Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0cf50ad6-9442-4597-8c89-e5beb52d50eb.roa
File:                     0cf50ad6-9442-4597-8c89-e5beb52d50eb.roa (raw, json)
Hash identifier:          BuVd0qa77bKrT/8Xrq2RtrbRKU44+eAW2mqhniIKkxo=
Subject key identifier:   94:DA:75:73:AF:74:9F:BB:BD:8A:30:56:FB:AA:02:4C:2E:91:0D:FC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5F59CA253956567FB4AE7C245C936883E9A8A1B0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0cf50ad6-9442-4597-8c89-e5beb52d50eb.roa
Signing time:             Sat 12 Jul 2025 00:32:08 +0000
ROA not before:           Sat 12 Jul 2025 00:32:08 +0000
ROA not after:            Sat 16 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f2a:c800::/37 maxlen: 37
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:59:ca:25:39:56:56:7f:b4:ae:7c:24:5c:93:68:83:e9:a8:a1:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 12 00:32:08 2025 GMT
            Not After : Aug 16 23:59:59 2025 GMT
        Subject: serialNumber=054bf91fb460fd653a3783457283ac71d4cbf179301c8ea9177d8a3e1b0d9a3b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:12:ac:c9:2e:ac:5e:71:99:6c:83:ba:a2:f6:
                    fa:9b:f2:b5:b8:b4:7e:a3:f8:c3:37:1b:4a:ee:0e:
                    88:39:17:3f:3f:ac:aa:b7:4e:27:88:61:45:ba:9f:
                    2f:3d:c4:30:93:72:e6:05:e4:62:7e:b4:e7:42:40:
                    d4:9b:95:07:00:cc:2c:96:14:b4:30:69:51:e2:a1:
                    f3:95:fa:cc:cd:ce:fa:fb:ec:d7:75:d3:61:54:bd:
                    81:26:a0:09:37:ba:eb:27:c3:a3:be:16:e3:d0:54:
                    ed:1f:dd:cb:a8:10:67:ea:a7:5e:8e:b1:a7:7f:36:
                    79:00:c0:3b:d0:73:3c:2e:35:0d:46:c7:6e:dd:b1:
                    b6:c0:7e:0f:3b:6f:48:85:90:77:f2:29:8e:57:82:
                    f1:5e:ba:cb:b9:f1:e7:7a:c1:e0:33:58:91:72:d9:
                    4d:95:9e:98:d7:84:ea:00:3d:12:5e:bf:cd:3b:ae:
                    e9:47:03:04:4e:f7:a1:91:4d:c2:3e:ce:c9:80:58:
                    03:0c:9e:ac:04:43:51:aa:b1:04:84:32:1e:5d:43:
                    b2:e8:9e:27:0b:c2:39:98:68:d5:9e:ef:e1:07:22:
                    63:cd:23:9b:e9:a3:19:9e:f7:08:37:aa:99:f8:dd:
                    7f:b7:18:4c:0a:90:8e:f7:b9:f4:7d:44:51:b8:0f:
                    e1:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:DA:75:73:AF:74:9F:BB:BD:8A:30:56:FB:AA:02:4C:2E:91:0D:FC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0cf50ad6-9442-4597-8c89-e5beb52d50eb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f2a:c800::/37

    Signature Algorithm: sha256WithRSAEncryption
         a6:d9:87:cc:2a:6b:17:ae:a8:88:34:0a:68:33:80:b8:72:5d:
         5d:66:ae:60:1f:13:74:67:39:19:24:b4:14:e8:b4:19:63:70:
         f9:4e:93:05:c7:15:71:32:2f:21:1e:4e:27:f0:3b:78:31:70:
         ea:e1:65:36:bd:f7:cd:aa:9b:2e:fa:11:c3:16:34:2e:60:25:
         9a:f8:51:06:4b:ed:a7:ec:a7:9f:de:4c:87:13:a7:24:d7:89:
         aa:df:97:1b:49:ab:64:d5:ba:38:9f:3b:a2:84:04:5e:87:b7:
         f8:0e:5e:f8:92:aa:e7:54:39:5d:46:6d:28:2e:83:ec:c4:74:
         2c:f9:74:fe:f3:29:ea:de:53:0a:00:21:96:ca:ac:f7:9c:a4:
         af:b7:98:e8:50:20:88:50:a7:48:c2:73:b2:42:e8:39:8d:0a:
         c2:4c:f2:7f:61:c9:c0:5e:29:95:5b:80:d1:85:29:5c:bd:d2:
         dd:76:9f:9a:7b:5e:e5:f5:e4:7d:81:eb:76:24:67:6b:be:65:
         c5:ae:72:70:f1:40:fb:0e:7d:fa:50:f6:8b:2b:7c:80:a2:4e:
         6f:d0:be:0d:ff:ed:0f:6a:aa:17:60:b8:ea:37:06:fc:38:92:
         88:5c:4b:42:c3:64:79:9d:90:c6:fd:56:74:dc:5d:dc:84:03:
         be:a7:09:b0
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUX1nKJTlWVn+0rnwkXJNog+moobAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzEyMDAzMjA4WhcNMjUwODE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNTRiZjkxZmI0NjBmZDY1M2EzNzgzNDU3MjgzYWM3MWQ0
Y2JmMTc5MzAxYzhlYTkxNzdkOGEzZTFiMGQ5YTNiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDeEqzJLqxecZlsg7qi9vqb8rW4tH6j+MM3G0ruDog5Fz8/
rKq3TieIYUW6ny89xDCTcuYF5GJ+tOdCQNSblQcAzCyWFLQwaVHiofOV+szNzvr7
7Nd102FUvYEmoAk3uusnw6O+FuPQVO0f3cuoEGfqp16Osad/NnkAwDvQczwuNQ1G
x27dsbbAfg87b0iFkHfyKY5XgvFeusu58ed6weAzWJFy2U2VnpjXhOoAPRJev807
rulHAwRO96GRTcI+zsmAWAMMnqwEQ1GqsQSEMh5dQ7LonicLwjmYaNWe7+EHImPN
I5vpoxme9wg3qpn43X+3GEwKkI73ufR9RFG4D+ENAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUlNp1c690n7u9ijBW+6oCTC6RDfwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBjZjUwYWQ2LTk0NDItNDU5Ny04Yzg5LWU1YmViNTJkNTBlYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgMmAB8qyDANBgkqhkiG9w0BAQsFAAOCAQEAptmHzCprF66oiDQKaDOAuHJd
XWauYB8TdGc5GSS0FOi0GWNw+U6TBccVcTIvIR5OJ/A7eDFw6uFlNr33zaqbLvoR
wxY0LmAlmvhRBkvtp+ynn95MhxOnJNeJqt+XG0mrZNW6OJ87ooQEXoe3+A5e+JKq
51Q5XUZtKC6D7MR0LPl0/vMp6t5TCgAhlsqs95ykr7eY6FAgiFCnSMJzskLoOY0K
wkzyf2HJwF4plVuA0YUpXL3S3Xafmnte5fXkfYHrdiRna75lxa5ycPFA+w59+lD2
iyt8gKJOb9C+Df/tD2qqF2C46jcG/DiSiFxLQsNkeZ2Qxv1WdNxd3IQDvqcJsA==
-----END CERTIFICATE-----