Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1fbc2657-4f39-44e6-9df2-4b8132378814.roa
File:                     1fbc2657-4f39-44e6-9df2-4b8132378814.roa (raw, json)
Hash identifier:          ZzhOGWESsfSBzzBhwemMCBqpbDiXDwWvYDeMxEc9Ktg=
Subject key identifier:   E7:40:DA:1B:42:8C:D8:F4:35:44:0A:4A:76:44:AC:E2:35:35:A9:4A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       09BD04E131727286005F6B2A7C2536CB5EE0A9F4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1fbc2657-4f39-44e6-9df2-4b8132378814.roa
Signing time:             Tue 08 Jul 2025 16:32:06 +0000
ROA not before:           Tue 08 Jul 2025 16:32:06 +0000
ROA not after:            Tue 12 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f32:a400::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:bd:04:e1:31:72:72:86:00:5f:6b:2a:7c:25:36:cb:5e:e0:a9:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  8 16:32:06 2025 GMT
            Not After : Aug 12 23:59:59 2025 GMT
        Subject: serialNumber=a05ca8a0fbda188927fce2947320a340f44676d081ce210cc3c09c82fcd38e3c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:1e:29:8c:9d:a0:b9:28:20:89:4a:5f:91:01:
                    c2:10:93:06:2e:22:5c:ce:e9:ff:eb:54:1a:22:e9:
                    90:91:af:4c:eb:e5:fd:48:29:2a:01:66:d8:78:f2:
                    87:b9:ab:31:a4:85:fd:d7:6c:11:2d:86:98:94:0b:
                    d2:d0:b1:03:84:d3:1a:a0:0d:1c:6e:6b:85:c8:3a:
                    71:5e:a5:48:35:82:c0:90:89:4b:e8:c8:ad:8f:56:
                    b5:c8:4f:03:31:c1:ab:c6:85:d8:18:52:d1:7f:1b:
                    82:e3:77:5b:95:0e:8b:bc:ee:31:63:0e:a8:e4:c4:
                    6f:ce:97:9a:5c:58:00:c7:b0:6b:2a:92:3d:97:e8:
                    fd:7e:42:e1:33:93:99:3e:2f:64:36:11:df:0e:dd:
                    99:aa:2c:24:d3:17:ea:f6:94:e3:20:9a:f1:d6:93:
                    5c:fe:63:dd:94:e5:b0:c2:13:fa:2c:d3:94:a7:56:
                    a2:8a:fc:48:4f:2e:e9:9e:23:89:41:19:52:b6:bf:
                    a7:40:18:c9:17:11:05:3c:2c:07:e1:c2:f0:f4:41:
                    d7:fb:f0:eb:80:32:50:6f:08:a1:91:b2:1a:3f:3a:
                    8e:b2:25:c5:8f:16:7f:9f:c2:cd:d1:9a:ea:59:2e:
                    54:bb:b9:42:11:08:bc:c2:52:c5:63:9c:84:f0:e3:
                    27:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:40:DA:1B:42:8C:D8:F4:35:44:0A:4A:76:44:AC:E2:35:35:A9:4A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1fbc2657-4f39-44e6-9df2-4b8132378814.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f32:a400::/40

    Signature Algorithm: sha256WithRSAEncryption
         a8:03:a3:c2:05:d1:55:07:37:e3:f4:e1:4c:73:5a:20:38:c3:
         9e:bd:15:40:56:41:1a:46:59:14:69:b5:47:0f:00:48:24:e2:
         2b:2f:69:00:6a:28:4d:d9:42:a7:b8:6b:90:d8:8f:e0:9c:0f:
         71:b8:93:4d:79:78:3c:93:2e:2b:5e:cf:d3:5f:90:37:06:b2:
         e7:bd:19:42:30:7e:ef:2f:0a:30:8e:6f:3c:91:11:5f:ba:f5:
         43:70:4a:75:f1:75:f0:57:6e:f3:da:9b:b4:ad:96:6e:7b:ab:
         b2:b6:4b:27:7a:3d:1d:cd:91:b1:2f:5b:3a:23:e3:16:fb:47:
         c1:06:ce:77:b5:17:f8:2f:c6:67:ad:d8:07:22:68:aa:82:56:
         ab:ca:c4:3e:4b:33:17:17:e6:c3:e4:55:16:5c:86:da:04:b8:
         c3:92:1e:2a:f9:6a:cf:e3:3f:6a:13:db:a9:64:22:d9:cd:09:
         ab:d4:c5:ca:43:b6:33:c1:4e:7b:46:b0:f7:7e:3e:64:ee:cf:
         04:94:1a:f0:18:d2:35:ea:25:a1:f6:03:10:70:2e:2a:44:3e:
         9c:6a:ce:1c:94:d4:4c:45:87:64:54:1c:36:aa:eb:08:6a:79:
         ca:d1:bd:2a:de:a1:e3:5a:a0:82:7d:10:0f:77:9f:aa:46:3f:
         a9:36:61:10
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUCb0E4TFycoYAX2sqfCU2y17gqfQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA4MTYzMjA2WhcNMjUwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhMDVjYThhMGZiZGExODg5MjdmY2UyOTQ3MzIwYTM0MGY0
NDY3NmQwODFjZTIxMGNjM2MwOWM4MmZjZDM4ZTNjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7HimMnaC5KCCJSl+RAcIQkwYuIlzO6f/rVBoi6ZCRr0zr
5f1IKSoBZth48oe5qzGkhf3XbBEthpiUC9LQsQOE0xqgDRxua4XIOnFepUg1gsCQ
iUvoyK2PVrXITwMxwavGhdgYUtF/G4Ljd1uVDou87jFjDqjkxG/Ol5pcWADHsGsq
kj2X6P1+QuEzk5k+L2Q2Ed8O3ZmqLCTTF+r2lOMgmvHWk1z+Y92U5bDCE/os05Sn
VqKK/EhPLumeI4lBGVK2v6dAGMkXEQU8LAfhwvD0Qdf78OuAMlBvCKGRsho/Oo6y
JcWPFn+fws3RmupZLlS7uUIRCLzCUsVjnITw4yfTAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU50DaG0KM2PQ1RApKdkSs4jU1qUowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFmYmMyNjU3LTRmMzktNDRlNi05ZGYyLTRiODEzMjM3ODgxNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB8ypDANBgkqhkiG9w0BAQsFAAOCAQEAqAOjwgXRVQc34/ThTHNaIDjD
nr0VQFZBGkZZFGm1Rw8ASCTiKy9pAGooTdlCp7hrkNiP4JwPcbiTTXl4PJMuK17P
01+QNway570ZQjB+7y8KMI5vPJERX7r1Q3BKdfF18Fdu89qbtK2WbnursrZLJ3o9
Hc2RsS9bOiPjFvtHwQbOd7UX+C/GZ63YByJoqoJWq8rEPkszFxfmw+RVFlyG2gS4
w5IeKvlqz+M/ahPbqWQi2c0Jq9TFykO2M8FOe0aw934+ZO7PBJQa8BjSNeolofYD
EHAuKkQ+nGrOHJTUTEWHZFQcNqrrCGp5ytG9Kt6h41qggn0QD3efqkY/qTZhEA==
-----END CERTIFICATE-----
Generated at Wed Jul 23 08:13:22 2025 by rpki-client