Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9042db9e-5d32-4ee2-947c-ababef047f42.roa
File:                     9042db9e-5d32-4ee2-947c-ababef047f42.roa (raw, json)
Hash identifier:          90bnoxC9nHoFOTJi2EcWE91RxuwLMTpBd2H96riiYJA=
Subject key identifier:   3C:22:BD:CD:0B:10:4E:5C:38:07:CE:48:48:E1:58:DD:70:C0:CB:56
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7CCF594F7B3555719F4A5B4DFBA7A5735943F5A9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9042db9e-5d32-4ee2-947c-ababef047f42.roa
Signing time:             Tue 17 Jun 2025 00:21:15 +0000
ROA not before:           Tue 17 Jun 2025 00:21:15 +0000
ROA not after:            Tue 22 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f60:5000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 02 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:cf:59:4f:7b:35:55:71:9f:4a:5b:4d:fb:a7:a5:73:59:43:f5:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 17 00:21:15 2025 GMT
            Not After : Jul 22 23:59:59 2025 GMT
        Subject: serialNumber=83910fb2436fa68d11e48aee652af9198611bd1af578e7d9eeeafaa5a1c8a637, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:32:36:47:7e:01:a4:db:ee:d3:6d:da:1e:95:
                    2a:5e:6d:54:e8:03:a2:74:f4:57:02:0a:43:9f:57:
                    dc:14:96:39:6a:da:3b:0c:06:44:78:3b:ea:1a:82:
                    f6:76:ee:15:f7:12:84:35:28:7a:58:c2:a0:6a:5f:
                    83:39:33:2c:f9:e6:ce:7a:67:bb:c9:89:a4:35:c0:
                    14:95:12:2f:7a:6e:3d:06:f1:5c:3b:be:b8:e1:11:
                    f2:6e:5f:88:fa:d3:7a:01:57:16:30:7c:02:9c:74:
                    cc:eb:37:0e:96:fb:ce:ac:a2:7b:e7:ef:42:32:41:
                    9a:25:69:a9:cf:b8:4e:84:a9:83:51:f4:8d:39:de:
                    55:a4:46:dd:c1:41:ef:40:6e:f3:29:e3:3a:2f:e0:
                    90:db:3c:64:a8:c7:12:e5:05:ae:fe:5e:cb:46:f9:
                    06:94:d4:36:df:cd:55:00:25:6b:f7:53:5a:39:e2:
                    4d:7c:32:da:4b:ac:92:00:bf:b2:72:21:86:28:b3:
                    7f:52:69:89:f5:b0:52:48:58:9e:af:f9:11:36:c6:
                    6a:f5:b3:e7:25:8a:5c:80:61:f8:f7:a0:6a:dd:d3:
                    65:24:86:c2:00:97:b2:29:0c:6e:56:b0:e1:e7:43:
                    e3:51:25:3f:ab:3e:9c:56:03:8e:83:fa:59:60:c9:
                    8d:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:22:BD:CD:0B:10:4E:5C:38:07:CE:48:48:E1:58:DD:70:C0:CB:56
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9042db9e-5d32-4ee2-947c-ababef047f42.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f60:5000::/40

    Signature Algorithm: sha256WithRSAEncryption
         ac:30:b9:27:42:93:34:21:e4:e3:aa:34:89:2a:54:26:ab:93:
         c8:5f:55:60:23:fc:74:59:3c:4a:5a:90:36:3e:bb:e7:58:da:
         f2:07:66:86:cc:eb:e9:94:cc:fd:22:87:7f:cb:b6:d3:c9:86:
         7a:8a:56:fd:7b:d5:81:43:e1:e5:86:da:b2:76:97:c8:f8:13:
         f2:85:03:fb:54:62:7e:d4:5c:b5:57:97:46:ad:b0:b0:29:de:
         ce:80:9f:f9:a2:68:46:4c:75:34:cc:06:08:1a:b8:41:d8:03:
         f9:be:d3:71:18:ab:97:a1:31:a5:e4:05:47:f7:2d:45:2b:9d:
         6e:c9:e1:8f:d4:74:74:ce:f2:7b:37:e5:b2:38:55:6c:21:8d:
         c6:b4:0c:dd:f6:96:fc:1d:05:20:ea:bf:58:18:04:cc:67:da:
         6d:7e:62:30:49:d7:01:7c:f0:be:6c:a1:89:19:9f:5e:93:8c:
         52:87:86:f6:43:5b:1c:1e:1d:13:2c:96:a0:ff:0c:f1:80:36:
         a8:a9:fc:df:44:0c:47:f6:c6:85:95:1b:8a:aa:28:3f:f4:00:
         6b:4d:62:59:29:8e:e1:a3:d1:20:c2:4b:30:fa:7e:10:e9:27:
         74:e7:4d:df:e5:83:21:36:09:9b:8f:77:3a:51:6c:a8:81:88:
         38:2b:39:98
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUfM9ZT3s1VXGfSltN+6elc1lD9akwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjE3MDAyMTE1WhcNMjUwNzIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A4MzkxMGZiMjQzNmZhNjhkMTFlNDhhZWU2NTJhZjkxOTg2
MTFiZDFhZjU3OGU3ZDllZWVhZmFhNWExYzhhNjM3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdMjZHfgGk2+7TbdoelSpebVToA6J09FcCCkOfV9wUljlq
2jsMBkR4O+oagvZ27hX3EoQ1KHpYwqBqX4M5Myz55s56Z7vJiaQ1wBSVEi96bj0G
8Vw7vrjhEfJuX4j603oBVxYwfAKcdMzrNw6W+86sonvn70IyQZolaanPuE6EqYNR
9I053lWkRt3BQe9AbvMp4zov4JDbPGSoxxLlBa7+XstG+QaU1DbfzVUAJWv3U1o5
4k18MtpLrJIAv7JyIYYos39SaYn1sFJIWJ6v+RE2xmr1s+clilyAYfj3oGrd02Uk
hsIAl7IpDG5WsOHnQ+NRJT+rPpxWA46D+llgyY3LAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUPCK9zQsQTlw4B85ISOFY3XDAy1YwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkwNDJkYjllLTVkMzItNGVlMi05NDdjLWFiYWJlZjA0N2Y0Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9gUDANBgkqhkiG9w0BAQsFAAOCAQEArDC5J0KTNCHk46o0iSpUJquT
yF9VYCP8dFk8SlqQNj6751ja8gdmhszr6ZTM/SKHf8u208mGeopW/XvVgUPh5Yba
snaXyPgT8oUD+1RiftRctVeXRq2wsCnezoCf+aJoRkx1NMwGCBq4QdgD+b7TcRir
l6ExpeQFR/ctRSudbsnhj9R0dM7yezflsjhVbCGNxrQM3faW/B0FIOq/WBgEzGfa
bX5iMEnXAXzwvmyhiRmfXpOMUoeG9kNbHB4dEyyWoP8M8YA2qKn830QMR/bGhZUb
iqooP/QAa01iWSmO4aPRIMJLMPp+EOkndOdN3+WDITYJm493OlFsqIGIOCs5mA==
-----END CERTIFICATE-----
Generated at Tue Jul 1 13:03:44 2025 by rpki-client