Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fae3eabc-4cd1-446b-b61d-51ce31c26fb8.roa
File:                     fae3eabc-4cd1-446b-b61d-51ce31c26fb8.roa (raw, json)
Hash identifier:          AJEO2WRyP6e1VrvwF9q92nrX9Zd4u9Jjk9a906k4/uA=
Subject key identifier:   2F:50:9B:60:5F:FC:00:DD:5C:10:EF:93:74:AD:BF:DB:D3:49:54:61
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       60AFDED481BB72F793C6E64318FEE17C1D48F458
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fae3eabc-4cd1-446b-b61d-51ce31c26fb8.roa
Signing time:             Tue 05 Aug 2025 00:22:21 +0000
ROA not before:           Tue 05 Aug 2025 00:22:21 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ffa:c000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 08 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:af:de:d4:81:bb:72:f7:93:c6:e6:43:18:fe:e1:7c:1d:48:f4:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  5 00:22:21 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=6faa764c32e4e7e242f48e5d627d66cc128b29ec684b94ca84b93d3696a1dc7b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:09:81:eb:d1:25:7c:f2:74:a3:fd:e6:7b:59:
                    27:67:9a:a2:74:25:97:fc:b4:35:69:7d:62:90:1a:
                    9b:da:d2:89:86:c8:d0:3a:16:50:4a:32:b8:3d:b1:
                    56:dc:17:00:be:bc:c1:37:52:ee:ab:8c:5e:b1:6c:
                    13:dc:ac:a4:8e:42:40:b7:2d:fc:09:00:a9:86:74:
                    ac:d7:cc:b1:20:8e:51:97:0d:80:43:f5:7c:a6:d9:
                    61:d7:2c:81:44:69:15:b6:74:4a:36:91:cd:40:97:
                    7a:4f:70:68:66:b5:66:09:ea:bf:ec:2f:13:5b:24:
                    30:48:44:d1:5b:c5:79:84:85:bb:38:14:0f:a3:ee:
                    68:a1:d3:e9:49:7a:af:93:b9:b6:89:28:35:10:4c:
                    84:09:5e:8f:de:d6:86:58:05:be:74:48:ec:53:8f:
                    8b:36:e4:bd:61:6a:d8:1f:bb:4e:ab:ac:76:a0:74:
                    51:de:94:0f:35:99:b0:95:67:eb:62:db:c8:93:2e:
                    9a:75:3c:65:5b:7e:f6:ba:67:6b:63:37:51:9f:1c:
                    f4:77:ef:2e:c9:ca:5c:ae:03:10:35:e2:c5:27:22:
                    24:bf:c8:23:5e:83:cd:36:3c:aa:27:3e:fa:8b:a1:
                    8c:82:6b:b2:b7:0d:61:44:4d:19:20:e7:61:75:19:
                    64:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:50:9B:60:5F:FC:00:DD:5C:10:EF:93:74:AD:BF:DB:D3:49:54:61
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fae3eabc-4cd1-446b-b61d-51ce31c26fb8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffa:c000::/40

    Signature Algorithm: sha256WithRSAEncryption
         1e:d6:c4:89:c7:2e:df:22:42:ca:10:0a:73:c2:c8:87:17:ab:
         da:e5:33:28:14:fd:e7:00:e4:2d:c1:c6:9e:70:d8:2d:46:ab:
         4e:a8:d9:64:bc:56:19:f0:fa:18:8d:31:d1:37:ca:47:bb:89:
         67:a1:0f:07:fb:92:bf:0f:27:ef:26:19:63:98:94:89:00:35:
         da:60:9e:5f:13:b6:15:42:60:82:64:72:f5:42:19:37:e6:64:
         80:b2:f3:f6:e7:17:aa:6f:4c:5d:fa:30:44:30:81:fd:c8:eb:
         8f:05:a5:e5:13:d0:fc:a2:87:e5:f9:dd:f3:6b:69:54:01:8b:
         06:25:ce:2a:32:2b:9d:7d:d5:80:fe:db:c3:b8:ad:e6:43:6f:
         2d:92:bc:9a:0a:9a:52:fa:1c:18:d4:d7:29:a9:56:c0:e9:c5:
         64:51:68:f2:bc:be:b6:d1:52:bb:fb:e9:38:ab:32:ef:92:86:
         92:4d:2a:bf:85:bd:16:e4:2d:5d:89:2b:b1:ba:7a:ee:fd:7d:
         a6:fa:69:b1:05:5f:ad:22:b8:3a:34:8a:8e:91:86:80:04:dd:
         80:4e:bf:74:e8:ac:3c:8e:df:82:01:b4:34:f6:0e:ed:68:99:
         1c:75:4b:cf:24:6b:2a:e3:a6:b7:fc:3c:49:51:35:95:85:f7:
         1d:ed:a7:62
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUYK/e1IG7cveTxuZDGP7hfB1I9FgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA1MDAyMjIxWhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A2ZmFhNzY0YzMyZTRlN2UyNDJmNDhlNWQ2MjdkNjZjYzEy
OGIyOWVjNjg0Yjk0Y2E4NGI5M2QzNjk2YTFkYzdiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+CYHr0SV88nSj/eZ7WSdnmqJ0JZf8tDVpfWKQGpva0omG
yNA6FlBKMrg9sVbcFwC+vME3Uu6rjF6xbBPcrKSOQkC3LfwJAKmGdKzXzLEgjlGX
DYBD9Xym2WHXLIFEaRW2dEo2kc1Al3pPcGhmtWYJ6r/sLxNbJDBIRNFbxXmEhbs4
FA+j7mih0+lJeq+TubaJKDUQTIQJXo/e1oZYBb50SOxTj4s25L1hatgfu06rrHag
dFHelA81mbCVZ+ti28iTLpp1PGVbfva6Z2tjN1GfHPR37y7JylyuAxA14sUnIiS/
yCNeg802PKonPvqLoYyCa7K3DWFETRkg52F1GWQjAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUL1CbYF/8AN1cEO+TdK2/29NJVGEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZhZTNlYWJjLTRjZDEtNDQ2Yi1iNjFkLTUxY2UzMWMyNmZiOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/6wDANBgkqhkiG9w0BAQsFAAOCAQEAHtbEiccu3yJCyhAKc8LIhxer
2uUzKBT95wDkLcHGnnDYLUarTqjZZLxWGfD6GI0x0TfKR7uJZ6EPB/uSvw8n7yYZ
Y5iUiQA12mCeXxO2FUJggmRy9UIZN+ZkgLLz9ucXqm9MXfowRDCB/cjrjwWl5RPQ
/KKH5fnd82tpVAGLBiXOKjIrnX3VgP7bw7it5kNvLZK8mgqaUvocGNTXKalWwOnF
ZFFo8ry+ttFSu/vpOKsy75KGkk0qv4W9FuQtXYkrsbp67v19pvppsQVfrSK4OjSK
jpGGgATdgE6/dOisPI7fggG0NPYO7WiZHHVLzyRrKuOmt/w8SVE1lYX3He2nYg==
-----END CERTIFICATE-----
Generated at Wed Aug 6 19:36:47 2025 by rpki-client