Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/586d6dac-fcf7-4c1d-9ea8-43c6a3e9de02.roa
File:                     586d6dac-fcf7-4c1d-9ea8-43c6a3e9de02.roa (raw, json)
Hash identifier:          +bZCqFl1jbqiaBfAfqHxxJWzJiqpOC9CzikeZT2nzP4=
Subject key identifier:   65:53:1E:30:3A:69:D3:2B:AD:94:43:E4:97:F5:B1:9D:4D:F3:43:67
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0D01052C296E01BF4C468624BCED7DBF78747F10
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/586d6dac-fcf7-4c1d-9ea8-43c6a3e9de02.roa
Signing time:             Fri 15 Aug 2025 00:40:16 +0000
ROA not before:           Fri 15 Aug 2025 00:40:16 +0000
ROA not after:            Fri 19 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f61:8000::/39 maxlen: 39
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:01:05:2c:29:6e:01:bf:4c:46:86:24:bc:ed:7d:bf:78:74:7f:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 15 00:40:16 2025 GMT
            Not After : Sep 19 23:59:59 2025 GMT
        Subject: serialNumber=2ba54d9d65f67bf6fdc9dc0b88e0fe4820a1febdbeabc1c43c649d1695faece1, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:b7:5d:10:21:cb:76:90:fe:53:14:ee:df:55:
                    ad:7c:94:45:d8:e5:d8:a9:29:f1:21:62:02:85:27:
                    63:4b:32:0d:fa:09:54:c4:75:46:e2:ef:52:43:66:
                    d8:45:bb:60:2a:48:39:6e:63:5e:4b:62:61:ba:ee:
                    03:97:6a:69:63:90:34:d0:ce:ac:67:35:c0:1d:67:
                    1e:99:a8:0b:60:78:3e:8a:44:34:bc:0d:55:30:76:
                    69:cb:fb:d5:1e:47:66:cf:b7:5b:16:64:a7:64:e7:
                    f5:f2:d2:24:e4:95:89:4c:fa:0e:84:22:e5:66:6e:
                    ec:42:3d:b6:61:fd:df:58:12:f1:aa:7d:70:89:8d:
                    30:38:97:6b:e0:ae:90:b4:7b:f8:bd:de:f9:cb:0d:
                    07:89:1a:e5:f8:92:89:d2:55:22:30:31:50:12:54:
                    14:1f:c1:40:13:7e:78:fe:ec:ca:fc:84:38:81:50:
                    b7:b3:17:c1:23:a6:ee:31:ef:01:4c:06:c8:eb:24:
                    94:9b:ec:ff:0a:25:fe:b7:60:eb:32:1a:0b:31:35:
                    ab:6e:0d:bf:f4:ff:61:6d:42:3c:75:c9:80:54:5d:
                    e4:82:2e:90:bb:0d:00:b6:5c:71:1d:e3:01:b9:a2:
                    a2:57:4a:40:d9:aa:75:8f:35:58:68:d9:13:a3:41:
                    90:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:53:1E:30:3A:69:D3:2B:AD:94:43:E4:97:F5:B1:9D:4D:F3:43:67
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/586d6dac-fcf7-4c1d-9ea8-43c6a3e9de02.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f61:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         4b:15:db:70:d0:38:fb:8b:a9:da:e7:26:8a:06:d8:63:b8:dc:
         c9:38:77:14:fe:37:64:5e:c0:75:83:32:93:41:27:d2:68:95:
         e2:a1:e2:b7:05:d3:cd:92:f1:30:93:a1:64:6e:b6:5c:b9:37:
         d7:e9:67:44:a7:2e:80:88:ea:3d:b0:b7:f2:3f:35:8b:53:bc:
         01:81:fd:95:6a:22:88:44:e7:3b:8b:bd:d8:3a:e3:6f:a6:38:
         d5:b2:e2:80:ca:ce:59:21:5b:b7:6d:ff:64:f7:97:69:51:fc:
         0c:29:19:28:36:0b:ac:3d:ae:9d:84:ca:e3:77:c3:de:f3:ef:
         28:22:53:c3:29:f3:b2:72:02:87:8d:39:7d:e9:f3:13:be:8a:
         ae:84:d0:77:8f:b1:23:08:9e:72:37:7e:0c:47:75:99:2e:95:
         34:7c:5e:09:e3:38:0f:39:15:33:3d:da:c0:e6:1b:c4:97:04:
         32:1f:4c:37:9c:06:dc:72:b2:de:71:13:91:1e:8a:a0:e5:92:
         29:62:24:4f:14:57:75:41:60:a6:97:26:4c:7d:cd:05:5b:9c:
         c7:17:5c:05:40:6c:3d:f4:b5:db:d5:1b:ee:0f:f9:9d:44:d5:
         ad:04:da:23:b7:f5:6b:68:b4:4d:a5:0c:91:cf:35:92:ac:2f:
         12:25:8b:00
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUDQEFLCluAb9MRoYkvO19v3h0fxAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODE1MDA0MDE2WhcNMjUwOTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0AyYmE1NGQ5ZDY1ZjY3YmY2ZmRjOWRjMGI4OGUwZmU0ODIw
YTFmZWJkYmVhYmMxYzQzYzY0OWQxNjk1ZmFlY2UxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCTt10QIct2kP5TFO7fVa18lEXY5dipKfEhYgKFJ2NLMg36
CVTEdUbi71JDZthFu2AqSDluY15LYmG67gOXamljkDTQzqxnNcAdZx6ZqAtgeD6K
RDS8DVUwdmnL+9UeR2bPt1sWZKdk5/Xy0iTklYlM+g6EIuVmbuxCPbZh/d9YEvGq
fXCJjTA4l2vgrpC0e/i93vnLDQeJGuX4konSVSIwMVASVBQfwUATfnj+7Mr8hDiB
ULezF8Ejpu4x7wFMBsjrJJSb7P8KJf63YOsyGgsxNatuDb/0/2FtQjx1yYBUXeSC
LpC7DQC2XHEd4wG5oqJXSkDZqnWPNVho2ROjQZCpAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUZVMeMDpp0yutlEPkl/WxnU3zQ2cwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU4NmQ2ZGFjLWZjZjctNGMxZC05ZWE4LTQzYzZhM2U5ZGUwMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB9hgDANBgkqhkiG9w0BAQsFAAOCAQEASxXbcNA4+4up2ucmigbYY7jc
yTh3FP43ZF7AdYMyk0En0miV4qHitwXTzZLxMJOhZG62XLk31+lnRKcugIjqPbC3
8j81i1O8AYH9lWoiiETnO4u92Drjb6Y41bLigMrOWSFbt23/ZPeXaVH8DCkZKDYL
rD2unYTK43fD3vPvKCJTwynzsnICh405fenzE76KroTQd4+xIwiecjd+DEd1mS6V
NHxeCeM4DzkVMz3awOYbxJcEMh9MN5wG3HKy3nETkR6KoOWSKWIkTxRXdUFgppcm
TH3NBVucxxdcBUBsPfS129Ub7g/5nUTVrQTaI7f1a2i0TaUMkc81kqwvEiWLAA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:00:48 2025 by rpki-client