Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f68dd099-aa8e-4399-88fc-6d8848cf3dcb.roa
File:                     f68dd099-aa8e-4399-88fc-6d8848cf3dcb.roa (raw, json)
Hash identifier:          3+vF8A3WqI9GPWZZ21XT/L7JD/rQ886oZmiylAXJdhY=
Subject key identifier:   DA:56:D0:E2:9F:81:C0:2A:8B:6F:91:B6:46:E1:48:07:72:05:56:04
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       25BB66B32A6503C0B0A697B6AD87E05A8AC51BF9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f68dd099-aa8e-4399-88fc-6d8848cf3dcb.roa
Signing time:             Tue 22 Apr 2025 16:51:45 +0000
ROA not before:           Tue 22 Apr 2025 16:51:45 +0000
ROA not after:            Tue 27 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f16:c00::/38 maxlen: 38
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:bb:66:b3:2a:65:03:c0:b0:a6:97:b6:ad:87:e0:5a:8a:c5:1b:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 22 16:51:45 2025 GMT
            Not After : May 27 23:59:59 2025 GMT
        Subject: serialNumber=006d51b69459f755aef45634449a5647e11abf93583045e48a584e79d01adfbc, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:85:22:46:85:15:b5:40:36:19:63:86:f0:85:
                    c4:e0:36:8d:eb:63:30:9a:f6:4c:e6:43:50:d5:d7:
                    6c:2e:1e:69:b2:a5:a6:da:69:8b:44:5a:00:09:18:
                    bf:6d:c9:a4:1b:24:ef:25:a7:28:c9:08:f9:3f:b2:
                    e4:bb:3b:60:aa:c0:18:f4:bd:db:be:2c:79:b6:58:
                    e5:17:93:c8:3f:7e:5b:40:32:bb:e9:27:f0:4f:3e:
                    0a:8e:47:1c:8f:d1:3c:ff:f4:9a:eb:a0:e4:d8:de:
                    f1:8e:1a:ad:63:92:60:cd:b8:b7:1b:1f:e6:ab:a3:
                    30:c5:dd:bb:9e:28:ea:d6:34:07:66:f0:8d:a5:8f:
                    22:62:bd:a1:7a:f8:80:fa:0a:39:aa:fd:b8:2c:b8:
                    8c:ed:bb:78:46:f6:fa:05:60:bd:04:66:2a:6e:7d:
                    68:f2:74:07:8f:e5:3b:d0:f1:b1:01:f2:32:e0:24:
                    92:1e:30:85:68:1d:fd:8b:d3:6f:08:53:07:f6:d7:
                    3a:4c:95:cc:3c:90:af:f9:0a:d7:8f:5d:05:35:d0:
                    63:d0:ab:08:25:eb:91:03:cd:39:9b:66:d8:f3:e7:
                    35:2a:9b:f4:22:06:bf:77:9a:6f:2d:e7:8d:46:66:
                    e9:55:e5:c0:bc:e0:3e:ae:07:aa:0d:de:15:4b:29:
                    6c:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:56:D0:E2:9F:81:C0:2A:8B:6F:91:B6:46:E1:48:07:72:05:56:04
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f68dd099-aa8e-4399-88fc-6d8848cf3dcb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f16:c00::/38

    Signature Algorithm: sha256WithRSAEncryption
         7f:80:95:d2:54:35:54:d9:95:21:ee:57:4b:a2:43:16:4e:b3:
         31:c0:f8:b5:94:3b:6b:15:fc:19:5d:7b:f0:93:8c:e5:ff:15:
         2f:6b:8c:6c:02:02:22:aa:fb:24:07:c7:c4:05:ab:2b:0c:83:
         58:e6:7d:3c:a9:11:d5:32:15:3c:47:c7:45:75:e8:c1:5a:54:
         32:d6:3e:e6:e2:e0:80:ee:ea:23:01:ba:42:eb:55:e5:f6:d8:
         32:3d:dc:b4:5c:d7:5c:e4:c4:70:41:aa:84:26:55:09:3c:e5:
         94:ba:e8:2e:39:ba:ac:9c:d7:57:a7:36:77:66:0b:67:96:54:
         e8:36:4b:9e:33:45:fb:5f:8c:34:ec:88:2c:4c:e2:bf:96:4e:
         64:30:1a:35:2f:a2:33:22:41:16:17:fb:39:ad:e7:16:36:73:
         1c:a0:c0:78:1f:8c:8c:72:47:0e:61:95:91:1c:9b:33:ec:79:
         6d:03:1c:83:45:ed:a9:61:b0:7c:fa:37:5f:2b:f4:87:b8:52:
         ae:8b:a3:3d:49:35:ff:5c:e2:23:f0:27:69:80:83:fb:bc:5c:
         ae:1c:ca:a1:0d:e8:1c:b3:0d:1f:e6:2c:cb:3c:fe:94:96:21:
         5b:a3:15:d7:f5:17:a8:60:41:df:63:d2:a0:4d:f0:c3:c0:8d:
         b5:90:87:d1
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUJbtmsyplA8Cwppe2rYfgWorFG/kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDIyMTY1MTQ1WhcNMjUwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMDZkNTFiNjk0NTlmNzU1YWVmNDU2MzQ0NDlhNTY0N2Ux
MWFiZjkzNTgzMDQ1ZTQ4YTU4NGU3OWQwMWFkZmJjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCVhSJGhRW1QDYZY4bwhcTgNo3rYzCa9kzmQ1DV12wuHmmy
pabaaYtEWgAJGL9tyaQbJO8lpyjJCPk/suS7O2CqwBj0vdu+LHm2WOUXk8g/fltA
MrvpJ/BPPgqORxyP0Tz/9JrroOTY3vGOGq1jkmDNuLcbH+arozDF3bueKOrWNAdm
8I2ljyJivaF6+ID6Cjmq/bgsuIztu3hG9voFYL0EZipufWjydAeP5TvQ8bEB8jLg
JJIeMIVoHf2L028IUwf21zpMlcw8kK/5CtePXQU10GPQqwgl65EDzTmbZtjz5zUq
m/QiBr93mm8t541GZulV5cC84D6uB6oN3hVLKWyVAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU2lbQ4p+BwCqLb5G2RuFIB3IFVgQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y2OGRkMDk5LWFhOGUtNDM5OS04OGZjLTZkODg0OGNmM2RjYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgImAB8WDDANBgkqhkiG9w0BAQsFAAOCAQEAf4CV0lQ1VNmVIe5XS6JDFk6z
McD4tZQ7axX8GV178JOM5f8VL2uMbAICIqr7JAfHxAWrKwyDWOZ9PKkR1TIVPEfH
RXXowVpUMtY+5uLggO7qIwG6QutV5fbYMj3ctFzXXOTEcEGqhCZVCTzllLroLjm6
rJzXV6c2d2YLZ5ZU6DZLnjNF+1+MNOyILEziv5ZOZDAaNS+iMyJBFhf7Oa3nFjZz
HKDAeB+MjHJHDmGVkRybM+x5bQMcg0XtqWGwfPo3Xyv0h7hSroujPUk1/1ziI/An
aYCD+7xcrhzKoQ3oHLMNH+Ysyzz+lJYhW6MV1/UXqGBB32PSoE3ww8CNtZCH0Q==
-----END CERTIFICATE-----