Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/11f7b2bd-b866-4941-8b5b-ff2f70861881.roa
File:                     11f7b2bd-b866-4941-8b5b-ff2f70861881.roa (raw, json)
Hash identifier:          pnPI36fkWnGbb/QhT1XRYjpj9phf189zODeLuy+QIIQ=
Subject key identifier:   51:73:83:3C:68:48:22:DC:2E:C8:79:33:E8:54:45:5A:5C:65:47:B7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       160C3FAEF8DC56F106BBD8DDCDC0D7B45A89AEC7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/11f7b2bd-b866-4941-8b5b-ff2f70861881.roa
Signing time:             Wed 23 Jul 2025 00:31:11 +0000
ROA not before:           Wed 23 Jul 2025 00:31:11 +0000
ROA not after:            Wed 27 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f00:8000::/39 maxlen: 39
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:0c:3f:ae:f8:dc:56:f1:06:bb:d8:dd:cd:c0:d7:b4:5a:89:ae:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 23 00:31:11 2025 GMT
            Not After : Aug 27 23:59:59 2025 GMT
        Subject: serialNumber=1e79d3b33458d00a337d0f57139587d224ae80041e57757d43d41b56d461cf1a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:4a:8e:d4:e9:d8:a3:63:fc:83:95:9f:8f:c1:
                    6d:ac:50:45:a5:ab:1d:05:ec:58:5f:f8:5a:ab:b7:
                    6b:5e:c9:5b:f1:42:b9:a1:71:3b:10:14:e0:60:b5:
                    3f:37:f5:30:8f:fd:13:c1:42:0d:9a:fa:22:fe:16:
                    1d:a2:9c:97:7c:26:da:6e:bb:a2:85:e2:75:d4:a2:
                    02:27:12:d1:3d:48:de:57:d7:e6:45:d5:ad:93:d7:
                    40:2b:f9:c7:04:ff:9f:ae:89:ef:05:70:db:34:50:
                    20:92:e5:e0:b0:71:09:9f:2a:6e:c3:79:40:ea:e9:
                    91:2f:b8:dc:fd:92:de:7a:e0:4b:a5:a2:b0:cb:b0:
                    d4:c3:bd:c3:e2:94:1d:d0:5c:bb:c6:eb:f7:d9:44:
                    71:a2:84:82:2b:22:d0:20:e0:05:cd:84:5d:49:ba:
                    44:4f:c4:55:88:1b:bc:d9:7d:2c:69:1a:20:a8:99:
                    bf:51:bc:03:c1:b7:81:01:d4:2e:55:eb:8b:ba:78:
                    2d:c2:05:fd:ff:53:03:32:9e:96:36:29:6d:62:af:
                    27:b7:2e:38:8b:7d:63:60:62:7d:16:0b:55:a3:66:
                    11:c9:61:1b:3b:5d:1b:26:e7:4b:ce:e8:1b:86:bd:
                    6c:16:d1:8b:38:52:95:71:b6:c8:54:1c:01:0c:b5:
                    3e:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:73:83:3C:68:48:22:DC:2E:C8:79:33:E8:54:45:5A:5C:65:47:B7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/11f7b2bd-b866-4941-8b5b-ff2f70861881.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         43:66:4e:e3:25:84:12:c3:23:12:9d:99:23:07:b1:fd:33:e0:
         e5:b4:6f:e9:01:91:02:83:c2:90:57:e2:41:49:ec:50:02:b2:
         81:c2:1e:ab:55:23:e8:03:7b:f2:3e:ac:63:00:e7:de:7c:61:
         e8:0f:54:5a:b4:be:4d:e2:62:f4:96:8b:a0:70:3b:47:9f:da:
         1a:35:d4:00:f2:97:a5:cd:4b:6f:a8:8e:1b:a3:3f:f9:1d:47:
         61:c3:b8:76:69:19:53:bb:c5:e2:95:6b:32:62:e8:f8:58:e0:
         5b:06:30:02:83:27:46:30:c7:ed:19:74:4c:95:ca:68:e7:8c:
         d0:86:1c:a0:24:98:fb:09:bd:1c:6d:d8:94:1c:7e:06:5e:56:
         d3:40:68:65:bc:7d:41:72:b2:fb:55:44:95:5a:65:49:be:f3:
         c4:7b:29:7f:dc:9f:8d:7c:90:51:28:08:8e:d9:5a:ec:79:cc:
         a0:2c:2b:a4:2d:b8:1b:d2:75:86:97:80:5d:68:2a:fe:cd:6f:
         d5:52:32:21:34:d9:6a:51:94:bd:f0:d1:69:b8:28:97:3f:4f:
         d0:3e:38:77:2a:db:f2:27:43:96:b1:e1:4b:b0:ce:4e:fb:e9:
         c0:2b:67:ea:ac:c7:94:13:eb:fb:c8:ba:c2:b5:94:4b:bf:7e:
         fb:b3:67:43
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUFgw/rvjcVvEGu9jdzcDXtFqJrscwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIzMDAzMTExWhcNMjUwODI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxZTc5ZDNiMzM0NThkMDBhMzM3ZDBmNTcxMzk1ODdkMjI0
YWU4MDA0MWU1Nzc1N2Q0M2Q0MWI1NmQ0NjFjZjFhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDASo7U6dijY/yDlZ+PwW2sUEWlqx0F7Fhf+Fqrt2teyVvx
QrmhcTsQFOBgtT839TCP/RPBQg2a+iL+Fh2inJd8Jtpuu6KF4nXUogInEtE9SN5X
1+ZF1a2T10Ar+ccE/5+uie8FcNs0UCCS5eCwcQmfKm7DeUDq6ZEvuNz9kt564Eul
orDLsNTDvcPilB3QXLvG6/fZRHGihIIrItAg4AXNhF1JukRPxFWIG7zZfSxpGiCo
mb9RvAPBt4EB1C5V64u6eC3CBf3/UwMynpY2KW1irye3LjiLfWNgYn0WC1WjZhHJ
YRs7XRsm50vO6BuGvWwW0Ys4UpVxtshUHAEMtT4RAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUUXODPGhIItwuyHkz6FRFWlxlR7cwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzExZjdiMmJkLWI4NjYtNDk0MS04YjViLWZmMmY3MDg2MTg4MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB8AgDANBgkqhkiG9w0BAQsFAAOCAQEAQ2ZO4yWEEsMjEp2ZIwex/TPg
5bRv6QGRAoPCkFfiQUnsUAKygcIeq1Uj6AN78j6sYwDn3nxh6A9UWrS+TeJi9JaL
oHA7R5/aGjXUAPKXpc1Lb6iOG6M/+R1HYcO4dmkZU7vF4pVrMmLo+FjgWwYwAoMn
RjDH7Rl0TJXKaOeM0IYcoCSY+wm9HG3YlBx+Bl5W00BoZbx9QXKy+1VElVplSb7z
xHspf9yfjXyQUSgIjtla7HnMoCwrpC24G9J1hpeAXWgq/s1v1VIyITTZalGUvfDR
abgolz9P0D44dyrb8idDlrHhS7DOTvvpwCtn6qzHlBPr+8i6wrWUS79++7NnQw==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:08:48 2025 by rpki-client