Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6ad63be3-0aab-48af-9a30-591c1d342077.roa
File:                     6ad63be3-0aab-48af-9a30-591c1d342077.roa (raw, json)
Hash identifier:          tJs7MA5mZMkqdAMMWogSUiaNXiYGMjwBDEJi7ZR3VZ4=
Subject key identifier:   74:9C:FF:28:44:D1:A0:8C:7C:0B:1F:8C:4E:3A:54:9C:91:DC:AB:23
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       56FFA6364CE1266E6F151832F1EAA733A35DBD55
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6ad63be3-0aab-48af-9a30-591c1d342077.roa
Signing time:             Tue 08 Jul 2025 16:30:20 +0000
ROA not before:           Tue 08 Jul 2025 16:30:20 +0000
ROA not after:            Tue 12 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f32:3400::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:ff:a6:36:4c:e1:26:6e:6f:15:18:32:f1:ea:a7:33:a3:5d:bd:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  8 16:30:20 2025 GMT
            Not After : Aug 12 23:59:59 2025 GMT
        Subject: serialNumber=27cc96914c6b8e542509081f183baec6b90e0a8b01f2f8afd26a34d6663c34d7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:58:24:19:31:96:97:42:e2:39:92:25:a9:97:
                    f5:00:5b:71:f1:e6:3f:48:04:87:da:df:e3:93:2c:
                    3c:fb:52:00:f2:b9:8a:c8:ad:51:bc:86:2c:0b:32:
                    07:00:cb:d3:ef:44:af:71:7b:18:f0:66:b2:e9:4b:
                    d3:22:c9:b5:37:78:88:20:07:af:bf:a1:03:7f:96:
                    a3:88:b0:a8:3d:1f:e4:4c:9e:3b:0b:e1:71:8d:7a:
                    68:76:6b:21:84:43:11:46:a0:56:1d:52:05:f5:4a:
                    0e:63:fe:20:26:17:d2:f6:de:35:44:bc:83:b1:8a:
                    91:6b:92:57:ca:11:f0:18:b6:4b:bf:e0:17:56:75:
                    94:10:c7:34:9a:de:48:b0:1c:50:ba:03:33:96:40:
                    5a:96:3e:f4:05:f7:10:97:37:ca:fa:81:dc:a6:68:
                    95:a3:d7:c1:94:f1:01:53:f6:f8:00:cf:11:27:0c:
                    a0:ac:2e:b1:f9:54:45:da:f2:b5:ce:5e:03:d2:93:
                    65:33:d5:3d:62:69:ae:48:aa:14:51:0b:86:9f:84:
                    98:07:09:dd:c4:bd:94:8d:83:71:cc:31:d2:5e:92:
                    0d:6e:2a:7a:b3:b4:7f:72:a0:68:7f:38:46:00:6d:
                    ca:b3:d8:52:d9:c6:36:36:1e:2d:36:35:b1:d6:f2:
                    fe:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:9C:FF:28:44:D1:A0:8C:7C:0B:1F:8C:4E:3A:54:9C:91:DC:AB:23
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6ad63be3-0aab-48af-9a30-591c1d342077.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f32:3400::/40

    Signature Algorithm: sha256WithRSAEncryption
         c6:95:63:98:c6:0b:b6:35:de:5e:a3:1b:ef:6e:88:37:ff:6a:
         cc:52:36:af:56:99:2d:61:7e:88:c8:cb:f2:23:a2:2a:9e:8a:
         e8:09:d0:6e:be:a5:f4:09:1a:0d:e9:c4:d8:26:e7:b1:c1:2a:
         1c:1a:49:ef:01:d3:3e:27:f7:2a:55:87:28:67:20:53:c5:e3:
         56:1d:88:8b:c4:f3:b9:57:15:4e:56:ef:09:f4:3e:fa:0b:bc:
         58:27:0c:54:0e:34:c6:3e:4a:04:35:0d:85:df:20:30:18:7d:
         7e:55:41:57:23:b6:02:c4:2a:4a:b9:ff:db:fd:59:e1:af:34:
         84:5b:70:b0:93:f1:56:c4:ba:13:dd:54:c5:c3:5d:a4:56:15:
         02:c7:9b:16:d1:52:2b:5c:5d:74:0c:39:64:87:c5:95:26:bb:
         d7:15:70:cc:f3:40:ad:0b:71:6b:48:80:2d:68:53:a2:eb:8a:
         b9:b4:d2:a2:62:99:69:01:3e:39:6c:77:8a:05:26:b0:83:1a:
         cd:e0:51:3e:99:7f:78:8c:3d:45:4c:a8:25:df:05:8c:2e:b4:
         e3:e3:fe:b7:f7:f7:eb:f3:d4:5b:f0:c1:17:55:c1:a6:0f:31:
         6c:39:05:0a:87:45:0e:65:41:0b:6e:90:4e:56:24:ec:17:73:
         a4:8a:2e:19
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUVv+mNkzhJm5vFRgy8eqnM6NdvVUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA4MTYzMDIwWhcNMjUwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AyN2NjOTY5MTRjNmI4ZTU0MjUwOTA4MWYxODNiYWVjNmI5
MGUwYThiMDFmMmY4YWZkMjZhMzRkNjY2M2MzNGQ3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGWCQZMZaXQuI5kiWpl/UAW3Hx5j9IBIfa3+OTLDz7UgDy
uYrIrVG8hiwLMgcAy9PvRK9xexjwZrLpS9MiybU3eIggB6+/oQN/lqOIsKg9H+RM
njsL4XGNemh2ayGEQxFGoFYdUgX1Sg5j/iAmF9L23jVEvIOxipFrklfKEfAYtku/
4BdWdZQQxzSa3kiwHFC6AzOWQFqWPvQF9xCXN8r6gdymaJWj18GU8QFT9vgAzxEn
DKCsLrH5VEXa8rXOXgPSk2Uz1T1iaa5IqhRRC4afhJgHCd3EvZSNg3HMMdJekg1u
KnqztH9yoGh/OEYAbcqz2FLZxjY2Hi02NbHW8v6hAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUdJz/KETRoIx8Cx+MTjpUnJHcqyMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZhZDYzYmUzLTBhYWItNDhhZi05YTMwLTU5MWMxZDM0MjA3Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB8yNDANBgkqhkiG9w0BAQsFAAOCAQEAxpVjmMYLtjXeXqMb726IN/9q
zFI2r1aZLWF+iMjL8iOiKp6K6AnQbr6l9AkaDenE2CbnscEqHBpJ7wHTPif3KlWH
KGcgU8XjVh2Ii8TzuVcVTlbvCfQ++gu8WCcMVA40xj5KBDUNhd8gMBh9flVBVyO2
AsQqSrn/2/1Z4a80hFtwsJPxVsS6E91UxcNdpFYVAsebFtFSK1xddAw5ZIfFlSa7
1xVwzPNArQtxa0iALWhTouuKubTSomKZaQE+OWx3igUmsIMazeBRPpl/eIw9RUyo
Jd8FjC604+P+t/f36/PUW/DBF1XBpg8xbDkFCodFDmVBC26QTlYk7BdzpIouGQ==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:12:42 2025 by rpki-client