Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3ce31dd6-63e9-43c4-84fd-4bfdad505bc1.roa
File:                     3ce31dd6-63e9-43c4-84fd-4bfdad505bc1.roa (raw, json)
Hash identifier:          gIwI/zaTu/frqBJ/zR+Es6yLgd58Nj09u6a1DjGqrcw=
Subject key identifier:   73:EA:39:47:EB:05:10:B6:32:F2:28:BD:48:41:89:60:21:8D:CA:CD
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       45386B99462073274875385B541D5606B0BEE7CE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3ce31dd6-63e9-43c4-84fd-4bfdad505bc1.roa
Signing time:             Sat 12 Jul 2025 00:21:03 +0000
ROA not before:           Sat 12 Jul 2025 00:21:03 +0000
ROA not after:            Sat 16 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f60::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:38:6b:99:46:20:73:27:48:75:38:5b:54:1d:56:06:b0:be:e7:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 12 00:21:03 2025 GMT
            Not After : Aug 16 23:59:59 2025 GMT
        Subject: serialNumber=10881aea2f971d8577de25f82f96b7aa6610309a3f9aa06b367f3f761940e7be, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:23:3e:ca:93:a1:34:b6:cb:f3:19:82:12:ad:
                    5e:a8:d1:ec:62:d5:40:1b:14:29:40:23:72:f3:80:
                    f4:bf:50:42:98:13:c1:7c:e2:5a:c4:a3:69:99:52:
                    5f:5d:6a:af:70:4d:74:c5:20:06:69:d6:ae:fb:85:
                    f6:e3:ca:52:3d:70:ef:45:e2:6b:08:7b:af:2f:f9:
                    91:ad:ff:56:f7:a0:93:74:67:d0:ea:15:2e:8f:a3:
                    23:ba:f9:1e:ca:f4:a9:ef:fc:37:e4:4f:a6:8b:f9:
                    77:dd:e5:24:70:3a:eb:21:2f:93:ff:6d:50:9a:2e:
                    73:bd:8f:8c:08:d3:25:48:fb:4e:06:f7:cb:d6:09:
                    3f:a0:f3:08:5a:55:91:11:d9:99:b9:6a:8b:fd:46:
                    ff:5b:ae:d9:4a:17:5c:1e:93:62:76:89:d0:df:89:
                    b5:fd:6e:c9:a7:53:51:ab:ab:84:d2:de:72:63:fc:
                    39:96:91:15:a2:1b:0e:fe:71:0d:6b:9d:20:b9:92:
                    0d:7b:4e:2b:0b:91:08:d3:82:14:b4:ce:7a:74:6d:
                    70:37:c9:1c:13:c3:a4:d2:38:3b:42:01:a3:b5:2d:
                    84:05:26:28:50:c9:74:a2:0a:93:6b:57:f7:ea:a2:
                    30:6d:10:7e:b3:83:14:10:9e:72:1e:95:ea:55:4f:
                    45:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:EA:39:47:EB:05:10:B6:32:F2:28:BD:48:41:89:60:21:8D:CA:CD
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3ce31dd6-63e9-43c4-84fd-4bfdad505bc1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f60::/32

    Signature Algorithm: sha256WithRSAEncryption
         57:32:a7:9b:0d:23:99:3e:75:d7:ce:42:a1:e0:e5:cb:4a:39:
         75:3e:bf:6c:01:74:a8:2f:dd:18:d9:89:9e:ec:19:03:31:15:
         05:60:af:24:cb:81:85:dc:f9:60:12:81:cb:4f:c3:93:97:fd:
         2d:d4:f0:de:45:ce:18:15:a8:96:82:5c:33:7a:b9:44:bb:5b:
         4f:92:0d:14:1f:4e:40:a7:7f:8d:4a:f1:b0:90:35:8d:b6:e8:
         51:05:09:5e:b2:72:63:a4:f4:61:cf:5f:a3:be:cc:13:92:32:
         4c:e9:26:3b:4d:e1:f6:b6:24:a8:20:b9:3f:18:b0:cf:34:14:
         56:ed:e5:c5:2b:55:2e:8f:cf:bf:a3:33:54:9c:cf:85:cf:71:
         cd:74:15:8a:43:77:09:30:7a:a2:ee:a2:12:2c:f7:46:08:a4:
         32:bd:61:d6:cc:0f:47:c6:5f:be:9a:71:b2:c1:d3:41:2e:95:
         47:1b:e4:45:0a:a2:c7:23:4c:93:24:84:8a:d4:36:14:62:6c:
         af:78:b7:96:e3:1a:da:38:6a:b0:9c:fc:71:76:19:52:ea:36:
         96:29:32:58:93:a2:04:44:cc:8b:df:58:28:c8:5e:43:89:b8:
         eb:ee:90:53:83:6a:39:4d:95:ff:3d:da:24:93:c7:74:9f:8a:
         93:4b:5c:1a
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIURThrmUYgcydIdThbVB1WBrC+584wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzEyMDAyMTAzWhcNMjUwODE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMDg4MWFlYTJmOTcxZDg1NzdkZTI1ZjgyZjk2YjdhYTY2
MTAzMDlhM2Y5YWEwNmIzNjdmM2Y3NjE5NDBlN2JlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClIz7Kk6E0tsvzGYISrV6o0exi1UAbFClAI3LzgPS/UEKY
E8F84lrEo2mZUl9daq9wTXTFIAZp1q77hfbjylI9cO9F4msIe68v+ZGt/1b3oJN0
Z9DqFS6PoyO6+R7K9Knv/DfkT6aL+Xfd5SRwOushL5P/bVCaLnO9j4wI0yVI+04G
98vWCT+g8whaVZER2Zm5aov9Rv9brtlKF1wek2J2idDfibX9bsmnU1Grq4TS3nJj
/DmWkRWiGw7+cQ1rnSC5kg17TisLkQjTghS0znp0bXA3yRwTw6TSODtCAaO1LYQF
JihQyXSiCpNrV/fqojBtEH6zgxQQnnIelepVT0VlAgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQUc+o5R+sFELYy8ii9SEGJYCGNys0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNjZTMxZGQ2LTYzZTktNDNjNC04NGZkLTRiZmRhZDUwNWJjMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAmAB9gMA0GCSqGSIb3DQEBCwUAA4IBAQBXMqebDSOZPnXXzkKh4OXLSjl1
Pr9sAXSoL90Y2Yme7BkDMRUFYK8ky4GF3PlgEoHLT8OTl/0t1PDeRc4YFaiWglwz
erlEu1tPkg0UH05Ap3+NSvGwkDWNtuhRBQlesnJjpPRhz1+jvswTkjJM6SY7TeH2
tiSoILk/GLDPNBRW7eXFK1Uuj8+/ozNUnM+Fz3HNdBWKQ3cJMHqi7qISLPdGCKQy
vWHWzA9Hxl++mnGywdNBLpVHG+RFCqLHI0yTJISK1DYUYmyveLeW4xraOGqwnPxx
dhlS6jaWKTJYk6IERMyL31goyF5Dibjr7pBTg2o5TZX/Pdokk8d0n4qTS1wa
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:17:02 2025 by rpki-client