Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82d434d3-74fc-47a3-89ec-ed37a23ae562.roa
File:                     82d434d3-74fc-47a3-89ec-ed37a23ae562.roa (raw, json)
Hash identifier:          F2HzKpXl0eklumroaSZ2s/CiZCZkb7w+5PbaoWdAQcQ=
Subject key identifier:   42:05:B8:50:CC:BE:32:E6:21:9D:70:87:5D:F4:B9:74:31:EE:0C:32
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0F22D08910E620F038CE1B0A671889FF56ED6031
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82d434d3-74fc-47a3-89ec-ed37a23ae562.roa
Signing time:             Sat 19 Jul 2025 00:21:15 +0000
ROA not before:           Sat 19 Jul 2025 00:21:15 +0000
ROA not after:            Sat 23 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f22:8000::/36 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:22:d0:89:10:e6:20:f0:38:ce:1b:0a:67:18:89:ff:56:ed:60:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 19 00:21:15 2025 GMT
            Not After : Aug 23 23:59:59 2025 GMT
        Subject: serialNumber=c731d93d32990cd9e4670751c024290381d3de53241316c87976d0ebd4395241, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:6f:fc:2e:64:3a:c3:30:57:d5:2d:6d:48:5d:
                    0e:f6:8f:2e:a6:fc:55:97:3f:7c:5c:00:e6:35:5b:
                    dc:7b:c3:2f:df:f8:cc:91:ed:3e:7b:5a:1f:67:0f:
                    c9:d3:44:76:f3:d6:8b:5c:d5:07:8c:9a:a7:9a:08:
                    b7:55:98:93:f8:5e:81:cf:89:65:72:8b:42:4f:91:
                    44:78:8b:52:e3:f0:05:6d:9e:1f:64:dc:5f:41:c0:
                    09:d8:7f:ea:ab:b2:2e:6e:46:f9:5c:c4:52:9f:ed:
                    0b:b3:25:72:29:dd:72:5c:f8:4b:4c:78:44:50:96:
                    4b:07:36:9b:2b:0c:94:cb:8e:c8:ff:07:9f:fe:a3:
                    06:c1:35:3b:34:da:5f:03:ce:b1:4d:f1:e5:88:21:
                    17:ab:db:b0:3e:d5:74:fa:97:19:43:cb:0e:88:24:
                    3b:15:2d:79:f4:17:45:a7:ad:f6:0b:d1:d3:6c:8d:
                    cb:04:2a:0e:b2:01:c6:b0:71:7c:a3:fa:9e:f9:e6:
                    4e:a0:6e:6f:e4:fc:aa:20:ba:c5:29:6c:a8:c9:5e:
                    7f:30:cd:1b:ee:7b:52:31:97:94:1d:d4:fa:cf:d4:
                    3e:77:50:5b:63:34:4b:2f:69:58:3d:6a:06:04:b7:
                    b1:65:a1:2d:cd:e5:0b:eb:f7:99:4a:b4:1d:ea:63:
                    35:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:05:B8:50:CC:BE:32:E6:21:9D:70:87:5D:F4:B9:74:31:EE:0C:32
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82d434d3-74fc-47a3-89ec-ed37a23ae562.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f22:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         7d:25:4a:cb:22:98:4e:86:ba:ac:c1:35:61:17:a8:18:9c:a6:
         f7:77:2c:da:7f:68:20:b3:8d:b5:32:d8:dc:81:78:c8:a5:c7:
         9d:ae:13:ac:8f:68:bd:ed:ef:ca:89:c0:6f:12:93:8f:b6:2c:
         06:52:09:75:87:45:23:6a:a3:01:d7:41:53:70:04:9f:70:b9:
         40:53:28:df:e1:80:72:43:09:c5:1b:f7:4c:90:c4:6c:20:18:
         97:07:3a:14:ac:6c:1a:6b:21:6a:47:39:83:d9:6a:0b:ed:95:
         a1:81:0d:26:16:d9:9c:0c:39:b8:94:d0:c4:b8:1d:81:55:91:
         bc:45:6c:31:c5:85:2f:5d:aa:88:f2:9c:e3:a4:80:78:df:a1:
         af:ff:51:9a:18:68:e6:d9:6f:6b:d6:49:d2:a1:af:de:bb:e3:
         81:71:9a:51:63:a1:a0:8e:7f:41:f9:00:7c:1b:4c:a6:49:4f:
         c2:20:f6:f7:70:e7:1e:98:0a:de:97:15:86:1d:29:35:7e:1a:
         a1:a8:c7:c9:2b:6e:c5:8c:9f:3e:84:8c:4c:a6:23:b5:6a:f1:
         62:3b:74:9e:13:c6:6a:8f:82:3b:61:d1:20:02:3a:51:40:28:
         72:65:6d:35:dc:ef:54:ac:c0:27:e3:46:32:c0:91:52:2b:5b:
         29:0d:cb:fe
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUDyLQiRDmIPA4zhsKZxiJ/1btYDEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE5MDAyMTE1WhcNMjUwODIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNzMxZDkzZDMyOTkwY2Q5ZTQ2NzA3NTFjMDI0MjkwMzgx
ZDNkZTUzMjQxMzE2Yzg3OTc2ZDBlYmQ0Mzk1MjQxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDob/wuZDrDMFfVLW1IXQ72jy6m/FWXP3xcAOY1W9x7wy/f
+MyR7T57Wh9nD8nTRHbz1otc1QeMmqeaCLdVmJP4XoHPiWVyi0JPkUR4i1Lj8AVt
nh9k3F9BwAnYf+qrsi5uRvlcxFKf7QuzJXIp3XJc+EtMeERQlksHNpsrDJTLjsj/
B5/+owbBNTs02l8DzrFN8eWIIRer27A+1XT6lxlDyw6IJDsVLXn0F0WnrfYL0dNs
jcsEKg6yAcawcXyj+p755k6gbm/k/KogusUpbKjJXn8wzRvue1Ixl5Qd1PrP1D53
UFtjNEsvaVg9agYEt7FloS3N5Qvr95lKtB3qYzUPAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUQgW4UMy+MuYhnXCHXfS5dDHuDDIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgyZDQzNGQzLTc0ZmMtNDdhMy04OWVjLWVkMzdhMjNhZTU2Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8igDANBgkqhkiG9w0BAQsFAAOCAQEAfSVKyyKYToa6rME1YReoGJym
93cs2n9oILONtTLY3IF4yKXHna4TrI9ove3vyonAbxKTj7YsBlIJdYdFI2qjAddB
U3AEn3C5QFMo3+GAckMJxRv3TJDEbCAYlwc6FKxsGmshakc5g9lqC+2VoYENJhbZ
nAw5uJTQxLgdgVWRvEVsMcWFL12qiPKc46SAeN+hr/9Rmhho5tlva9ZJ0qGv3rvj
gXGaUWOhoI5/QfkAfBtMpklPwiD293DnHpgK3pcVhh0pNX4aoajHyStuxYyfPoSM
TKYjtWrxYjt0nhPGao+CO2HRIAI6UUAocmVtNdzvVKzAJ+NGMsCRUitbKQ3L/g==
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:53:33 2025 by rpki-client