Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fad6e987-5e31-4212-8de7-9e29b43e7687.roa
File:                     fad6e987-5e31-4212-8de7-9e29b43e7687.roa (raw, json)
Hash identifier:          ERBVNRbvj6Nl3jH9RO3LPv+0xHJibUE7J6wyRV9AHhA=
Subject key identifier:   BD:BB:C6:C1:CF:5D:89:35:66:8C:6D:65:E7:C3:60:BD:80:4D:53:DA
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3ECC4D3B756E2EFD5ADC533EA4CB4764FE2437F9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fad6e987-5e31-4212-8de7-9e29b43e7687.roa
Signing time:             Mon 04 Aug 2025 16:31:58 +0000
ROA not before:           Mon 04 Aug 2025 16:31:58 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f1e:400::/38 maxlen: 38
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 08 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:cc:4d:3b:75:6e:2e:fd:5a:dc:53:3e:a4:cb:47:64:fe:24:37:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  4 16:31:58 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=21d208f238afde28c83a8cf339789a3bb1cd57c7478c3809e81c40bfc95918e2, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:5b:88:0f:f1:2a:fb:4f:3b:d5:54:90:00:e6:
                    0a:1a:8f:ca:70:3a:0f:30:70:f2:70:dd:c5:88:f2:
                    8b:22:27:9b:65:6a:5b:6c:19:9c:de:ea:85:91:f8:
                    dc:01:08:5d:8e:ab:48:0a:ba:88:66:f0:dd:61:3d:
                    4b:4b:b1:96:20:ed:49:e4:4e:4d:4a:35:b9:68:fc:
                    f8:d2:63:a9:37:1c:8e:23:86:80:e9:93:34:5a:3e:
                    d6:9f:20:89:62:df:2c:82:7c:cd:ca:b2:b5:53:2a:
                    c3:b9:04:5f:33:9e:01:01:89:0f:14:3e:54:82:12:
                    be:3f:38:cb:66:55:ac:d7:f9:27:b7:a7:5f:51:14:
                    48:58:4a:9b:0b:19:85:fe:e5:b4:95:91:e3:c6:33:
                    bc:d5:f3:7b:1d:64:4a:a6:ab:ad:ed:71:2f:78:fe:
                    b2:23:5a:b7:f5:16:b2:68:35:03:60:57:e3:ee:08:
                    56:20:3b:48:85:a6:7c:b1:d1:b9:cb:37:37:76:dc:
                    4b:d2:7a:c5:79:25:fa:08:fc:5f:d4:bc:f3:af:b5:
                    c0:f2:4f:a9:2f:48:45:4a:a6:6f:ea:62:ac:07:9e:
                    df:fb:3e:7c:33:98:00:0a:d4:71:d3:08:63:9a:91:
                    96:30:63:a9:dc:f8:52:20:4a:35:3c:a2:57:b7:1a:
                    b0:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:BB:C6:C1:CF:5D:89:35:66:8C:6D:65:E7:C3:60:BD:80:4D:53:DA
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fad6e987-5e31-4212-8de7-9e29b43e7687.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f1e:400::/38

    Signature Algorithm: sha256WithRSAEncryption
         8e:dd:d2:88:f8:83:3d:ae:33:17:2d:98:5d:4f:a7:b6:00:20:
         1e:02:a5:5c:ab:e2:26:14:8b:12:43:ed:9e:19:b8:14:2c:9f:
         8f:42:92:7c:fc:d4:b0:1e:02:01:ed:f1:ea:1c:db:a3:fd:35:
         37:9a:10:d6:88:c3:b3:ff:8b:09:b0:77:ee:05:e8:fd:40:c8:
         9d:56:1a:a5:8b:22:11:f8:ec:c0:a3:83:13:85:53:6a:3c:4b:
         dd:da:7a:f5:2f:15:f5:9e:cc:6d:84:99:44:71:f3:11:f8:9e:
         49:bb:a5:a3:aa:c9:e7:cc:0e:6f:a4:4f:be:af:5a:9e:e6:c6:
         16:12:d7:6f:06:ab:a2:01:ba:7c:08:73:b0:c4:10:b5:5a:d5:
         f6:f4:55:09:b1:ce:ea:b3:e7:a3:25:68:9c:36:fe:78:79:c1:
         2d:67:4a:ea:83:5f:ce:4d:b3:1f:3f:6b:3f:88:64:9b:7b:ae:
         3d:d0:05:8f:2e:3d:36:29:ac:1d:93:dd:06:66:42:0d:75:f4:
         72:34:3b:0d:f9:25:3b:07:d3:a4:21:3a:40:40:30:ff:75:59:
         c0:9f:38:40:64:1c:21:bf:28:af:19:5f:79:90:9f:c0:81:cb:
         4d:70:98:b8:0d:1d:8b:34:ff:48:65:9e:1e:05:d2:ce:99:4b:
         d7:94:b8:07
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUPsxNO3VuLv1a3FM+pMtHZP4kN/kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA0MTYzMTU4WhcNMjUwOTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0AyMWQyMDhmMjM4YWZkZTI4YzgzYThjZjMzOTc4OWEzYmIx
Y2Q1N2M3NDc4YzM4MDllODFjNDBiZmM5NTkxOGUyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAW4gP8Sr7TzvVVJAA5goaj8pwOg8wcPJw3cWI8osiJ5tl
altsGZze6oWR+NwBCF2Oq0gKuohm8N1hPUtLsZYg7UnkTk1KNblo/PjSY6k3HI4j
hoDpkzRaPtafIIli3yyCfM3KsrVTKsO5BF8zngEBiQ8UPlSCEr4/OMtmVazX+Se3
p19RFEhYSpsLGYX+5bSVkePGM7zV83sdZEqmq63tcS94/rIjWrf1FrJoNQNgV+Pu
CFYgO0iFpnyx0bnLNzd23EvSesV5JfoI/F/UvPOvtcDyT6kvSEVKpm/qYqwHnt/7
PnwzmAAK1HHTCGOakZYwY6nc+FIgSjU8ole3GrDrAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUvbvGwc9diTVmjG1l58NgvYBNU9owHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZhZDZlOTg3LTVlMzEtNDIxMi04ZGU3LTllMjliNDNlNzY4Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgImAB8eBDANBgkqhkiG9w0BAQsFAAOCAQEAjt3SiPiDPa4zFy2YXU+ntgAg
HgKlXKviJhSLEkPtnhm4FCyfj0KSfPzUsB4CAe3x6hzbo/01N5oQ1ojDs/+LCbB3
7gXo/UDInVYapYsiEfjswKODE4VTajxL3dp69S8V9Z7MbYSZRHHzEfieSbulo6rJ
58wOb6RPvq9anubGFhLXbwarogG6fAhzsMQQtVrV9vRVCbHO6rPnoyVonDb+eHnB
LWdK6oNfzk2zHz9rP4hkm3uuPdAFjy49NimsHZPdBmZCDXX0cjQ7DfklOwfTpCE6
QEAw/3VZwJ84QGQcIb8orxlfeZCfwIHLTXCYuA0dizT/SGWeHgXSzplL15S4Bw==
-----END CERTIFICATE-----
Generated at Thu Aug 7 04:28:34 2025 by rpki-client