Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/073eb97d-e872-4ff0-ad8a-a334146b45e0.roa
File:                     073eb97d-e872-4ff0-ad8a-a334146b45e0.roa (raw, json)
Hash identifier:          6PDmiXeo/x7Zif7puhEoYBo/JZ2z5vvfk79kt6FDhLo=
Subject key identifier:   9F:9A:20:5D:F1:D8:E2:9D:6A:01:FB:6A:71:E3:4F:83:4F:19:1B:42
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6AA6F7F632BC02D6A30F2A9D4036D7375AEA1D62
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/073eb97d-e872-4ff0-ad8a-a334146b45e0.roa
Signing time:             Sat 19 Jul 2025 00:11:05 +0000
ROA not before:           Sat 19 Jul 2025 00:11:05 +0000
ROA not after:            Sat 23 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff9:2000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 22 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:a6:f7:f6:32:bc:02:d6:a3:0f:2a:9d:40:36:d7:37:5a:ea:1d:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 19 00:11:05 2025 GMT
            Not After : Aug 23 23:59:59 2025 GMT
        Subject: serialNumber=195b4a389e3294fbe6078613f235aad9bdc8dfddb0f0fb85c8636f0f702080c6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:cc:8d:db:ba:87:d3:5a:a1:53:ff:c8:10:02:
                    4a:2e:a9:be:11:78:4d:47:7e:6f:e5:85:98:01:27:
                    dd:1c:5a:ef:5a:d6:19:3f:62:08:63:6b:7d:64:20:
                    d2:7b:c7:87:cd:ba:42:79:41:f3:ea:dd:c2:de:1f:
                    87:35:e1:18:1f:db:e9:87:48:b0:a8:f7:f3:4e:c9:
                    9d:e4:55:7f:62:5a:b1:dd:b5:15:a6:93:7a:39:51:
                    2e:ae:ca:a2:31:de:18:46:41:9b:a6:35:f1:ed:d9:
                    53:d7:87:52:18:41:20:a6:02:a6:08:97:a7:a3:a6:
                    c5:fd:bf:fa:0e:6e:be:07:68:95:8c:64:39:3a:d7:
                    10:0c:78:68:ac:e7:90:11:57:df:69:8a:97:f2:c0:
                    38:1b:c1:93:31:72:74:93:b8:cf:bc:ef:a9:73:0f:
                    b5:cb:36:dc:d5:40:5d:d2:01:d9:38:86:1f:60:6a:
                    a8:f8:28:b6:5d:e9:a3:00:4a:1c:b2:0d:a0:8f:6f:
                    e8:90:06:c2:02:41:f1:dc:27:21:4e:63:94:c6:67:
                    57:2b:26:e6:69:e8:3b:39:a7:4a:05:06:66:a4:fb:
                    82:61:b0:b5:3f:66:f5:bb:21:b8:2c:63:1c:8c:93:
                    45:f0:9a:97:c2:11:c4:00:36:0c:0b:c1:b0:d9:a7:
                    de:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:9A:20:5D:F1:D8:E2:9D:6A:01:FB:6A:71:E3:4F:83:4F:19:1B:42
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/073eb97d-e872-4ff0-ad8a-a334146b45e0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff9:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         b1:1f:41:69:39:f1:b8:f4:e2:5a:c5:a4:f4:03:66:af:7b:e4:
         09:47:0e:50:c2:8d:a9:3b:da:a9:27:cf:d4:1b:84:49:1e:b3:
         cb:1d:e6:2a:c8:cb:fc:ab:8e:87:ce:ff:f6:03:b8:bf:bc:d9:
         ff:21:1c:24:46:72:1f:1c:95:de:d5:ef:1a:2f:50:c0:f3:de:
         fb:39:25:4b:e9:a2:9e:79:75:cd:b8:f5:c7:09:57:c2:19:7d:
         61:05:ee:fe:87:5d:1c:00:bb:5b:17:e5:90:bf:77:0c:0a:16:
         43:ab:6e:5b:5a:3e:c4:5e:91:c2:10:dc:aa:44:bf:e1:d1:d8:
         0c:dc:07:1f:13:ab:a5:ac:10:59:93:56:a0:9b:2b:1d:e5:52:
         c7:3e:ca:21:29:1b:c4:04:e4:79:13:da:d0:1d:a9:72:69:a4:
         8d:dc:33:4a:ea:bc:68:9a:3b:82:f0:82:cf:ca:3a:9f:28:08:
         0a:24:46:c2:4c:50:8b:fa:00:90:4f:ee:c3:9f:55:71:e0:18:
         4f:ca:9b:8e:37:b0:36:b0:1c:ff:19:9a:e3:9d:5b:97:eb:13:
         14:5d:2d:73:9a:99:94:e7:f6:07:47:8c:b3:2e:54:61:f3:34:
         8b:68:dc:50:e0:31:2d:c6:9d:f1:14:04:b3:fb:a3:f7:99:a9:
         9a:c5:10:ac
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUaqb39jK8AtajDyqdQDbXN1rqHWIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE5MDAxMTA1WhcNMjUwODIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AxOTViNGEzODllMzI5NGZiZTYwNzg2MTNmMjM1YWFkOWJk
YzhkZmRkYjBmMGZiODVjODYzNmYwZjcwMjA4MGM2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCNzI3buofTWqFT/8gQAkouqb4ReE1Hfm/lhZgBJ90cWu9a
1hk/Yghja31kINJ7x4fNukJ5QfPq3cLeH4c14Rgf2+mHSLCo9/NOyZ3kVX9iWrHd
tRWmk3o5US6uyqIx3hhGQZumNfHt2VPXh1IYQSCmAqYIl6ejpsX9v/oObr4HaJWM
ZDk61xAMeGis55ARV99pipfywDgbwZMxcnSTuM+876lzD7XLNtzVQF3SAdk4hh9g
aqj4KLZd6aMAShyyDaCPb+iQBsICQfHcJyFOY5TGZ1crJuZp6Ds5p0oFBmak+4Jh
sLU/ZvW7IbgsYxyMk0XwmpfCEcQANgwLwbDZp97VAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUn5ogXfHY4p1qAftqceNPg08ZG0IwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA3M2ViOTdkLWU4NzItNGZmMC1hZDhhLWEzMzQxNDZiNDVlMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/5IDANBgkqhkiG9w0BAQsFAAOCAQEAsR9BaTnxuPTiWsWk9ANmr3vk
CUcOUMKNqTvaqSfP1BuESR6zyx3mKsjL/KuOh87/9gO4v7zZ/yEcJEZyHxyV3tXv
Gi9QwPPe+zklS+minnl1zbj1xwlXwhl9YQXu/oddHAC7WxflkL93DAoWQ6tuW1o+
xF6RwhDcqkS/4dHYDNwHHxOrpawQWZNWoJsrHeVSxz7KISkbxATkeRPa0B2pcmmk
jdwzSuq8aJo7gvCCz8o6nygICiRGwkxQi/oAkE/uw59VceAYT8qbjjewNrAc/xma
451bl+sTFF0tc5qZlOf2B0eMsy5UYfM0i2jcUOAxLcad8RQEs/uj95mpmsUQrA==
-----END CERTIFICATE-----