Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/49d51f2f-fbb8-465d-b074-3851b97a4b9e.roa
File:                     49d51f2f-fbb8-465d-b074-3851b97a4b9e.roa (raw, json)
Hash identifier:          7a+c5O4dACeymAw2fPFKQaUgRvzZFnJUjmzz++xvsLQ=
Subject key identifier:   C3:3C:F3:01:1D:31:21:5E:CC:8B:BB:FF:DA:4F:40:1E:9B:8C:30:B9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       05D84EC2BC234CF7BBBFB61BE04D5B9A4AB89DC1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/49d51f2f-fbb8-465d-b074-3851b97a4b9e.roa
Signing time:             Mon 07 Jul 2025 18:02:10 +0000
ROA not before:           Mon 07 Jul 2025 18:02:10 +0000
ROA not after:            Mon 11 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f00:60a0::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 22 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:d8:4e:c2:bc:23:4c:f7:bb:bf:b6:1b:e0:4d:5b:9a:4a:b8:9d:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  7 18:02:10 2025 GMT
            Not After : Aug 11 23:59:59 2025 GMT
        Subject: serialNumber=4d71622fd9de3e29d21abf70c8e4854898897e3f229f1fffb9b5e4cd63605882, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:37:05:05:97:04:37:15:ea:7d:d2:45:03:6e:
                    c5:8d:43:69:38:02:d6:4d:ed:82:5b:0a:3d:bd:cb:
                    df:96:76:25:0c:dd:da:a9:b2:7b:1c:8d:f3:81:a7:
                    8c:0c:a5:ce:80:69:06:a5:06:4f:80:b8:20:61:aa:
                    c7:31:b2:8c:fc:1e:6f:9d:ec:dc:4a:46:5e:42:7f:
                    66:eb:8c:06:df:f5:a7:96:f0:cd:82:c7:13:a7:bd:
                    a0:e1:e8:42:a8:3d:01:06:92:35:24:c1:1b:51:0d:
                    82:0a:6e:d3:11:ff:cc:de:f7:0e:f5:6c:14:23:99:
                    8d:64:b6:83:43:60:c5:bb:bd:62:a7:7e:d8:e1:3f:
                    13:a1:6a:7d:0f:23:c5:26:dc:b0:4b:96:9d:82:10:
                    97:97:89:52:d2:59:1c:85:09:bf:e9:57:67:ec:c3:
                    2f:a7:b9:e4:49:30:05:d9:54:11:72:fb:f7:6d:53:
                    97:2d:33:f4:3b:65:10:6f:1d:17:97:f4:54:cd:8e:
                    1e:20:fd:b2:04:7d:0c:0b:cd:77:64:2c:62:6a:2e:
                    14:21:fa:1f:b1:90:ff:93:55:01:e4:23:79:90:4d:
                    9a:25:6b:f6:ff:9e:84:d6:ee:23:72:fc:83:18:d8:
                    42:ed:ca:cd:56:7a:33:49:94:80:43:a1:ac:4a:0a:
                    a6:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:3C:F3:01:1D:31:21:5E:CC:8B:BB:FF:DA:4F:40:1E:9B:8C:30:B9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/49d51f2f-fbb8-465d-b074-3851b97a4b9e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00:60a0::/48

    Signature Algorithm: sha256WithRSAEncryption
         91:1e:b0:3e:f7:03:68:e5:a8:11:c6:2a:33:e5:38:b8:dc:e4:
         13:ff:2b:75:fb:3a:b9:7b:a0:5e:57:c1:2d:e0:8b:da:c5:84:
         3c:06:03:44:d0:08:9b:2d:e8:c0:e6:43:53:ff:cb:11:9c:7c:
         21:44:32:da:60:23:15:ae:e3:d7:84:e2:02:40:01:51:23:4a:
         10:66:d7:7a:0e:8c:39:b6:e9:1c:aa:52:6b:12:59:ed:dd:62:
         c1:f2:28:d5:66:cd:ed:aa:dc:9f:5b:cc:33:85:38:34:41:f0:
         3e:ed:74:48:b9:43:8b:04:21:76:41:b3:0a:6f:30:e3:4d:57:
         de:78:30:05:74:f4:f0:eb:0e:28:7e:ed:85:57:33:0d:95:4a:
         d3:3e:86:ba:bc:df:77:63:0a:fa:5b:55:ba:75:87:da:81:8d:
         6f:43:60:7d:cd:1e:a5:5d:11:39:1c:46:5a:98:c6:c9:46:07:
         56:22:3f:bc:9e:c6:80:b9:a0:5e:98:54:dc:29:81:4d:21:80:
         1f:ae:df:0c:e3:f5:9b:19:0c:d3:96:b6:e8:c7:7a:bd:9a:63:
         f6:3f:d6:08:2c:8b:59:41:ea:77:f2:12:9c:f4:45:b0:13:cd:
         7e:b1:18:d5:09:d5:c7:51:3a:31:cb:d7:c7:a4:d0:97:11:04:
         e5:08:ee:3d
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUBdhOwrwjTPe7v7Yb4E1bmkq4ncEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA3MTgwMjEwWhcNMjUwODExMjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZDcxNjIyZmQ5ZGUzZTI5ZDIxYWJmNzBjOGU0ODU0ODk4
ODk3ZTNmMjI5ZjFmZmZiOWI1ZTRjZDYzNjA1ODgyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5NwUFlwQ3Fep90kUDbsWNQ2k4AtZN7YJbCj29y9+WdiUM
3dqpsnscjfOBp4wMpc6AaQalBk+AuCBhqscxsoz8Hm+d7NxKRl5Cf2brjAbf9aeW
8M2CxxOnvaDh6EKoPQEGkjUkwRtRDYIKbtMR/8ze9w71bBQjmY1ktoNDYMW7vWKn
ftjhPxOhan0PI8Um3LBLlp2CEJeXiVLSWRyFCb/pV2fswy+nueRJMAXZVBFy+/dt
U5ctM/Q7ZRBvHReX9FTNjh4g/bIEfQwLzXdkLGJqLhQh+h+xkP+TVQHkI3mQTZol
a/b/noTW7iNy/IMY2ELtys1WejNJlIBDoaxKCqb/AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUwzzzAR0xIV7Mi7v/2k9AHpuMMLkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ5ZDUxZjJmLWZiYjgtNDY1ZC1iMDc0LTM4NTFiOTdhNGI5ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB8AYKAwDQYJKoZIhvcNAQELBQADggEBAJEesD73A2jlqBHGKjPlOLjc
5BP/K3X7Orl7oF5XwS3gi9rFhDwGA0TQCJst6MDmQ1P/yxGcfCFEMtpgIxWu49eE
4gJAAVEjShBm13oOjDm26RyqUmsSWe3dYsHyKNVmze2q3J9bzDOFODRB8D7tdEi5
Q4sEIXZBswpvMONNV954MAV09PDrDih+7YVXMw2VStM+hrq833djCvpbVbp1h9qB
jW9DYH3NHqVdETkcRlqYxslGB1YiP7yexoC5oF6YVNwpgU0hgB+u3wzj9ZsZDNOW
tujHer2aY/Y/1ggsi1lB6nfyEpz0RbATzX6xGNUJ1cdROjHL18ek0JcRBOUI7j0=
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:13:09 2025 by rpki-client