Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c5709ea0-6bb9-4753-913b-299185e04aba.roa
File:                     c5709ea0-6bb9-4753-913b-299185e04aba.roa (raw, json)
Hash identifier:          eO/HgCqe2QAz1IuI/4W99YKL/6JUvIvGmrN/1F7YUKQ=
Subject key identifier:   BC:04:53:49:52:80:58:EB:1F:25:2A:0C:32:69:11:9A:77:8F:AC:C9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6B7F6F5B5F036609E422CCFFAE1A946548BF9A26
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c5709ea0-6bb9-4753-913b-299185e04aba.roa
Signing time:             Fri 13 Jun 2025 15:50:21 +0000
ROA not before:           Fri 13 Jun 2025 15:50:21 +0000
ROA not after:            Fri 18 Jul 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f69:8080::/46 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 03 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:7f:6f:5b:5f:03:66:09:e4:22:cc:ff:ae:1a:94:65:48:bf:9a:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 13 15:50:21 2025 GMT
            Not After : Jul 18 23:59:59 2025 GMT
        Subject: serialNumber=ef487bee1f4387add7ef22c7381a8ee5d010acd7238bdc4fc4764505021a1e9f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:11:d8:c4:d6:0d:c0:8d:1d:02:53:5e:28:f2:
                    80:2e:32:5c:9b:17:42:d8:45:b8:4a:a8:71:f0:a5:
                    0c:5f:61:0c:33:5e:a8:2c:55:1d:3c:6d:01:23:53:
                    f2:fd:86:64:0d:38:fa:42:52:3d:fe:59:e1:c7:41:
                    57:81:4d:ac:22:43:dd:c6:d7:72:6b:47:d4:c7:eb:
                    e7:e1:57:b1:b9:12:a1:46:91:dc:63:a7:a4:b9:23:
                    ed:b7:fb:bd:42:c4:b3:a5:ac:1f:c1:16:5f:10:c2:
                    76:d3:f1:d8:2f:0e:e1:58:16:85:51:0d:21:e8:45:
                    c3:2d:7d:73:77:80:d7:98:bf:61:34:5a:a4:d2:78:
                    e1:2b:e4:55:98:9b:d0:88:fe:23:e8:24:c3:7f:67:
                    1f:46:2e:fb:c5:e2:e6:b1:09:2f:5f:70:37:3a:9d:
                    81:be:56:10:89:48:8f:34:41:70:c0:3b:31:55:12:
                    20:bb:dd:62:6a:cb:9a:08:eb:25:35:e0:a5:50:f2:
                    3c:b6:10:c3:a0:4d:0c:1a:9d:b2:98:23:7e:80:85:
                    08:b5:5f:77:4d:52:fe:b2:6e:46:cf:3a:91:39:08:
                    89:84:40:28:da:5b:8f:6b:bc:c3:8e:b2:d5:b2:a4:
                    fe:60:a1:20:43:c0:40:1c:0b:58:91:d3:45:d2:c0:
                    0f:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:04:53:49:52:80:58:EB:1F:25:2A:0C:32:69:11:9A:77:8F:AC:C9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c5709ea0-6bb9-4753-913b-299185e04aba.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f69:8080::/46

    Signature Algorithm: sha256WithRSAEncryption
         2a:ef:82:22:5b:66:ae:89:3f:9f:d8:8d:9d:f8:f1:f7:99:09:
         07:d8:9e:04:1f:97:c2:09:6d:b1:5b:0b:cd:e4:e1:6c:7a:4f:
         3a:24:1a:52:0a:5a:fc:2d:16:dd:60:9d:dc:09:34:ea:b5:2a:
         54:04:c5:97:2d:37:53:7b:c1:da:3b:b0:03:d4:35:40:78:51:
         0c:04:ee:01:a9:ac:a0:90:99:b9:4a:06:72:2b:5c:a8:66:90:
         6c:54:64:d6:a9:6b:25:49:57:f0:d2:9c:9d:75:94:4a:e0:1f:
         ce:5b:c0:ca:21:b5:58:11:c6:2f:73:92:1e:4d:aa:dc:50:1a:
         2e:c6:d2:d3:9f:1f:06:1a:a1:46:35:be:7e:3a:4c:2d:b3:1b:
         98:cb:f5:c6:50:61:ed:4d:44:c2:1e:15:a0:b2:02:8d:01:fb:
         e4:25:b8:c1:e6:c1:11:6d:3a:ad:83:ef:56:92:ae:e3:1a:a1:
         ec:80:40:ec:67:dc:a4:e7:3b:1b:dd:1f:35:ca:b6:eb:81:b2:
         5b:81:a2:b7:ca:81:c7:52:93:40:9e:91:47:59:8d:5a:dc:e9:
         5a:c3:e7:c3:38:b5:bc:f2:6b:32:1a:97:58:fe:a5:bb:ac:a6:
         ad:62:29:6d:d5:6e:2e:67:83:74:94:a5:3d:20:0c:a1:2d:be:
         e0:28:e2:77
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUa39vW18DZgnkIsz/rhqUZUi/miYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjEzMTU1MDIxWhcNMjUwNzE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZjQ4N2JlZTFmNDM4N2FkZDdlZjIyYzczODFhOGVlNWQw
MTBhY2Q3MjM4YmRjNGZjNDc2NDUwNTAyMWExZTlmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDREdjE1g3AjR0CU14o8oAuMlybF0LYRbhKqHHwpQxfYQwz
XqgsVR08bQEjU/L9hmQNOPpCUj3+WeHHQVeBTawiQ93G13JrR9TH6+fhV7G5EqFG
kdxjp6S5I+23+71CxLOlrB/BFl8QwnbT8dgvDuFYFoVRDSHoRcMtfXN3gNeYv2E0
WqTSeOEr5FWYm9CI/iPoJMN/Zx9GLvvF4uaxCS9fcDc6nYG+VhCJSI80QXDAOzFV
EiC73WJqy5oI6yU14KVQ8jy2EMOgTQwanbKYI36AhQi1X3dNUv6ybkbPOpE5CImE
QCjaW49rvMOOstWypP5goSBDwEAcC1iR00XSwA/HAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUvARTSVKAWOsfJSoMMmkRmnePrMkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M1NzA5ZWEwLTZiYjktNDc1My05MTNiLTI5OTE4NWUwNGFiYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwImAB9pgIAwDQYJKoZIhvcNAQELBQADggEBACrvgiJbZq6JP5/YjZ348feZ
CQfYngQfl8IJbbFbC83k4Wx6TzokGlIKWvwtFt1gndwJNOq1KlQExZctN1N7wdo7
sAPUNUB4UQwE7gGprKCQmblKBnIrXKhmkGxUZNapayVJV/DSnJ11lErgH85bwMoh
tVgRxi9zkh5NqtxQGi7G0tOfHwYaoUY1vn46TC2zG5jL9cZQYe1NRMIeFaCyAo0B
++QluMHmwRFtOq2D71aSruMaoeyAQOxn3KTnOxvdHzXKtuuBsluBorfKgcdSk0Ce
kUdZjVrc6VrD58M4tbzyazIal1j+pbuspq1iKW3Vbi5ng3SUpT0gDKEtvuAo4nc=
-----END CERTIFICATE-----