Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/028118d1-babf-45ab-b5d9-f9af98ec99cd.roa
File:                     028118d1-babf-45ab-b5d9-f9af98ec99cd.roa (raw, json)
Hash identifier:          JU1f0mt9CSFritKghoSMdLKmSkjmRNYeMLd4/68j2do=
Subject key identifier:   83:9B:24:57:E0:32:94:58:77:72:85:68:E6:5E:1B:65:10:4F:CC:7F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       49027808D69344889AC9016401D4DF975B49DA4B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/028118d1-babf-45ab-b5d9-f9af98ec99cd.roa
Signing time:             Tue 08 Jul 2025 16:31:11 +0000
ROA not before:           Tue 08 Jul 2025 16:31:11 +0000
ROA not after:            Tue 12 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f70:8000::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:02:78:08:d6:93:44:88:9a:c9:01:64:01:d4:df:97:5b:49:da:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  8 16:31:11 2025 GMT
            Not After : Aug 12 23:59:59 2025 GMT
        Subject: serialNumber=2456a838b23ca263abc8dbc6295a07fa17b357d69bd17079fddc2eba7be2b285, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:e9:40:ef:2d:19:0a:df:e1:26:6e:6b:dd:31:
                    f1:4b:ff:30:98:ad:8e:95:3f:6f:91:31:0f:89:33:
                    1e:71:f9:fe:d6:f2:19:b6:d4:ea:ae:fd:68:66:0b:
                    5f:36:a4:1e:24:fc:16:f5:c1:d1:18:e7:25:29:bf:
                    b4:ad:57:b5:b3:a1:96:50:06:3d:61:cd:08:fc:38:
                    e9:f4:90:9f:99:b3:25:19:b1:7e:ea:6b:6e:4e:b7:
                    18:4c:a5:86:5c:7d:3a:b7:b1:3f:62:d8:70:f5:78:
                    a9:9a:ab:db:13:da:22:22:3c:39:39:b6:59:df:6e:
                    0d:44:ea:53:d2:9e:ac:f1:fd:f1:de:55:62:48:e6:
                    e4:3e:a4:7d:c4:95:3e:4d:2f:fa:f9:3f:1f:19:6b:
                    96:62:a7:01:94:4d:2b:ce:37:ea:07:fb:0b:57:bc:
                    96:1d:4b:ca:24:f8:45:bd:b8:aa:0a:06:a2:70:ac:
                    cb:ab:6e:9f:7d:ab:a3:c0:89:c4:ce:b1:98:fb:fb:
                    cf:b1:84:21:6e:bd:b6:17:6f:43:ac:ce:59:c5:ce:
                    02:54:a7:78:de:4c:c2:77:dc:bd:e9:67:1a:23:81:
                    e3:dd:bd:09:9c:3d:f5:55:a2:08:1a:dc:4e:6b:e7:
                    c6:42:88:8a:06:bf:1d:33:2d:d2:9a:88:f9:c4:cf:
                    b1:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:9B:24:57:E0:32:94:58:77:72:85:68:E6:5E:1B:65:10:4F:CC:7F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/028118d1-babf-45ab-b5d9-f9af98ec99cd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f70:8000::/40

    Signature Algorithm: sha256WithRSAEncryption
         d5:af:81:a3:d3:46:61:f4:5f:77:85:63:07:bb:d1:bb:3c:bd:
         3c:6c:7e:83:89:3e:b4:d1:8a:90:7a:0e:e6:62:8a:5e:65:26:
         d0:b1:57:5d:83:98:2d:8a:76:1f:a2:00:ea:35:c3:bb:94:b8:
         4c:99:51:d8:49:12:85:40:c0:5a:af:ec:e2:b5:a4:e2:4c:19:
         8f:2b:a9:c6:00:1e:56:9d:de:6f:05:8c:ab:50:d1:bb:a5:51:
         aa:6f:28:6d:d7:21:ef:99:a3:5a:b7:d9:50:18:00:c4:25:a1:
         da:a1:9e:7b:aa:42:a1:cd:d6:30:50:00:cc:2d:68:65:b5:99:
         32:4a:09:49:92:f3:1f:0c:87:da:ab:49:c9:f4:33:db:68:ad:
         ce:b0:af:be:1c:8c:ce:26:b2:4a:8a:36:09:de:b5:fb:02:fb:
         41:28:78:0c:11:65:78:3f:49:22:70:70:b4:52:ea:e8:ce:77:
         d8:62:ff:05:a7:71:90:a1:fb:1e:ce:a4:81:58:a3:06:d5:9f:
         a2:b3:ab:97:24:58:96:d7:ff:e5:bc:d1:61:d0:bb:ae:c0:b1:
         ec:19:61:21:f6:96:cd:57:f6:c0:54:3d:0e:e7:cb:29:d2:c8:
         0b:f9:36:85:d2:0b:64:72:13:a3:67:85:3d:68:5f:8f:e4:8c:
         21:86:e6:12
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUSQJ4CNaTRIiayQFkAdTfl1tJ2kswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA4MTYzMTExWhcNMjUwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AyNDU2YTgzOGIyM2NhMjYzYWJjOGRiYzYyOTVhMDdmYTE3
YjM1N2Q2OWJkMTcwNzlmZGRjMmViYTdiZTJiMjg1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDI6UDvLRkK3+EmbmvdMfFL/zCYrY6VP2+RMQ+JMx5x+f7W
8hm21Oqu/WhmC182pB4k/Bb1wdEY5yUpv7StV7WzoZZQBj1hzQj8OOn0kJ+ZsyUZ
sX7qa25OtxhMpYZcfTq3sT9i2HD1eKmaq9sT2iIiPDk5tlnfbg1E6lPSnqzx/fHe
VWJI5uQ+pH3ElT5NL/r5Px8Za5ZipwGUTSvON+oH+wtXvJYdS8ok+EW9uKoKBqJw
rMurbp99q6PAicTOsZj7+8+xhCFuvbYXb0OszlnFzgJUp3jeTMJ33L3pZxojgePd
vQmcPfVVogga3E5r58ZCiIoGvx0zLdKaiPnEz7GbAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUg5skV+AylFh3coVo5l4bZRBPzH8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzAyODExOGQxLWJhYmYtNDVhYi1iNWQ5LWY5YWY5OGVjOTljZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9wgDANBgkqhkiG9w0BAQsFAAOCAQEA1a+Bo9NGYfRfd4VjB7vRuzy9
PGx+g4k+tNGKkHoO5mKKXmUm0LFXXYOYLYp2H6IA6jXDu5S4TJlR2EkShUDAWq/s
4rWk4kwZjyupxgAeVp3ebwWMq1DRu6VRqm8obdch75mjWrfZUBgAxCWh2qGee6pC
oc3WMFAAzC1oZbWZMkoJSZLzHwyH2qtJyfQz22itzrCvvhyMziaySoo2Cd61+wL7
QSh4DBFleD9JInBwtFLq6M532GL/BadxkKH7Hs6kgVijBtWforOrlyRYltf/5bzR
YdC7rsCx7BlhIfaWzVf2wFQ9DufLKdLIC/k2hdILZHITo2eFPWhfj+SMIYbmEg==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:11:19 2025 by rpki-client