Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/62120907-8205-4b89-a6c6-7c624370b254.roa
File:                     62120907-8205-4b89-a6c6-7c624370b254.roa (raw, json)
Hash identifier:          u2b3dh8eHYyw3FB/EbWCxTJgVQcT5xez3lbVPnCrvtU=
Subject key identifier:   C9:51:79:28:97:FD:45:F0:60:79:24:04:5D:A6:A7:0D:62:12:7A:52
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       65E9BA13F1A416BB6FA2D5345F8C8FFF72F269A7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/62120907-8205-4b89-a6c6-7c624370b254.roa
Signing time:             Tue 08 Jul 2025 17:31:16 +0000
ROA not before:           Tue 08 Jul 2025 17:31:16 +0000
ROA not after:            Tue 12 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f13::/36 maxlen: 36
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:e9:ba:13:f1:a4:16:bb:6f:a2:d5:34:5f:8c:8f:ff:72:f2:69:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  8 17:31:16 2025 GMT
            Not After : Aug 12 23:59:59 2025 GMT
        Subject: serialNumber=201381147f22d0facdeb65636dd061478234d247bbe5bb597f131553d0861f79, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:8a:4b:4d:5a:44:e9:e0:99:01:38:b2:b6:05:
                    56:c3:81:97:b4:db:9f:6b:a0:44:6d:c5:79:a5:1c:
                    23:8b:30:ce:aa:c4:bb:9e:28:19:c0:ef:71:8b:f3:
                    4f:c7:a8:17:da:17:b2:03:7e:6b:68:b1:f1:d6:65:
                    49:7b:0b:53:a3:74:7a:3b:ea:f2:ef:ae:b6:dc:bd:
                    31:d6:bc:7b:75:e3:66:ae:79:b2:52:76:23:7f:42:
                    76:2b:2a:83:95:e8:f2:1e:df:f0:8f:0e:51:12:5d:
                    a4:cd:f7:5d:75:2c:81:ef:c9:9f:8c:75:bd:b8:3a:
                    a9:31:6a:05:fb:47:fb:e9:5e:55:3b:9e:ca:5a:2a:
                    fc:6e:e0:aa:a9:a7:23:67:c1:47:6a:83:b4:4a:16:
                    9b:ca:42:0f:c0:ea:12:a9:26:98:ea:13:0f:59:13:
                    ff:5b:57:09:bb:6e:17:a9:e7:c6:4d:c2:ac:45:49:
                    49:9e:4c:4f:21:1f:dd:50:0b:23:99:ef:3d:0f:04:
                    8c:96:44:d1:f2:d2:bf:a5:7e:26:45:72:f4:f1:70:
                    9b:f9:3f:cf:2c:00:5e:19:8f:8d:58:2b:07:68:ec:
                    d6:0a:68:e3:6b:18:10:61:65:fd:49:17:31:69:2d:
                    08:e7:c6:6b:08:fc:e9:50:cf:83:b7:00:e2:ae:3f:
                    82:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:51:79:28:97:FD:45:F0:60:79:24:04:5D:A6:A7:0D:62:12:7A:52
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/62120907-8205-4b89-a6c6-7c624370b254.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f13::/36

    Signature Algorithm: sha256WithRSAEncryption
         40:5e:d4:9a:37:31:21:f2:7d:5b:2b:66:03:84:fd:6a:48:8d:
         05:ac:09:a7:91:1a:db:48:c4:4f:b5:7c:c3:92:e2:c6:50:77:
         20:3f:83:07:9e:a3:bf:5d:a1:b8:fa:11:dd:81:bf:ad:d3:76:
         64:82:5b:61:63:c2:2a:63:5d:8a:a0:80:48:0a:d9:40:1f:a5:
         6f:10:60:cd:20:00:3d:26:7e:09:a6:16:fd:2f:8b:cd:69:e7:
         b7:41:99:b7:b7:19:06:6a:bc:4d:04:af:41:24:1d:d1:11:e4:
         ae:58:1d:83:6c:fe:05:1e:06:39:8d:35:50:ec:34:ad:42:59:
         89:b5:05:c2:cb:a4:00:f2:78:b5:7f:88:eb:12:af:31:50:6d:
         7d:66:b6:e5:d5:d2:c4:10:05:ef:ae:73:22:62:92:f2:12:30:
         d2:1f:d0:91:b8:41:d7:3f:06:17:6c:f3:5a:95:f2:b0:d8:98:
         17:9d:b9:13:17:d7:96:a1:45:6f:ea:d2:54:fc:fd:c2:fa:64:
         b8:df:25:0c:b3:cf:7a:1f:bc:69:81:92:33:87:eb:20:a3:76:
         ad:09:44:dd:9d:eb:4c:01:c3:00:70:19:4d:52:71:d9:44:bb:
         c6:d4:4b:54:20:5b:76:28:94:29:31:5b:06:fa:51:e0:e3:c0:
         7e:33:d6:81
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUZem6E/GkFrtvotU0X4yP/3LyaacwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA4MTczMTE2WhcNMjUwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMDEzODExNDdmMjJkMGZhY2RlYjY1NjM2ZGQwNjE0Nzgy
MzRkMjQ3YmJlNWJiNTk3ZjEzMTU1M2QwODYxZjc5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyiktNWkTp4JkBOLK2BVbDgZe0259roERtxXmlHCOLMM6q
xLueKBnA73GL80/HqBfaF7IDfmtosfHWZUl7C1OjdHo76vLvrrbcvTHWvHt142au
ebJSdiN/QnYrKoOV6PIe3/CPDlESXaTN9111LIHvyZ+Mdb24OqkxagX7R/vpXlU7
nspaKvxu4KqppyNnwUdqg7RKFpvKQg/A6hKpJpjqEw9ZE/9bVwm7bhep58ZNwqxF
SUmeTE8hH91QCyOZ7z0PBIyWRNHy0r+lfiZFcvTxcJv5P88sAF4Zj41YKwdo7NYK
aONrGBBhZf1JFzFpLQjnxmsI/OlQz4O3AOKuP4J/AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUyVF5KJf9RfBgeSQEXaanDWISelIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYyMTIwOTA3LTgyMDUtNGI4OS1hNmM2LTdjNjI0MzcwYjI1NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8TADANBgkqhkiG9w0BAQsFAAOCAQEAQF7UmjcxIfJ9WytmA4T9akiN
BawJp5Ea20jET7V8w5LixlB3ID+DB56jv12huPoR3YG/rdN2ZIJbYWPCKmNdiqCA
SArZQB+lbxBgzSAAPSZ+CaYW/S+LzWnnt0GZt7cZBmq8TQSvQSQd0RHkrlgdg2z+
BR4GOY01UOw0rUJZibUFwsukAPJ4tX+I6xKvMVBtfWa25dXSxBAF765zImKS8hIw
0h/QkbhB1z8GF2zzWpXysNiYF525ExfXlqFFb+rSVPz9wvpkuN8lDLPPeh+8aYGS
M4frIKN2rQlE3Z3rTAHDAHAZTVJx2US7xtRLVCBbdiiUKTFbBvpR4OPAfjPWgQ==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:18:20 2025 by rpki-client