Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/12ca119f-0b23-4ab3-beb8-09a790867548.roa
File:                     12ca119f-0b23-4ab3-beb8-09a790867548.roa (raw, json)
Hash identifier:          H3e+K8qi/JKVIbOANZFeOQ0FxKS5C4AgzepAplrJL9g=
Subject key identifier:   61:53:C5:B1:BB:87:58:8F:DC:19:ED:6D:5E:A7:53:C0:0C:EB:2E:60
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3DE5E855064528035C20C165EDCF310A41F90E4E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/12ca119f-0b23-4ab3-beb8-09a790867548.roa
Signing time:             Mon 07 Jul 2025 17:40:12 +0000
ROA not before:           Mon 07 Jul 2025 17:40:12 +0000
ROA not after:            Mon 11 Aug 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1ff2:5080::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:e5:e8:55:06:45:28:03:5c:20:c1:65:ed:cf:31:0a:41:f9:0e:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  7 17:40:12 2025 GMT
            Not After : Aug 11 23:59:59 2025 GMT
        Subject: serialNumber=e70b9de38685d90ccfa19760df211958a6d8d1205559d57471a8df237a96a7d7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:ea:ff:82:72:e8:30:72:42:97:78:19:72:88:
                    84:56:bf:d2:47:42:ce:7e:8f:63:f6:9c:15:f0:e3:
                    36:48:fd:24:94:38:36:8c:00:b7:3f:86:0a:08:a2:
                    f7:d9:5f:8f:8d:ed:bf:c2:50:8a:c9:c2:8a:ce:cf:
                    64:b3:01:c2:1f:54:d1:a0:72:d4:ba:fd:2b:56:13:
                    e8:c5:a5:30:58:e6:0c:5c:12:2f:92:fe:d5:d6:df:
                    4f:1c:59:0a:c8:70:49:e3:db:56:14:11:6a:18:e0:
                    ea:53:8d:e0:f2:ee:64:c2:f7:71:bc:71:6f:62:e4:
                    1c:f6:7f:14:3c:d0:4a:1d:87:0a:af:d3:df:f9:c6:
                    25:12:f2:ea:68:08:3c:a9:d3:71:3e:2d:a7:2f:6c:
                    bb:d6:64:2c:70:88:29:d6:cd:1e:31:a7:a3:37:da:
                    5e:8e:31:7a:0a:3c:03:f9:e4:48:4d:50:45:d6:3c:
                    de:38:3c:eb:5f:a3:8a:7d:03:24:7c:b2:9b:b6:68:
                    8e:9e:33:15:f1:42:a5:58:30:59:e0:79:b9:1b:09:
                    82:97:29:42:d1:25:7f:d9:f5:59:a8:c6:e5:09:ac:
                    21:58:b4:d5:d3:45:8d:77:ce:00:f4:df:27:02:c0:
                    ca:05:6d:cc:cd:d4:d1:58:39:b2:6e:8b:41:71:1b:
                    3a:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:53:C5:B1:BB:87:58:8F:DC:19:ED:6D:5E:A7:53:C0:0C:EB:2E:60
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/12ca119f-0b23-4ab3-beb8-09a790867548.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff2:5080::/48

    Signature Algorithm: sha256WithRSAEncryption
         ce:da:92:bf:9f:77:17:65:91:11:57:88:ae:e6:cf:1d:92:d9:
         e8:78:65:14:5f:01:45:b7:4f:75:9d:cd:b0:0b:4b:ac:29:6c:
         6e:d3:b2:a1:9f:1b:f6:67:51:db:48:57:b6:c8:e9:cb:30:db:
         d1:92:2c:f0:89:40:03:ec:11:ef:6a:9f:51:a0:4b:ab:20:f5:
         09:8e:e9:1a:a9:e7:5b:47:d7:32:10:74:2d:aa:dc:3e:1f:c0:
         47:25:d1:d4:93:01:43:74:1f:0b:be:ab:fe:d6:04:2f:a4:a1:
         1b:62:5d:10:ff:3e:8c:10:9f:51:e2:88:8b:67:a6:ec:3e:2e:
         00:a1:0d:c8:53:64:b4:d0:7f:06:b6:c2:71:18:18:55:93:58:
         82:33:61:d0:0a:57:25:4d:f6:d6:81:e4:bf:cc:d3:ee:12:64:
         db:9e:6c:45:cc:cc:37:a3:3b:6b:b0:aa:61:d6:0a:a4:d1:84:
         25:d1:8f:82:bd:ff:05:43:27:05:f7:98:fb:cd:c7:19:a1:ea:
         55:03:34:a8:99:eb:4f:78:40:9e:45:50:9a:bc:d2:f2:51:7d:
         ab:46:01:41:e4:4e:56:fe:ff:d1:7f:41:39:72:3c:0c:e1:1e:
         37:34:89:9d:53:a9:37:ed:f3:19:a6:63:62:6d:8b:7b:0f:53:
         83:23:79:c3
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUPeXoVQZFKANcIMFl7c8xCkH5Dk4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA3MTc0MDEyWhcNMjUwODExMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNzBiOWRlMzg2ODVkOTBjY2ZhMTk3NjBkZjIxMTk1OGE2
ZDhkMTIwNTU1OWQ1NzQ3MWE4ZGYyMzdhOTZhN2Q3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCb6v+CcugwckKXeBlyiIRWv9JHQs5+j2P2nBXw4zZI/SSU
ODaMALc/hgoIovfZX4+N7b/CUIrJworOz2SzAcIfVNGgctS6/StWE+jFpTBY5gxc
Ei+S/tXW308cWQrIcEnj21YUEWoY4OpTjeDy7mTC93G8cW9i5Bz2fxQ80Eodhwqv
09/5xiUS8upoCDyp03E+LacvbLvWZCxwiCnWzR4xp6M32l6OMXoKPAP55EhNUEXW
PN44POtfo4p9AyR8spu2aI6eMxXxQqVYMFngebkbCYKXKULRJX/Z9VmoxuUJrCFY
tNXTRY13zgD03ycCwMoFbczN1NFYObJui0FxGzrdAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUYVPFsbuHWI/cGe1tXqdTwAzrLmAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzEyY2ExMTlmLTBiMjMtNGFiMy1iZWI4LTA5YTc5MDg2NzU0OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/yUIAwDQYJKoZIhvcNAQELBQADggEBAM7akr+fdxdlkRFXiK7mzx2S
2eh4ZRRfAUW3T3WdzbALS6wpbG7TsqGfG/ZnUdtIV7bI6csw29GSLPCJQAPsEe9q
n1GgS6sg9QmO6Rqp51tH1zIQdC2q3D4fwEcl0dSTAUN0Hwu+q/7WBC+koRtiXRD/
PowQn1HiiItnpuw+LgChDchTZLTQfwa2wnEYGFWTWIIzYdAKVyVN9taB5L/M0+4S
ZNuebEXMzDejO2uwqmHWCqTRhCXRj4K9/wVDJwX3mPvNxxmh6lUDNKiZ6094QJ5F
UJq80vJRfatGAUHkTlb+/9F/QTlyPAzhHjc0iZ1TqTft8xmmY2Jti3sPU4MjecM=
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:55:02 2025 by rpki-client