Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5f18579-4226-47e9-b74a-e5c188798d56.roa
File:                     e5f18579-4226-47e9-b74a-e5c188798d56.roa (raw, json)
Hash identifier:          1ZGIpzPYfuQ2v3umBLNpVr4S+jWGEWE3T3NGKOw2t1s=
Subject key identifier:   2D:FC:4F:69:49:87:42:B6:15:CA:33:DB:D4:4C:A1:B2:4D:A9:37:1D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2F16D8D31A63C32B63472B1CE46FD93D79CA111A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5f18579-4226-47e9-b74a-e5c188798d56.roa
Signing time:             Mon 04 Aug 2025 15:32:16 +0000
ROA not before:           Mon 04 Aug 2025 15:32:16 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fff:4000::/39 maxlen: 39
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 11 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:16:d8:d3:1a:63:c3:2b:63:47:2b:1c:e4:6f:d9:3d:79:ca:11:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  4 15:32:16 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=e29f5038a894862ef2fb4460ea0da4150e76210b8a69c7df0e24e6c663a37503, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:01:96:cb:1f:7c:42:bc:b4:f0:58:56:56:76:
                    f6:7e:c9:45:11:a0:ae:f3:70:b5:d8:bc:6a:36:b7:
                    00:3e:bb:d5:af:18:94:ac:91:42:1a:70:89:11:1d:
                    b2:c8:c4:5d:f1:30:de:c3:22:82:9b:ec:d8:8b:1e:
                    0b:84:37:dc:2e:1d:b9:86:a3:a0:76:c2:2e:06:26:
                    5a:68:c1:3e:f6:fe:cb:44:9d:68:76:f0:c9:ec:6e:
                    25:7b:eb:b2:53:16:70:7f:58:64:e5:b4:5d:4f:d5:
                    0c:de:d5:79:dc:2a:1f:45:8a:d4:b0:a4:eb:20:14:
                    46:19:e9:be:3a:7a:e5:49:a0:41:77:2f:24:b3:2b:
                    a7:08:65:eb:e2:91:5b:05:1b:53:cf:7d:30:9c:2d:
                    ce:89:11:8d:83:33:0e:d6:b6:55:65:bc:64:e9:0d:
                    51:af:a9:d7:56:70:b9:dd:71:b2:d3:58:00:00:56:
                    e0:45:c3:80:f3:dd:74:13:f9:ee:37:ac:21:b5:b2:
                    15:82:a5:1d:1e:10:00:1e:04:e0:50:c8:96:f0:11:
                    e6:81:a7:e3:fb:3f:d1:1c:fa:35:27:ae:7a:8e:a0:
                    b1:4f:04:12:83:ab:ac:af:d0:65:5d:74:97:c6:77:
                    8b:19:fa:cf:94:f3:2b:d8:54:2b:9e:b4:0a:72:42:
                    5b:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:FC:4F:69:49:87:42:B6:15:CA:33:DB:D4:4C:A1:B2:4D:A9:37:1D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5f18579-4226-47e9-b74a-e5c188798d56.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fff:4000::/39

    Signature Algorithm: sha256WithRSAEncryption
         6c:15:1f:0d:6b:25:f8:a5:96:6c:6a:78:71:be:17:e3:fe:93:
         77:ae:e4:46:47:6f:c0:74:e4:c6:52:7c:57:6b:67:dd:d2:9d:
         5f:5b:0b:a9:99:4d:7a:e3:fd:70:75:ae:b4:24:2c:b6:1f:31:
         31:8c:b7:53:06:3d:3f:99:9d:0e:58:97:bc:1b:04:c9:4b:30:
         f8:ea:9a:cf:77:c2:77:cd:73:99:8a:1b:7c:5c:95:51:58:b3:
         9c:c9:90:f3:a0:31:8f:fc:a9:91:1b:fe:14:2a:7e:52:26:10:
         29:8f:ca:6e:99:58:77:26:70:ca:ff:98:c3:63:45:f9:c0:bf:
         61:2c:45:07:a1:03:0a:5d:5e:55:32:f5:cb:9d:7c:3d:6e:b5:
         fb:6d:d8:7c:cc:0e:0c:8d:3e:f0:6e:08:a9:c5:bb:73:00:c1:
         9d:e9:a1:58:c0:f5:c7:e5:9b:8e:fd:b2:db:4d:71:9d:f0:d5:
         c1:70:a8:dd:19:b5:58:d1:5c:03:61:37:db:ed:8f:a3:36:5e:
         95:86:37:46:f1:11:87:40:0f:0b:ea:01:a2:d3:97:45:0c:44:
         f9:d3:e5:5b:c0:cd:d4:ed:b3:cb:6f:60:ce:29:2a:1a:8e:43:
         49:43:d0:98:81:11:80:3a:9b:5b:a3:ef:ea:11:96:98:47:c5:
         74:09:ab:71
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIULxbY0xpjwytjRysc5G/ZPXnKERowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA0MTUzMjE2WhcNMjUwOTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BlMjlmNTAzOGE4OTQ4NjJlZjJmYjQ0NjBlYTBkYTQxNTBl
NzYyMTBiOGE2OWM3ZGYwZTI0ZTZjNjYzYTM3NTAzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqAZbLH3xCvLTwWFZWdvZ+yUURoK7zcLXYvGo2twA+u9Wv
GJSskUIacIkRHbLIxF3xMN7DIoKb7NiLHguEN9wuHbmGo6B2wi4GJlpowT72/stE
nWh28MnsbiV767JTFnB/WGTltF1P1Qze1XncKh9FitSwpOsgFEYZ6b46euVJoEF3
LySzK6cIZevikVsFG1PPfTCcLc6JEY2DMw7WtlVlvGTpDVGvqddWcLndcbLTWAAA
VuBFw4Dz3XQT+e43rCG1shWCpR0eEAAeBOBQyJbwEeaBp+P7P9Ec+jUnrnqOoLFP
BBKDq6yv0GVddJfGd4sZ+s+U8yvYVCuetApyQlu3AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQULfxPaUmHQrYVyjPb1Eyhsk2pNx0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U1ZjE4NTc5LTQyMjYtNDdlOS1iNzRhLWU1YzE4ODc5OGQ1Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB//QDANBgkqhkiG9w0BAQsFAAOCAQEAbBUfDWsl+KWWbGp4cb4X4/6T
d67kRkdvwHTkxlJ8V2tn3dKdX1sLqZlNeuP9cHWutCQsth8xMYy3UwY9P5mdDliX
vBsEyUsw+Oqaz3fCd81zmYobfFyVUViznMmQ86Axj/ypkRv+FCp+UiYQKY/KbplY
dyZwyv+Yw2NF+cC/YSxFB6EDCl1eVTL1y518PW61+23YfMwODI0+8G4IqcW7cwDB
nemhWMD1x+Wbjv2y201xnfDVwXCo3Rm1WNFcA2E32+2PozZelYY3RvERh0APC+oB
otOXRQxE+dPlW8DN1O2zy29gzikqGo5DSUPQmIERgDqbW6Pv6hGWmEfFdAmrcQ==
-----END CERTIFICATE-----