Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6c3245fc-eb21-4145-89bb-6115dd8f5da5.roa
File:                     6c3245fc-eb21-4145-89bb-6115dd8f5da5.roa (raw, json)
Hash identifier:          nmmfX7ogVmj/CI5U60riZCfT7BnEE5AStwBZMqZZ2NU=
Subject key identifier:   21:D8:8D:3D:B5:21:44:D3:FD:67:33:69:50:5F:FB:8C:DD:0C:F4:28
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6ED7332B05BE7778CA513BCB9436210A48E59957
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6c3245fc-eb21-4145-89bb-6115dd8f5da5.roa
Signing time:             Tue 08 Jul 2025 16:30:27 +0000
ROA not before:           Tue 08 Jul 2025 16:30:27 +0000
ROA not after:            Tue 12 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff1:6000::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:d7:33:2b:05:be:77:78:ca:51:3b:cb:94:36:21:0a:48:e5:99:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  8 16:30:27 2025 GMT
            Not After : Aug 12 23:59:59 2025 GMT
        Subject: serialNumber=3b8bb4c14121f5ecf3466c75c908030f8da9b2a5c654deb3c275d564aaa304d9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:97:25:5e:38:74:03:da:a1:10:e7:b9:45:cb:
                    94:5c:32:27:9d:7e:e4:a3:b0:f1:8e:6f:14:ec:de:
                    55:d0:7e:39:25:74:27:db:de:a2:4a:f0:55:af:f9:
                    74:35:1d:df:30:42:7d:e9:23:9f:80:e0:8a:21:fe:
                    21:66:62:2c:9b:f6:ca:10:17:53:5a:8c:ea:95:8f:
                    e5:cc:d0:57:ea:50:0b:af:58:5a:a8:c8:5e:10:6f:
                    8f:16:21:75:69:ad:4c:79:ba:1e:47:52:00:32:65:
                    f2:67:44:32:98:2d:c5:18:d8:87:84:9d:a6:68:8f:
                    78:bd:f5:8a:aa:c7:84:71:b0:0a:2c:e2:d0:26:1a:
                    fd:05:71:91:bc:91:cd:5f:da:2f:e6:a8:31:84:9c:
                    74:a0:31:88:8b:1c:03:63:47:99:8c:f1:61:9e:a6:
                    fd:d8:50:fe:01:ee:fa:61:f2:8a:b8:ea:f7:fe:59:
                    8f:90:57:26:77:66:53:fd:ac:47:bb:43:81:61:d9:
                    24:92:6f:05:ec:c1:87:a6:ec:c4:0a:9e:57:4b:6f:
                    d3:55:be:f8:ad:14:b5:e8:d9:e0:50:a5:9a:83:d2:
                    5b:e6:09:60:32:43:fe:98:27:4c:d4:d6:be:5b:2e:
                    11:64:a8:a0:44:34:a1:e2:c3:91:1f:ac:96:49:73:
                    a2:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:D8:8D:3D:B5:21:44:D3:FD:67:33:69:50:5F:FB:8C:DD:0C:F4:28
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6c3245fc-eb21-4145-89bb-6115dd8f5da5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff1:6000::/40

    Signature Algorithm: sha256WithRSAEncryption
         a7:57:6d:fb:5a:2a:d5:57:4a:bb:4d:c5:2e:76:11:69:c2:97:
         25:12:6a:10:66:1d:14:be:cf:60:bd:37:27:4a:5b:bf:5d:3c:
         33:20:57:9b:84:64:2a:39:5a:85:d7:f4:b3:b5:fd:2c:f2:66:
         e2:69:3d:da:63:e2:75:60:1a:43:aa:83:75:ad:20:0f:c6:f2:
         80:59:38:a0:ee:83:1f:70:43:5f:48:9f:5b:be:f5:29:79:f3:
         42:74:40:25:8c:c1:df:15:ba:4d:c4:ec:69:fe:5d:05:a7:aa:
         08:d1:32:48:15:5f:2e:c8:60:9d:ea:be:a2:06:72:50:4d:7d:
         0e:b5:80:87:f9:11:1f:38:61:be:69:6b:3e:50:fd:79:c2:d1:
         ce:78:24:74:f8:0b:6c:9a:0b:7a:92:47:24:d3:1c:2f:65:3f:
         86:03:07:7a:5b:fb:a0:e8:c0:da:62:75:b1:97:7e:65:7b:73:
         d2:b1:5e:68:e0:7d:b3:eb:02:4f:af:d3:a4:a8:69:19:97:8d:
         07:0f:8a:3a:29:0d:5d:6c:01:75:51:82:e4:91:d7:e5:96:50:
         9c:95:2e:f4:b3:be:34:b9:4a:39:4d:a8:b4:93:6e:6b:61:08:
         aa:35:a5:28:b3:c3:f6:e5:35:4e:7a:2e:8b:ec:d0:c1:a6:5f:
         41:d9:92:50
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUbtczKwW+d3jKUTvLlDYhCkjlmVcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA4MTYzMDI3WhcNMjUwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AzYjhiYjRjMTQxMjFmNWVjZjM0NjZjNzVjOTA4MDMwZjhk
YTliMmE1YzY1NGRlYjNjMjc1ZDU2NGFhYTMwNGQ5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCylyVeOHQD2qEQ57lFy5RcMiedfuSjsPGObxTs3lXQfjkl
dCfb3qJK8FWv+XQ1Hd8wQn3pI5+A4Ioh/iFmYiyb9soQF1NajOqVj+XM0FfqUAuv
WFqoyF4Qb48WIXVprUx5uh5HUgAyZfJnRDKYLcUY2IeEnaZoj3i99Yqqx4RxsAos
4tAmGv0FcZG8kc1f2i/mqDGEnHSgMYiLHANjR5mM8WGepv3YUP4B7vph8oq46vf+
WY+QVyZ3ZlP9rEe7Q4Fh2SSSbwXswYem7MQKnldLb9NVvvitFLXo2eBQpZqD0lvm
CWAyQ/6YJ0zU1r5bLhFkqKBENKHiw5EfrJZJc6L7AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUIdiNPbUhRNP9ZzNpUF/7jN0M9CgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZjMzI0NWZjLWViMjEtNDE0NS04OWJiLTYxMTVkZDhmNWRhNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/xYDANBgkqhkiG9w0BAQsFAAOCAQEAp1dt+1oq1VdKu03FLnYRacKX
JRJqEGYdFL7PYL03J0pbv108MyBXm4RkKjlahdf0s7X9LPJm4mk92mPidWAaQ6qD
da0gD8bygFk4oO6DH3BDX0ifW771KXnzQnRAJYzB3xW6TcTsaf5dBaeqCNEySBVf
Lshgneq+ogZyUE19DrWAh/kRHzhhvmlrPlD9ecLRzngkdPgLbJoLepJHJNMcL2U/
hgMHelv7oOjA2mJ1sZd+ZXtz0rFeaOB9s+sCT6/TpKhpGZeNBw+KOikNXWwBdVGC
5JHX5ZZQnJUu9LO+NLlKOU2otJNua2EIqjWlKLPD9uU1Tnoui+zQwaZfQdmSUA==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:13:32 2025 by rpki-client