Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4a139d9b-2edc-4d9b-83ad-730bb081e4cc.roa
File:                     4a139d9b-2edc-4d9b-83ad-730bb081e4cc.roa (raw, json)
Hash identifier:          HnEz5bpS77G64FSmOf3Hxg5M6qFjpzqXYfAe2vLzW3k=
Subject key identifier:   75:70:5F:D1:ED:5C:3C:38:A6:9F:0B:CB:AD:8E:8C:D5:3C:A4:D4:8B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       407397C81CA676395A6C7FE27961461AFAEAB0CC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4a139d9b-2edc-4d9b-83ad-730bb081e4cc.roa
Signing time:             Mon 07 Jul 2025 17:31:05 +0000
ROA not before:           Mon 07 Jul 2025 17:31:05 +0000
ROA not after:            Mon 11 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ffd:8066::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 22 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:73:97:c8:1c:a6:76:39:5a:6c:7f:e2:79:61:46:1a:fa:ea:b0:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  7 17:31:05 2025 GMT
            Not After : Aug 11 23:59:59 2025 GMT
        Subject: serialNumber=618b328167c2678eea0d1bb7c050499c9b7f0213ffe66c01dcf71cce5c6e352f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:03:65:6f:c5:91:28:48:6c:0b:cd:01:51:74:
                    17:62:19:cf:39:28:11:ab:ba:54:e6:dc:13:d2:56:
                    18:45:b1:98:fd:98:ee:ad:0a:e5:6e:af:6b:8c:76:
                    cd:4d:6b:d1:60:c4:ae:b1:95:2c:4e:5e:29:7e:2e:
                    9b:6c:8e:44:fd:59:e9:d7:71:bc:a0:26:79:eb:25:
                    08:dc:d4:88:0c:f2:1a:5c:d8:e3:4a:67:88:c2:b9:
                    2d:51:e6:fa:d2:62:45:6f:c6:50:d8:f0:d9:84:0f:
                    db:24:81:2e:d3:82:b1:32:e7:67:82:6e:e4:2d:33:
                    be:f6:fd:87:fb:8f:40:17:d6:62:fc:ee:4f:71:42:
                    11:f6:2f:ba:ae:b7:d6:65:67:7c:5c:52:16:bf:63:
                    db:8f:53:d7:8b:71:70:21:a3:e7:26:5a:7d:10:24:
                    70:3c:e7:2f:a3:8c:1e:ee:87:d7:91:eb:ef:73:28:
                    4c:78:b3:55:1c:53:fb:90:05:2b:39:4e:b7:97:b5:
                    24:f1:1c:3f:23:1f:9e:6b:b8:5a:c5:d6:f9:c2:13:
                    e8:fd:2a:bd:7e:ea:a6:a2:f1:21:d5:7b:15:2d:48:
                    b9:42:9f:bc:d2:58:ff:7b:ef:4e:49:b5:86:f0:2f:
                    cd:3f:07:d1:65:fd:11:5a:98:fd:0c:0d:c2:bd:95:
                    33:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:70:5F:D1:ED:5C:3C:38:A6:9F:0B:CB:AD:8E:8C:D5:3C:A4:D4:8B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4a139d9b-2edc-4d9b-83ad-730bb081e4cc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffd:8066::/48

    Signature Algorithm: sha256WithRSAEncryption
         30:25:ce:e2:e4:a9:62:62:12:c0:5e:59:73:a5:3f:5c:b3:4f:
         a7:6e:e5:07:49:ce:27:ec:5f:88:4e:31:e3:bd:df:5b:44:4c:
         4c:1e:78:6a:de:e0:9e:17:8e:c2:4d:d8:91:df:5c:15:f6:f5:
         b2:3d:ee:cb:9e:5c:ee:52:2c:81:a5:ef:00:69:5e:aa:7a:df:
         db:3e:ad:23:96:2b:fe:5b:7d:5f:3d:df:6a:e7:06:0f:70:12:
         58:2e:72:79:9b:1d:ec:4e:bf:de:48:52:4a:85:e8:92:cd:94:
         e0:8d:f2:17:0c:88:f5:b8:27:56:da:89:cf:c4:7a:57:ea:a4:
         46:3b:a9:31:00:1a:13:cc:db:fa:4d:46:7d:b2:40:6f:8c:b4:
         52:c3:8f:31:b6:73:c6:c7:e3:3d:ac:1e:73:94:34:15:c5:4c:
         c0:f8:f5:0b:a1:63:23:3a:a0:eb:5c:fb:8c:bc:7c:ae:27:a8:
         d2:49:59:2d:00:ff:b1:b8:18:bd:e5:5f:28:ec:1d:3c:e2:69:
         c2:3c:a1:a9:7a:e9:be:a7:be:6a:f4:2b:b0:66:c8:15:35:cb:
         90:00:22:c5:04:53:7b:4c:66:c7:33:10:8e:28:29:ef:22:e4:
         af:1b:f1:35:98:06:ca:e7:ff:a2:60:0a:47:8d:6b:69:3e:f1:
         f2:19:c9:2d
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUQHOXyBymdjlabH/ieWFGGvrqsMwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA3MTczMTA1WhcNMjUwODExMjM1OTU5
WjB6MUkwRwYDVQQFE0A2MThiMzI4MTY3YzI2NzhlZWEwZDFiYjdjMDUwNDk5Yzli
N2YwMjEzZmZlNjZjMDFkY2Y3MWNjZTVjNmUzNTJmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXA2VvxZEoSGwLzQFRdBdiGc85KBGrulTm3BPSVhhFsZj9
mO6tCuVur2uMds1Na9FgxK6xlSxOXil+LptsjkT9WenXcbygJnnrJQjc1IgM8hpc
2ONKZ4jCuS1R5vrSYkVvxlDY8NmED9skgS7TgrEy52eCbuQtM772/Yf7j0AX1mL8
7k9xQhH2L7qut9ZlZ3xcUha/Y9uPU9eLcXAho+cmWn0QJHA85y+jjB7uh9eR6+9z
KEx4s1UcU/uQBSs5TreXtSTxHD8jH55ruFrF1vnCE+j9Kr1+6qai8SHVexUtSLlC
n7zSWP97705JtYbwL80/B9Fl/RFamP0MDcK9lTPBAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUdXBf0e1cPDimnwvLrY6M1Tyk1IswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRhMTM5ZDliLTJlZGMtNGQ5Yi04M2FkLTczMGJiMDgxZTRjYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/9gGYwDQYJKoZIhvcNAQELBQADggEBADAlzuLkqWJiEsBeWXOlP1yz
T6du5QdJzifsX4hOMeO931tETEweeGre4J4XjsJN2JHfXBX29bI97sueXO5SLIGl
7wBpXqp639s+rSOWK/5bfV8932rnBg9wElgucnmbHexOv95IUkqF6JLNlOCN8hcM
iPW4J1baic/EelfqpEY7qTEAGhPM2/pNRn2yQG+MtFLDjzG2c8bH4z2sHnOUNBXF
TMD49QuhYyM6oOtc+4y8fK4nqNJJWS0A/7G4GL3lXyjsHTziacI8oal66b6nvmr0
K7BmyBU1y5AAIsUEU3tMZsczEI4oKe8i5K8b8TWYBsrn/6JgCkeNa2k+8fIZyS0=
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:13:15 2025 by rpki-client