Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/334d7931-2517-4a77-808a-686c04c88234.roa
File:                     334d7931-2517-4a77-808a-686c04c88234.roa (raw, json)
Hash identifier:          mY5/8ESus8IPSmnLWoJry4obgYkOBjg74ZSvr8q1Lfs=
Subject key identifier:   AB:C8:31:D7:EF:68:EC:86:C0:78:DE:02:65:84:18:29:7F:4C:1C:5F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       13F0C95582800A0151BD708D2D4BF5F5CD7DF72C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/334d7931-2517-4a77-808a-686c04c88234.roa
Signing time:             Fri 25 Jul 2025 00:10:17 +0000
ROA not before:           Fri 25 Jul 2025 00:10:17 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff5:c000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:f0:c9:55:82:80:0a:01:51:bd:70:8d:2d:4b:f5:f5:cd:7d:f7:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 25 00:10:17 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=450940ac1ef54e70f70c31851976fe6f64d4c6bb4be9f6cd06c311216ea16e22, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:a4:b5:d7:cf:4a:5d:73:88:5d:68:2e:cf:02:
                    e0:dd:5a:3c:13:7d:eb:1a:e0:60:18:35:e3:6b:55:
                    cc:39:fb:39:20:96:f1:4d:ae:f8:14:6c:40:ba:0e:
                    5c:d6:54:c9:d1:8b:07:1b:8f:38:eb:ea:c9:02:e6:
                    55:c5:63:58:f4:7e:f3:41:a7:b0:c5:c5:f4:08:26:
                    eb:90:65:a7:8a:9b:6f:fa:c3:65:89:eb:cb:88:d2:
                    f4:f7:7e:10:a2:fe:96:49:a4:2f:de:54:7f:e3:93:
                    00:4e:dc:61:08:4e:f5:5f:e2:4b:c1:b4:77:91:dd:
                    8e:42:d4:50:11:81:f8:9d:6a:31:6a:e6:6d:06:bf:
                    20:0f:bc:82:8d:60:39:b7:66:b3:0f:a1:2a:0c:9b:
                    31:6a:00:4a:ff:f2:c2:9c:72:aa:23:ab:de:c1:b0:
                    08:47:ea:98:2f:57:92:06:2a:a9:55:7e:c6:33:aa:
                    83:2f:69:1c:a2:9f:68:1d:94:03:ad:dd:35:1d:b4:
                    89:e1:e8:6b:68:1c:f1:61:47:8e:5e:7c:30:72:1e:
                    47:a8:db:6c:69:88:ac:27:88:c0:38:29:7c:5a:b0:
                    30:69:9c:73:1a:ef:21:fb:3e:1f:7a:0a:12:08:75:
                    d8:c6:3a:c7:41:d4:ee:17:e0:1b:39:a2:cb:16:fb:
                    ca:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:C8:31:D7:EF:68:EC:86:C0:78:DE:02:65:84:18:29:7F:4C:1C:5F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/334d7931-2517-4a77-808a-686c04c88234.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff5:c000::/40

    Signature Algorithm: sha256WithRSAEncryption
         76:4f:ec:33:aa:05:06:a9:7a:b2:16:9a:52:b3:fb:a6:11:c3:
         24:ab:75:3d:7c:45:c3:af:d1:a9:d2:d7:c9:ff:2c:19:7c:88:
         a2:af:1f:72:5d:5b:41:67:a1:e2:e4:39:4b:49:66:18:65:f1:
         4e:86:12:49:61:7e:5d:fd:da:5c:5b:b5:5b:15:96:da:9b:43:
         a7:9a:cd:51:51:25:3e:6a:e5:87:97:bf:5d:e6:59:c4:b7:e7:
         af:4d:a8:5b:db:18:f9:a2:16:91:fd:fa:d7:9f:1f:5e:7a:47:
         0d:99:64:c7:51:5a:1e:fc:03:d1:ff:83:a3:bc:f6:e5:28:27:
         c9:bb:29:4e:5d:f4:8b:45:66:f5:e5:fa:1f:9e:f9:ab:cb:8f:
         d1:52:e7:e8:d8:4a:e5:1b:9e:0f:21:c1:46:22:36:35:11:a7:
         c9:9d:1f:81:38:c0:6a:4b:9b:0c:d5:4e:ed:70:6a:66:22:16:
         f8:c8:76:e9:ff:60:e2:a3:fd:97:8c:49:f7:1f:4e:32:a0:61:
         91:1c:92:4f:42:43:3a:ca:ce:e2:78:04:1c:12:5d:80:a6:b3:
         00:cd:b8:9e:0e:c6:ff:20:95:3c:19:9b:f0:20:8f:1d:da:7f:
         c4:e7:f2:83:a6:de:82:9f:d7:d5:d9:82:44:5d:ba:7f:aa:14:
         0f:bd:91:34
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUE/DJVYKACgFRvXCNLUv19c199ywwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzI1MDAxMDE3WhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NTA5NDBhYzFlZjU0ZTcwZjcwYzMxODUxOTc2ZmU2ZjY0
ZDRjNmJiNGJlOWY2Y2QwNmMzMTEyMTZlYTE2ZTIyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQChpLXXz0pdc4hdaC7PAuDdWjwTfesa4GAYNeNrVcw5+zkg
lvFNrvgUbEC6DlzWVMnRiwcbjzjr6skC5lXFY1j0fvNBp7DFxfQIJuuQZaeKm2/6
w2WJ68uI0vT3fhCi/pZJpC/eVH/jkwBO3GEITvVf4kvBtHeR3Y5C1FARgfidajFq
5m0GvyAPvIKNYDm3ZrMPoSoMmzFqAEr/8sKccqojq97BsAhH6pgvV5IGKqlVfsYz
qoMvaRyin2gdlAOt3TUdtInh6GtoHPFhR45efDByHkeo22xpiKwniMA4KXxasDBp
nHMa7yH7Ph96ChIIddjGOsdB1O4X4Bs5ossW+8qJAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUq8gx1+9o7IbAeN4CZYQYKX9MHF8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMzNGQ3OTMxLTI1MTctNGE3Ny04MDhhLTY4NmMwNGM4ODIzNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/1wDANBgkqhkiG9w0BAQsFAAOCAQEAdk/sM6oFBql6shaaUrP7phHD
JKt1PXxFw6/RqdLXyf8sGXyIoq8fcl1bQWeh4uQ5S0lmGGXxToYSSWF+Xf3aXFu1
WxWW2ptDp5rNUVElPmrlh5e/XeZZxLfnr02oW9sY+aIWkf36158fXnpHDZlkx1Fa
HvwD0f+Do7z25SgnybspTl30i0Vm9eX6H575q8uP0VLn6NhK5RueDyHBRiI2NRGn
yZ0fgTjAakubDNVO7XBqZiIW+Mh26f9g4qP9l4xJ9x9OMqBhkRyST0JDOsrO4ngE
HBJdgKazAM24ng7G/yCVPBmb8CCPHdp/xOfyg6begp/X1dmCRF26f6oUD72RNA==
-----END CERTIFICATE-----
Generated at Sat Jul 26 01:53:45 2025 by rpki-client