Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5e77afe0-ddc1-4f2b-9478-c081cd335706.roa
File:                     5e77afe0-ddc1-4f2b-9478-c081cd335706.roa (raw, json)
Hash identifier:          WEyRX15XAyyX9ee5tK1rGVzgVokokB52aAMqpcixX3c=
Subject key identifier:   01:96:10:BE:99:DF:E0:3F:8D:D3:89:9B:0A:24:74:3F:C8:E7:7D:5E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6B5282228B7CC5592B3687404DF8ACAF02253A29
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5e77afe0-ddc1-4f2b-9478-c081cd335706.roa
Signing time:             Tue 08 Jul 2025 15:41:10 +0000
ROA not before:           Tue 08 Jul 2025 15:41:10 +0000
ROA not after:            Tue 12 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fff:60a0::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:52:82:22:8b:7c:c5:59:2b:36:87:40:4d:f8:ac:af:02:25:3a:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  8 15:41:10 2025 GMT
            Not After : Aug 12 23:59:59 2025 GMT
        Subject: serialNumber=2e268ee026e1e4b35ff038ea2e2667f82184f532c4a29fd52be2890feb734713, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:bd:fd:5f:8a:b9:19:45:2b:c0:15:bc:e9:e5:
                    4a:33:23:c3:21:7a:49:b3:35:b9:da:b4:f6:e7:73:
                    6e:23:7d:73:78:b8:0f:0d:11:f4:f6:31:a0:a5:bf:
                    81:70:bb:e5:fa:ee:91:96:cb:c0:c8:4b:c1:2e:70:
                    47:5f:7e:0c:38:4c:2e:09:01:de:30:e8:c8:e2:b6:
                    9a:71:16:08:ca:62:0d:c3:af:3e:03:45:0c:6a:c9:
                    89:81:21:c7:81:4d:12:68:00:33:43:95:6f:62:85:
                    55:36:fa:e4:92:41:7c:d0:ae:ad:fd:9e:92:85:e3:
                    f8:65:b6:70:68:a6:95:58:f2:18:aa:cf:e8:14:b0:
                    4d:a9:25:06:81:36:b2:39:34:a8:dd:7f:12:eb:b8:
                    46:aa:6b:ba:b7:2a:9d:db:38:f3:b0:80:b2:80:e3:
                    81:14:36:cf:83:21:62:47:51:1d:c2:70:9e:9d:30:
                    9b:4b:d1:3c:eb:d5:2b:24:e0:db:47:ad:f9:51:17:
                    d3:03:36:5e:f7:45:c1:3c:f9:85:04:6f:0a:5b:fb:
                    b5:3c:c3:50:9b:35:62:e7:17:a2:e6:65:4d:db:b4:
                    6c:f8:49:6e:fd:76:41:24:bc:55:1e:31:c3:61:f7:
                    92:cd:c1:21:50:dc:ac:0c:02:6c:a5:6d:d1:54:ad:
                    27:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:96:10:BE:99:DF:E0:3F:8D:D3:89:9B:0A:24:74:3F:C8:E7:7D:5E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5e77afe0-ddc1-4f2b-9478-c081cd335706.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fff:60a0::/48

    Signature Algorithm: sha256WithRSAEncryption
         62:b4:a4:e2:08:4a:e0:11:f5:cf:d4:36:a6:80:4a:81:f7:95:
         d4:39:b8:ce:e3:38:4a:a2:89:c0:f3:24:6a:43:3d:53:aa:ad:
         42:4e:ac:d5:b9:2c:21:88:6a:e6:e2:53:dc:a9:56:5a:9d:05:
         a0:c0:7c:a9:cb:ca:7b:16:b2:36:e9:fa:8c:1e:8d:b4:dd:fc:
         28:24:46:8a:d1:8a:bb:85:9c:c9:d8:fb:87:ce:21:e2:33:9a:
         6f:46:7d:ce:cc:0c:53:95:87:b2:04:a5:8f:62:20:86:ee:57:
         f3:27:c0:61:38:82:18:c8:2e:6b:66:bd:8e:3a:07:bd:49:f3:
         5e:8a:c2:73:75:1d:89:05:52:9f:7c:dc:1b:7c:3e:18:84:9e:
         4f:87:93:b4:3d:d8:ea:c5:6c:7e:c4:5d:d4:c0:16:b1:ae:bb:
         1a:b8:7e:83:cc:f0:0d:e1:b5:5f:7c:f7:da:e4:1b:74:de:4c:
         62:22:88:15:dd:52:77:29:be:5f:14:86:b8:33:8b:a6:9e:22:
         1d:7b:52:2b:ea:9f:7a:ce:09:4f:51:4a:f4:8b:ab:ba:72:dd:
         70:ea:65:eb:44:fd:91:c2:59:c1:47:c8:ea:d7:7d:e0:0b:0c:
         10:1d:a5:ab:b8:a8:7f:59:ae:0e:b4:d2:9f:a5:b9:6b:e9:6d:
         2a:04:aa:3a
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUa1KCIot8xVkrNodATfisrwIlOikwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA4MTU0MTEwWhcNMjUwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AyZTI2OGVlMDI2ZTFlNGIzNWZmMDM4ZWEyZTI2NjdmODIx
ODRmNTMyYzRhMjlmZDUyYmUyODkwZmViNzM0NzEzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8vf1firkZRSvAFbzp5UozI8MhekmzNbnatPbnc24jfXN4
uA8NEfT2MaClv4Fwu+X67pGWy8DIS8EucEdffgw4TC4JAd4w6MjitppxFgjKYg3D
rz4DRQxqyYmBIceBTRJoADNDlW9ihVU2+uSSQXzQrq39npKF4/hltnBoppVY8hiq
z+gUsE2pJQaBNrI5NKjdfxLruEaqa7q3Kp3bOPOwgLKA44EUNs+DIWJHUR3CcJ6d
MJtL0Tzr1Ssk4NtHrflRF9MDNl73RcE8+YUEbwpb+7U8w1CbNWLnF6LmZU3btGz4
SW79dkEkvFUeMcNh95LNwSFQ3KwMAmylbdFUrSc/AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUAZYQvpnf4D+N04mbCiR0P8jnfV4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVlNzdhZmUwLWRkYzEtNGYyYi05NDc4LWMwODFjZDMzNTcwNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB//YKAwDQYJKoZIhvcNAQELBQADggEBAGK0pOIISuAR9c/UNqaASoH3
ldQ5uM7jOEqiicDzJGpDPVOqrUJOrNW5LCGIaubiU9ypVlqdBaDAfKnLynsWsjbp
+owejbTd/CgkRorRiruFnMnY+4fOIeIzmm9Gfc7MDFOVh7IEpY9iIIbuV/MnwGE4
ghjILmtmvY46B71J816KwnN1HYkFUp983Bt8PhiEnk+Hk7Q92OrFbH7EXdTAFrGu
uxq4foPM8A3htV9899rkG3TeTGIiiBXdUncpvl8Uhrgzi6aeIh17Uivqn3rOCU9R
SvSLq7py3XDqZetE/ZHCWcFHyOrXfeALDBAdpau4qH9Zrg600p+luWvpbSoEqjo=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:12:56 2025 by rpki-client