Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1a6e493f-275f-4a84-b751-a3051f88db2b.roa
File:                     1a6e493f-275f-4a84-b751-a3051f88db2b.roa (raw, json)
Hash identifier:          S7d+ZwHQLdxClNtwz0B4ikro6/AZskUdBiKupH5Aro8=
Subject key identifier:   55:BD:5C:97:BC:B7:EC:41:52:4D:94:60:EB:62:18:69:93:A4:2F:A9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       327723E6AE925BCF4881547B4172E099DAE621D5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1a6e493f-275f-4a84-b751-a3051f88db2b.roa
Signing time:             Mon 23 Jun 2025 15:12:17 +0000
ROA not before:           Mon 23 Jun 2025 15:12:17 +0000
ROA not after:            Mon 28 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fa0:2000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 30 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:77:23:e6:ae:92:5b:cf:48:81:54:7b:41:72:e0:99:da:e6:21:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 23 15:12:17 2025 GMT
            Not After : Jul 28 23:59:59 2025 GMT
        Subject: serialNumber=0c417b3597b3a7f7ce1807d1f1a14d99b71ae18f5558bcf82d6603d6811c7eb9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:87:03:be:61:bd:38:cc:4c:af:ee:97:59:ec:
                    18:b8:69:80:c4:c3:84:71:05:20:64:8a:90:46:ce:
                    89:94:e0:d7:9d:f4:a1:35:d5:f3:a2:6e:ee:03:62:
                    0f:de:8f:eb:8c:39:c3:84:d3:e1:23:cf:65:9d:ed:
                    1e:7d:3c:0a:71:17:68:0b:8b:58:c1:77:52:bc:7a:
                    39:49:d1:de:c8:bc:10:7a:a9:6f:6e:0e:82:80:19:
                    48:fb:8c:6a:57:4b:84:8c:f7:c3:2c:bb:f8:6e:69:
                    0a:0b:95:d7:d5:c4:e6:aa:8a:9e:87:0c:57:01:67:
                    c0:3a:5f:55:97:41:28:65:50:7e:19:d5:c0:da:a2:
                    92:d6:0c:07:04:b1:c2:e3:50:92:9a:2c:c7:81:ad:
                    bb:ce:e9:7f:54:c1:d8:d0:50:69:16:e4:32:73:f4:
                    da:8a:dd:e2:e8:67:09:d7:dc:d3:18:ea:9a:83:37:
                    55:01:8b:fa:a5:72:b4:d5:6c:58:65:2f:96:47:70:
                    8f:67:32:3b:d3:08:fb:02:b8:f9:53:55:a9:b0:3d:
                    00:2d:b2:f5:9f:47:c0:cc:5d:35:e8:b4:bc:bb:04:
                    9b:60:de:5b:3b:a2:ef:86:30:9a:ee:7a:ae:d3:68:
                    30:c6:6d:d3:17:58:58:af:a8:e2:1d:b5:50:90:f0:
                    a1:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:BD:5C:97:BC:B7:EC:41:52:4D:94:60:EB:62:18:69:93:A4:2F:A9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1a6e493f-275f-4a84-b751-a3051f88db2b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fa0:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         26:4b:3e:56:29:8c:c2:15:92:0f:0a:d0:c2:2b:f1:9d:34:15:
         d8:e0:c7:2c:9e:1a:b6:87:1b:d9:53:a6:9c:aa:e8:e6:c6:11:
         b3:99:23:1d:66:c3:fb:3e:26:f5:4c:28:e8:0b:4e:16:c3:1d:
         07:bd:50:47:89:87:4a:6d:ce:4c:92:28:33:a7:14:74:9a:50:
         b9:bf:f4:61:6d:39:b4:34:9e:5f:30:96:ff:69:b4:ea:80:99:
         c2:82:27:df:3d:ec:3b:f3:26:70:f6:cd:ed:fa:a1:f0:18:48:
         27:ff:47:34:a5:12:cb:a8:34:4a:2d:89:c0:d3:4c:37:99:df:
         d5:b7:e0:c8:09:06:c2:75:22:47:81:2b:75:f7:d9:e6:0e:b3:
         72:ff:e5:d8:a3:32:3f:1c:24:cf:ae:f9:5a:cd:82:02:a6:df:
         40:f1:96:26:89:2d:1b:d4:43:a2:3a:33:8d:09:97:53:61:33:
         0b:46:1d:34:26:53:06:bf:15:ec:a0:e9:49:1d:e3:7b:09:90:
         9e:a2:d7:b0:73:0f:47:61:84:80:46:b9:a5:7d:42:c3:0c:1e:
         d6:03:6a:12:71:ac:f5:3c:b8:ab:da:1f:37:04:8d:94:98:7e:
         e0:6b:ef:e8:35:a5:31:12:a9:9a:74:71:09:40:86:05:88:a1:
         8b:b4:23:a7
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUMncj5q6SW89IgVR7QXLgmdrmIdUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjIzMTUxMjE3WhcNMjUwNzI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwYzQxN2IzNTk3YjNhN2Y3Y2UxODA3ZDFmMWExNGQ5OWI3
MWFlMThmNTU1OGJjZjgyZDY2MDNkNjgxMWM3ZWI5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDihwO+Yb04zEyv7pdZ7Bi4aYDEw4RxBSBkipBGzomU4Ned
9KE11fOibu4DYg/ej+uMOcOE0+Ejz2Wd7R59PApxF2gLi1jBd1K8ejlJ0d7IvBB6
qW9uDoKAGUj7jGpXS4SM98Msu/huaQoLldfVxOaqip6HDFcBZ8A6X1WXQShlUH4Z
1cDaopLWDAcEscLjUJKaLMeBrbvO6X9UwdjQUGkW5DJz9NqK3eLoZwnX3NMY6pqD
N1UBi/qlcrTVbFhlL5ZHcI9nMjvTCPsCuPlTVamwPQAtsvWfR8DMXTXotLy7BJtg
3ls7ou+GMJrueq7TaDDGbdMXWFivqOIdtVCQ8KFFAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUVb1cl7y37EFSTZRg62IYaZOkL6kwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFhNmU0OTNmLTI3NWYtNGE4NC1iNzUxLWEzMDUxZjg4ZGIyYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB+gIDANBgkqhkiG9w0BAQsFAAOCAQEAJks+VimMwhWSDwrQwivxnTQV
2ODHLJ4atocb2VOmnKro5sYRs5kjHWbD+z4m9Uwo6AtOFsMdB71QR4mHSm3OTJIo
M6cUdJpQub/0YW05tDSeXzCW/2m06oCZwoIn3z3sO/MmcPbN7fqh8BhIJ/9HNKUS
y6g0Si2JwNNMN5nf1bfgyAkGwnUiR4ErdffZ5g6zcv/l2KMyPxwkz675Ws2CAqbf
QPGWJoktG9RDojozjQmXU2EzC0YdNCZTBr8V7KDpSR3jewmQnqLXsHMPR2GEgEa5
pX1Cwwwe1gNqEnGs9Ty4q9ofNwSNlJh+4Gvv6DWlMRKpmnRxCUCGBYihi7Qjpw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:37:28 2025 by rpki-client