:a2:ab:e0:09:4d:37:4a:ea:62:71:06:
         dd:cf:00:4d:0a:be:18:0e:26:59:59:60:f4:58:fe:80:95:1c:
         30:00:43:ef:7d:c0:e5:cb:15:ae:36:8e:cc:e5:07:68:3e:4d:
         46:bc:d4:9d:d5:02:ba:06:59:f5:5d:85:92:40:78:a6:88:ef:
         d2:5f:de:14:19:f7:5e:6f:da:f4:be:73:54:ca:d4:9f:9a:55:
         b2:e8:d7:ba:ba:cd:29:a5:df:5b:8f:b0:e5:1a:91:50:84:71:
         76:d3:b7:c0:4e:59:96:e4:21:80:d2:c0:ed:7b:d9:e5:4a:6e:
         8d:7e:1d:e4:61:aa:c4:6f:03:03:e1:11:da:93:db:7f:a9:ae:
         0c:f2:ae:bd:6b:fb:5f:ef:87:a9:6f:7b:25:d3:8b:8f:29:8f:
         70:6d:da:da:e4:6e:fd:ff:75:c2:b6:c5:4d:69:df:d9:60:9e:
         c1:40:a5:fa:c2:e6:4e:a4:63:07:97:4e:d8:14:2a:1f:ff:7d:
         57:4a:09:3c:bd:20:79:ac:ab:50:40:28:28:3e:fc:1d:34:90:
         38:77:66:d0
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUAuEFbqYn1QTeFHjJSl7RpEc4y/4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA0MTYyMTIyWhcNMjUwOTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MjVmZWU5MGIyNGE5MjJlMTUwMDdlMzhlYjFmZDY2YjMw
NGVlYTFhNzBhYTJkMjQyMmIyNGRlMmI3ZmYyYTcxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCeNT9+IZPuE7V4TsNsKyIBMZ7eHqIhTOrWq5NJzJkwyGWq
e0faOKmrNQcaIZepBnr7KAIFbXp1C4nTf7oSb26hgqQjMN1jMbDQHvDgRDyE96SQ
TMcCMNaFKrOcFm6VUDFOGObrl1OL/yfewHtixXv+vSDCFNr14Oj6vmGcFIg9m7lm
P/AmMQ9t5snEorv68JIJAmBdPupWB6VuOTH7V0GEKHNo+A8Lgl2mdU0fES1/NPt2
VZ1s0MXONQvDnfqZaLPFrd97LbYTl3BjmaRc5+mbuBLY7drFH0cW79l5Gsh8vapx
uD58TaZxBUmujBQEhjtfb1MLQPVc2hUo+InYEZCzAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUOT/wc7CM04End1E/e28VnNaXK/4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RjMGNhZmFjLTZlZDItNGI0YS1iZWZmLTRkY2I1MWRjNmNiYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgImAB8VBDANBgkqhkiG9w0BAQsFAAOCAQEAOqUWFUMxwJo3Ilb2CN1SWHA0
mrMl8KN7vU3iWVUJsHWeZ+4VWPSctA2ruKKr4AlNN0rqYnEG3c8ATQq+GA4mWVlg
9Fj+gJUcMABD733A5csVrjaOzOUHaD5NRrzUndUCugZZ9V2FkkB4pojv0l/eFBn3
Xm/a9L5zVMrUn5pVsujXurrNKaXfW4+w5RqRUIRxdtO3wE5ZluQhgNLA7XvZ5Upu
jX4d5GGqxG8DA+ER2pPbf6muDPKuvWv7X++HqW97JdOLjymPcG3a2uRu/f91wrbF
TWnf2WCewUCl+sLmTqRjB5dO2BQqH/99V0oJPL0geayrUEAoKD78HTSQOHdm0A==
-----END CERTIFICATE-----
Generated at Tue Aug 5 08:16:22 2025 by rpki-client