Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65c7e436-50a0-4c45-a6d2-a899c8f5e790.roa
File:                     65c7e436-50a0-4c45-a6d2-a899c8f5e790.roa (raw, json)
Hash identifier:          YO29f2lOe4arztH1kDeQ6FZMpYFytpBipaq85OBWheE=
Subject key identifier:   FB:95:9F:26:D3:BD:4C:6A:B6:D9:FF:2B:C5:A8:C9:A7:78:C3:64:3B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4BFB759073E32B703191D083D94010CB39A8111D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65c7e436-50a0-4c45-a6d2-a899c8f5e790.roa
Signing time:             Mon 07 Jul 2025 17:50:15 +0000
ROA not before:           Mon 07 Jul 2025 17:50:15 +0000
ROA not after:            Mon 11 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1ffd:807b::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:fb:75:90:73:e3:2b:70:31:91:d0:83:d9:40:10:cb:39:a8:11:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  7 17:50:15 2025 GMT
            Not After : Aug 11 23:59:59 2025 GMT
        Subject: serialNumber=494b8fcaca648329cf84aebf30e589be90fd4552330d77d01dc419db1dad4368, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:2b:28:68:89:a6:d8:71:c0:84:77:2b:32:24:
                    c9:4f:f8:79:bc:f0:e2:50:08:64:bd:fa:71:f9:9a:
                    c7:30:e1:98:92:ba:bf:8a:f6:7e:0a:ad:a6:ce:27:
                    6f:31:39:43:86:2b:94:35:1c:fd:99:0b:19:0f:6e:
                    03:8c:a1:b3:8d:9a:58:24:af:76:3c:1e:76:bf:f3:
                    28:21:49:9f:f9:1d:b8:14:07:89:d3:f6:fb:4d:13:
                    f9:a7:35:57:bb:cf:ef:20:76:29:ec:2f:32:6b:c8:
                    6f:2b:0e:41:d5:c5:3a:62:d5:ff:35:85:ab:1c:52:
                    b3:dd:32:9b:62:80:29:20:36:fe:1c:8c:6b:7c:32:
                    74:94:24:92:28:c4:a9:f4:f4:69:46:98:62:42:52:
                    dc:ab:5b:40:ec:7d:c0:cb:d7:9d:47:e0:8f:dc:0c:
                    57:5d:16:d1:fc:c2:a5:3d:0f:f7:57:bb:5c:63:97:
                    2a:96:5c:4f:a4:cd:d3:22:91:68:2e:18:a9:58:04:
                    33:e5:49:a1:c2:94:47:3d:90:b0:3f:25:9e:84:78:
                    13:e5:ea:fa:9a:d2:fa:b9:89:e9:b0:da:0f:22:76:
                    62:3b:08:9f:98:b6:ea:ca:25:d6:01:a8:5e:d7:02:
                    3a:ec:b2:06:57:92:21:e6:83:dd:a6:71:ae:87:6a:
                    ea:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:95:9F:26:D3:BD:4C:6A:B6:D9:FF:2B:C5:A8:C9:A7:78:C3:64:3B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65c7e436-50a0-4c45-a6d2-a899c8f5e790.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffd:807b::/48

    Signature Algorithm: sha256WithRSAEncryption
         22:d7:21:f0:6b:f3:f3:22:0e:d9:0e:81:12:91:9d:48:25:ca:
         72:c1:03:26:1e:cf:87:6c:17:e9:f6:2f:08:92:84:44:e0:5e:
         df:05:1b:8a:8f:6f:1e:15:5d:1a:20:ae:05:48:47:c6:fb:96:
         fb:51:6a:3f:30:9f:4d:41:6a:da:1f:59:9e:a2:3a:d5:bb:85:
         26:e6:a0:1b:b3:a8:90:47:c6:83:4e:d5:40:48:91:e0:86:f6:
         2e:fb:d0:5a:a1:b3:47:d2:fd:ee:02:5a:c0:ab:23:a8:c7:0b:
         53:8c:41:a2:ae:26:d6:eb:88:56:da:79:55:c1:dd:0b:f0:03:
         8c:05:49:87:8f:25:5d:2d:e4:f2:40:cb:2e:19:0a:24:5f:30:
         c9:28:7d:0f:42:7a:d7:92:78:d7:5d:64:a9:f3:c7:25:55:6c:
         61:28:82:92:cf:c1:97:79:6f:cb:f1:25:31:9c:cd:4e:73:38:
         1b:0c:9c:a5:e6:49:d7:20:b2:8c:75:ac:0a:07:ae:13:01:39:
         94:d2:51:b8:23:23:cd:58:64:02:20:f7:56:a9:80:d5:c1:73:
         cf:55:ca:36:af:ea:5e:de:c9:e1:70:ae:e6:e2:ce:65:ec:cb:
         07:89:84:bc:14:ed:f1:42:d9:d3:48:38:1b:5a:b0:e3:c7:27:
         0d:49:d9:d0
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUS/t1kHPjK3AxkdCD2UAQyzmoER0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA3MTc1MDE1WhcNMjUwODExMjM1OTU5
WjB6MUkwRwYDVQQFE0A0OTRiOGZjYWNhNjQ4MzI5Y2Y4NGFlYmYzMGU1ODliZTkw
ZmQ0NTUyMzMwZDc3ZDAxZGM0MTlkYjFkYWQ0MzY4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDeKyhoiabYccCEdysyJMlP+Hm88OJQCGS9+nH5mscw4ZiS
ur+K9n4KrabOJ28xOUOGK5Q1HP2ZCxkPbgOMobONmlgkr3Y8Hna/8yghSZ/5HbgU
B4nT9vtNE/mnNVe7z+8gdinsLzJryG8rDkHVxTpi1f81hascUrPdMptigCkgNv4c
jGt8MnSUJJIoxKn09GlGmGJCUtyrW0DsfcDL151H4I/cDFddFtH8wqU9D/dXu1xj
lyqWXE+kzdMikWguGKlYBDPlSaHClEc9kLA/JZ6EeBPl6vqa0vq5iemw2g8idmI7
CJ+YturKJdYBqF7XAjrssgZXkiHmg92mca6HauqHAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU+5WfJtO9TGq22f8rxajJp3jDZDswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY1YzdlNDM2LTUwYTAtNGM0NS1hNmQyLWE4OTljOGY1ZTc5MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/9gHswDQYJKoZIhvcNAQELBQADggEBACLXIfBr8/MiDtkOgRKRnUgl
ynLBAyYez4dsF+n2LwiShETgXt8FG4qPbx4VXRogrgVIR8b7lvtRaj8wn01Batof
WZ6iOtW7hSbmoBuzqJBHxoNO1UBIkeCG9i770Fqhs0fS/e4CWsCrI6jHC1OMQaKu
JtbriFbaeVXB3QvwA4wFSYePJV0t5PJAyy4ZCiRfMMkofQ9CeteSeNddZKnzxyVV
bGEogpLPwZd5b8vxJTGczU5zOBsMnKXmSdcgsox1rAoHrhMBOZTSUbgjI81YZAIg
91apgNXBc89Vyjav6l7eyeFwrubizmXsyweJhLwU7fFC2dNIOBtasOPHJw1J2dA=
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:53:35 2025 by rpki-client