Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4d439b2b-8291-4d7c-8bc8-81770a6741a8.roa
File:                     4d439b2b-8291-4d7c-8bc8-81770a6741a8.roa (raw, json)
Hash identifier:          rWRwpV9FwJM0VQa+YKRJN3TvDyakViOWd1Mm+ZW6k/w=
Subject key identifier:   A5:A8:26:21:9F:D7:40:2D:E0:27:03:DD:60:75:07:17:75:90:A0:60
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       58D13BDD85CE6666259B3FD4794437CCC535E2BB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4d439b2b-8291-4d7c-8bc8-81770a6741a8.roa
Signing time:             Fri 27 Jun 2025 00:21:07 +0000
ROA not before:           Fri 27 Jun 2025 00:21:07 +0000
ROA not after:            Fri 01 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f22:c000::/36 maxlen: 36
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 02 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:d1:3b:dd:85:ce:66:66:25:9b:3f:d4:79:44:37:cc:c5:35:e2:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 27 00:21:07 2025 GMT
            Not After : Aug  1 23:59:59 2025 GMT
        Subject: serialNumber=3243c3a92bf7cf496bc29a05276e4d6d0d2e0411dddaa8cddeaeab42aa60dd27, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:0b:ad:a5:92:a0:a1:27:01:c9:59:54:cb:2e:
                    88:0b:f9:69:12:52:bc:23:cd:ba:b7:dd:60:dc:ec:
                    ea:13:92:79:ba:6f:4d:f8:4b:e0:6f:f2:ee:4e:66:
                    e7:f4:c8:7f:57:27:12:b7:52:1c:eb:79:47:fb:ba:
                    c6:a4:38:c2:b5:d3:70:17:6b:a6:b3:9a:2b:cb:79:
                    3c:11:88:ec:bf:5d:09:b7:eb:41:00:95:66:9e:74:
                    e3:8b:ef:b9:de:6f:4a:54:98:5f:a5:52:00:37:be:
                    91:38:d9:65:ad:56:81:fe:16:24:92:d5:8d:58:e2:
                    2d:f9:58:0b:15:dc:e8:b2:91:48:b8:80:bd:b2:09:
                    61:9a:53:b8:4a:2b:d5:44:4e:86:4d:e5:fd:8e:0b:
                    de:f9:ee:27:d3:9c:16:4a:23:c1:ba:7a:55:6e:67:
                    36:3b:17:7f:1f:83:89:37:14:23:ba:2c:91:9e:e1:
                    e9:71:b2:49:a8:b4:30:4c:07:48:77:25:66:f2:51:
                    50:1c:e0:95:44:b2:54:6d:00:d8:06:7b:9f:05:9a:
                    db:bf:dd:c8:cb:1c:9c:25:40:e9:6d:4e:ed:6a:33:
                    34:36:26:ad:01:d8:fe:e8:ea:81:79:0d:09:d0:fd:
                    41:dc:fe:bc:c9:05:0a:dc:fe:c5:24:a2:c3:ed:83:
                    ac:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:A8:26:21:9F:D7:40:2D:E0:27:03:DD:60:75:07:17:75:90:A0:60
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4d439b2b-8291-4d7c-8bc8-81770a6741a8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f22:c000::/36

    Signature Algorithm: sha256WithRSAEncryption
         0f:e6:b0:5d:f8:c5:59:a4:c4:3d:ad:23:e3:c6:6a:e1:28:5d:
         34:a9:c5:68:f2:21:6f:69:01:e2:8c:17:b7:b9:95:0e:f9:21:
         80:74:26:48:e5:04:99:be:56:c1:99:51:30:6f:73:27:3b:57:
         c2:e7:68:ae:a5:2e:ec:f2:69:70:6a:d2:92:70:17:72:2a:69:
         c8:7e:d0:97:99:7a:0c:98:02:5c:11:ba:00:ef:a1:2e:a8:80:
         51:6b:f1:ae:fb:79:49:00:c5:20:3c:ae:75:b9:3f:72:eb:48:
         37:32:fc:80:93:17:1a:ba:3d:8a:16:9c:09:55:ba:0d:e1:c5:
         96:61:e2:97:11:0c:2a:01:c7:11:cf:f7:66:0f:8f:ea:10:10:
         73:64:7b:7b:00:26:dc:6f:78:1f:57:e0:58:e4:d5:51:a7:62:
         0d:cf:0d:f0:7b:b3:b9:7c:81:cb:9b:cc:8c:6d:d6:60:4f:cb:
         2c:08:aa:39:ec:3b:7d:ca:52:ee:a9:b1:fe:5e:05:74:63:87:
         39:f2:3d:65:3d:fa:6a:40:ff:fc:4b:da:39:61:90:90:76:bd:
         80:45:7f:5a:e1:96:dc:2d:a3:d9:f2:c4:a9:72:57:66:69:e2:
         e3:bf:04:80:95:bc:0a:95:ab:e5:71:c2:60:e4:94:08:07:7f:
         a8:0a:59:89
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUWNE73YXOZmYlmz/UeUQ3zMU14rswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjI3MDAyMTA3WhcNMjUwODAxMjM1OTU5
WjB6MUkwRwYDVQQFE0AzMjQzYzNhOTJiZjdjZjQ5NmJjMjlhMDUyNzZlNGQ2ZDBk
MmUwNDExZGRkYWE4Y2RkZWFlYWI0MmFhNjBkZDI3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJC62lkqChJwHJWVTLLogL+WkSUrwjzbq33WDc7OoTknm6
b034S+Bv8u5OZuf0yH9XJxK3UhzreUf7usakOMK103AXa6azmivLeTwRiOy/XQm3
60EAlWaedOOL77neb0pUmF+lUgA3vpE42WWtVoH+FiSS1Y1Y4i35WAsV3OiykUi4
gL2yCWGaU7hKK9VEToZN5f2OC9757ifTnBZKI8G6elVuZzY7F38fg4k3FCO6LJGe
4elxskmotDBMB0h3JWbyUVAc4JVEslRtANgGe58Fmtu/3cjLHJwlQOltTu1qMzQ2
Jq0B2P7o6oF5DQnQ/UHc/rzJBQrc/sUkosPtg6x9AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUpagmIZ/XQC3gJwPdYHUHF3WQoGAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRkNDM5YjJiLTgyOTEtNGQ3Yy04YmM4LTgxNzcwYTY3NDFhOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8iwDANBgkqhkiG9w0BAQsFAAOCAQEAD+awXfjFWaTEPa0j48Zq4Shd
NKnFaPIhb2kB4owXt7mVDvkhgHQmSOUEmb5WwZlRMG9zJztXwudorqUu7PJpcGrS
knAXcippyH7Ql5l6DJgCXBG6AO+hLqiAUWvxrvt5SQDFIDyudbk/cutINzL8gJMX
Gro9ihacCVW6DeHFlmHilxEMKgHHEc/3Zg+P6hAQc2R7ewAm3G94H1fgWOTVUadi
Dc8N8HuzuXyBy5vMjG3WYE/LLAiqOew7fcpS7qmx/l4FdGOHOfI9ZT36akD//Eva
OWGQkHa9gEV/WuGW3C2j2fLEqXJXZmni478EgJW8CpWr5XHCYOSUCAd/qApZiQ==
-----END CERTIFICATE-----