Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/126efe78-9e9d-4572-92d2-fedc0e5c80fa.roa
File:                     126efe78-9e9d-4572-92d2-fedc0e5c80fa.roa (raw, json)
Hash identifier:          W5PbxW6vJ4d+SYXbQnZE05uNYDtCvOuTTLriUqcIoOk=
Subject key identifier:   4D:77:ED:CF:62:41:50:EF:76:DA:8D:EB:9B:80:D3:77:7D:F9:0C:35
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3B9AE244735A73D7759009D5BDC1B4CC9A2D6FC0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/126efe78-9e9d-4572-92d2-fedc0e5c80fa.roa
Signing time:             Mon 07 Jul 2025 17:32:01 +0000
ROA not before:           Mon 07 Jul 2025 17:32:01 +0000
ROA not after:            Mon 11 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f61:8060::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:9a:e2:44:73:5a:73:d7:75:90:09:d5:bd:c1:b4:cc:9a:2d:6f:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  7 17:32:01 2025 GMT
            Not After : Aug 11 23:59:59 2025 GMT
        Subject: serialNumber=e367938c1b4d91ac7c3ffacae9ba39c017532600f5a72240a12b8c938187552d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:80:f5:bb:e3:e3:35:b6:be:45:d3:3b:a0:f4:
                    0e:a0:81:17:5a:0f:0f:e1:54:d6:e1:37:f5:aa:0c:
                    b7:f9:55:93:34:cc:16:52:1c:01:4c:f6:ca:e0:a3:
                    cd:2d:cb:93:bf:90:b7:a9:a1:a4:68:6c:6f:e9:36:
                    99:83:85:22:ed:84:6f:57:0f:4f:77:41:fb:25:0c:
                    e9:13:b6:42:e1:b6:3b:8d:9f:07:e8:be:87:ee:7c:
                    f0:b6:af:0d:fb:9e:b0:e5:1f:b7:26:d2:4a:b2:01:
                    e8:1e:44:18:4e:eb:bd:e3:cd:13:06:e7:68:35:23:
                    d7:3b:91:f8:88:fa:f7:de:2c:d7:89:17:7b:59:d8:
                    c8:e5:1a:bd:29:36:82:d2:a3:cf:89:0f:ce:62:9a:
                    98:6e:c1:4b:3a:84:89:ab:52:ed:77:fe:db:bd:ad:
                    89:a1:d8:22:83:c9:bb:3e:8a:65:b4:6c:e2:e4:49:
                    eb:d0:17:2a:fc:77:ed:56:68:97:66:ec:fc:22:d2:
                    b9:49:fb:f0:2f:48:23:11:b6:5e:99:76:fd:e0:5d:
                    d0:c7:dd:0b:65:fa:ee:c3:9f:2b:a6:7f:9f:12:5c:
                    c4:63:ae:72:8b:88:13:a6:26:0b:fb:1e:24:d0:98:
                    57:35:30:17:94:37:fd:df:84:b2:40:b1:4d:a8:48:
                    5b:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:77:ED:CF:62:41:50:EF:76:DA:8D:EB:9B:80:D3:77:7D:F9:0C:35
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/126efe78-9e9d-4572-92d2-fedc0e5c80fa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f61:8060::/48

    Signature Algorithm: sha256WithRSAEncryption
         1f:df:bb:fb:0f:e3:7a:a9:20:b0:85:f6:2d:e2:47:86:38:61:
         69:b3:e7:5f:09:8a:da:34:db:6b:c4:84:ab:5f:00:26:e7:47:
         a3:ae:2e:25:df:91:c2:00:f1:e9:76:f3:d7:89:74:0a:d2:15:
         a1:58:eb:52:f8:e3:1b:17:b0:4f:f5:27:88:0e:62:59:1d:ab:
         1d:3a:cc:c6:36:be:b3:40:ed:fc:ca:98:44:02:1b:56:b0:6b:
         38:da:e8:ca:94:c9:80:a2:7c:3a:de:29:3a:0a:ac:e6:c9:f3:
         3f:db:e2:d7:b9:be:9c:46:43:c5:ff:3d:4e:65:fe:00:ca:f6:
         03:75:2f:6b:24:76:7f:fe:54:14:0e:55:8c:08:46:99:77:ed:
         b2:d4:cb:d5:10:4f:7d:6f:47:4a:93:48:a6:c7:96:33:0c:0b:
         72:75:22:2c:c2:25:0c:9e:34:3f:06:67:b8:89:ab:33:8c:ba:
         65:23:0e:13:4d:ab:39:b4:59:f8:4a:38:1f:13:f5:46:82:67:
         66:78:bd:8a:91:93:ab:09:ed:e6:67:df:08:6c:4f:ad:89:68:
         1f:ad:19:b3:62:3a:db:58:3d:9f:fb:45:29:d0:6b:eb:ae:35:
         44:cb:8a:b3:f8:62:ae:4d:49:9c:fb:5b:9a:65:4b:5e:84:7d:
         b4:58:64:aa
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUO5riRHNac9d1kAnVvcG0zJotb8AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA3MTczMjAxWhcNMjUwODExMjM1OTU5
WjB6MUkwRwYDVQQFE0BlMzY3OTM4YzFiNGQ5MWFjN2MzZmZhY2FlOWJhMzljMDE3
NTMyNjAwZjVhNzIyNDBhMTJiOGM5MzgxODc1NTJkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDVgPW74+M1tr5F0zug9A6ggRdaDw/hVNbhN/WqDLf5VZM0
zBZSHAFM9srgo80ty5O/kLepoaRobG/pNpmDhSLthG9XD093QfslDOkTtkLhtjuN
nwfovofufPC2rw37nrDlH7cm0kqyAegeRBhO673jzRMG52g1I9c7kfiI+vfeLNeJ
F3tZ2MjlGr0pNoLSo8+JD85imphuwUs6hImrUu13/tu9rYmh2CKDybs+imW0bOLk
SevQFyr8d+1WaJdm7Pwi0rlJ+/AvSCMRtl6Zdv3gXdDH3Qtl+u7Dnyumf58SXMRj
rnKLiBOmJgv7HiTQmFc1MBeUN/3fhLJAsU2oSFtbAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUTXftz2JBUO922o3rm4DTd335DDUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzEyNmVmZTc4LTllOWQtNDU3Mi05MmQyLWZlZGMwZTVjODBmYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB9hgGAwDQYJKoZIhvcNAQELBQADggEBAB/fu/sP43qpILCF9i3iR4Y4
YWmz518Jito022vEhKtfACbnR6OuLiXfkcIA8el289eJdArSFaFY61L44xsXsE/1
J4gOYlkdqx06zMY2vrNA7fzKmEQCG1awazja6MqUyYCifDreKToKrObJ8z/b4te5
vpxGQ8X/PU5l/gDK9gN1L2skdn/+VBQOVYwIRpl37bLUy9UQT31vR0qTSKbHljMM
C3J1IizCJQyeND8GZ7iJqzOMumUjDhNNqzm0WfhKOB8T9UaCZ2Z4vYqRk6sJ7eZn
3whsT62JaB+tGbNiOttYPZ/7RSnQa+uuNUTLirP4Yq5NSZz7W5plS16EfbRYZKo=
-----END CERTIFICATE-----
Generated at Tue Jul 22 12:01:16 2025 by rpki-client