Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f5ede365-047d-4c5f-a97d-dee6ba58b110.roa
File:                     f5ede365-047d-4c5f-a97d-dee6ba58b110.roa (raw, json)
Hash identifier:          MONxnQ81oCEohR/FQ9jKR02z2GbglUkkNoErX4/H0oY=
Subject key identifier:   AA:53:0D:F8:1D:DD:82:3B:38:1B:3D:D4:92:94:73:73:E0:AD:09:36
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0712B278A8C11D519F7CC0BDD51C8CA3D68CD156
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f5ede365-047d-4c5f-a97d-dee6ba58b110.roa
Signing time:             Fri 13 Jun 2025 16:51:15 +0000
ROA not before:           Fri 13 Jun 2025 16:51:15 +0000
ROA not after:            Fri 18 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f17:4400::/38 maxlen: 38
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:12:b2:78:a8:c1:1d:51:9f:7c:c0:bd:d5:1c:8c:a3:d6:8c:d1:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 13 16:51:15 2025 GMT
            Not After : Jul 18 23:59:59 2025 GMT
        Subject: serialNumber=22499dc9a77b4c0a25bf01d448836ae8924b3ee7d501868ca594a7d8393886fa, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:ab:7e:33:2b:10:0a:18:ec:4d:1c:16:8b:a0:
                    38:f3:ed:ec:94:23:fd:20:f7:a1:9e:77:25:5b:20:
                    f2:92:45:5d:d0:b1:8e:7a:6a:7f:5a:5c:eb:6c:f0:
                    28:5a:eb:a0:c0:a4:e1:3e:4b:38:4e:d8:ed:74:48:
                    f7:57:36:36:f0:14:bb:4f:81:62:c6:92:ba:00:d8:
                    4a:69:67:da:0d:7e:be:32:24:26:0f:8b:61:99:76:
                    33:d1:d8:71:d3:30:39:d4:b7:f3:1f:bf:94:a7:09:
                    83:42:8a:39:e1:ef:5e:74:32:bb:83:71:8f:2e:ed:
                    b8:dd:f3:4a:ea:37:28:cd:ce:99:cb:d3:c5:57:ee:
                    44:6e:23:cb:ec:10:7d:ee:18:58:32:07:8a:f7:fe:
                    9d:04:51:4a:58:d1:73:21:62:46:64:33:25:f3:95:
                    ce:1d:d6:f8:a1:f8:b5:e2:90:17:97:81:22:0e:8e:
                    47:15:2b:d3:e7:e7:e0:f7:63:fc:a8:dd:dc:d1:3a:
                    1c:9f:4c:55:49:d1:09:cd:7a:e5:2d:3a:65:f1:58:
                    4f:d4:b4:26:57:b3:d0:0d:c5:8b:bc:16:aa:6d:be:
                    bc:7d:22:ea:ed:7d:16:d5:4b:01:8d:d0:a9:9f:c4:
                    8b:ad:27:c6:95:90:f4:23:89:90:d2:f3:c2:04:fd:
                    0d:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:53:0D:F8:1D:DD:82:3B:38:1B:3D:D4:92:94:73:73:E0:AD:09:36
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f5ede365-047d-4c5f-a97d-dee6ba58b110.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f17:4400::/38

    Signature Algorithm: sha256WithRSAEncryption
         66:a0:18:df:dd:ea:b2:8c:dc:b8:bd:8c:de:30:9b:b4:df:6f:
         a4:b3:17:7d:95:fb:52:cd:64:ac:c9:22:12:48:1f:88:89:69:
         c0:93:8d:fd:b3:4d:d1:5f:eb:99:d7:c5:2f:3d:be:1d:85:57:
         f8:5a:68:a9:6b:ab:d8:40:8f:1f:aa:30:a4:79:27:bc:86:1b:
         43:29:a4:25:4d:31:8f:03:40:af:f0:3a:17:d1:4d:b4:28:8a:
         d7:0e:3c:ab:fa:41:f6:30:7f:c2:48:b6:2a:f0:f3:02:bf:b0:
         b2:cb:b9:71:cd:a4:bf:95:f5:cf:09:08:b3:c3:86:33:6c:bc:
         76:94:55:57:a1:82:66:99:4f:af:a6:3a:63:e1:a9:a9:ca:ee:
         03:70:f9:1e:ec:78:0c:0d:b7:ce:31:21:b6:c5:78:d7:35:5f:
         74:09:6d:64:93:bf:cd:e6:68:b5:12:37:d6:d6:81:11:5a:a8:
         dd:94:5c:c2:47:02:5d:56:c7:70:cc:b6:52:1a:ad:c9:87:ba:
         4e:51:77:8b:7a:a6:ba:ec:7a:3e:aa:2c:5b:b1:dd:01:c1:bb:
         5e:3e:ab:d4:ae:ba:3d:43:09:4e:b5:f4:f2:35:34:f9:d7:55:
         d0:31:08:c7:2e:f3:b9:47:06:17:ea:82:20:f7:78:ad:f7:a6:
         3a:44:1a:2d
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUBxKyeKjBHVGffMC91RyMo9aM0VYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjEzMTY1MTE1WhcNMjUwNzE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AyMjQ5OWRjOWE3N2I0YzBhMjViZjAxZDQ0ODgzNmFlODky
NGIzZWU3ZDUwMTg2OGNhNTk0YTdkODM5Mzg4NmZhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWq34zKxAKGOxNHBaLoDjz7eyUI/0g96GedyVbIPKSRV3Q
sY56an9aXOts8Cha66DApOE+SzhO2O10SPdXNjbwFLtPgWLGkroA2EppZ9oNfr4y
JCYPi2GZdjPR2HHTMDnUt/Mfv5SnCYNCijnh7150MruDcY8u7bjd80rqNyjNzpnL
08VX7kRuI8vsEH3uGFgyB4r3/p0EUUpY0XMhYkZkMyXzlc4d1vih+LXikBeXgSIO
jkcVK9Pn5+D3Y/yo3dzROhyfTFVJ0QnNeuUtOmXxWE/UtCZXs9ANxYu8Fqptvrx9
IurtfRbVSwGN0KmfxIutJ8aVkPQjiZDS88IE/Q11AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUqlMN+B3dgjs4Gz3UkpRzc+CtCTYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y1ZWRlMzY1LTA0N2QtNGM1Zi1hOTdkLWRlZTZiYTU4YjExMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgImAB8XRDANBgkqhkiG9w0BAQsFAAOCAQEAZqAY393qsozcuL2M3jCbtN9v
pLMXfZX7Us1krMkiEkgfiIlpwJON/bNN0V/rmdfFLz2+HYVX+FpoqWur2ECPH6ow
pHknvIYbQymkJU0xjwNAr/A6F9FNtCiK1w48q/pB9jB/wki2KvDzAr+wssu5cc2k
v5X1zwkIs8OGM2y8dpRVV6GCZplPr6Y6Y+GpqcruA3D5Hux4DA23zjEhtsV41zVf
dAltZJO/zeZotRI31taBEVqo3ZRcwkcCXVbHcMy2UhqtyYe6TlF3i3qmuux6Pqos
W7HdAcG7Xj6r1K66PUMJTrX08jU0+ddV0DEIxy7zuUcGF+qCIPd4rfemOkQaLQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:37:24 2025 by rpki-client