Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/88e587d9-8e06-45b7-b934-26b4ec796dde.roa
File:                     88e587d9-8e06-45b7-b934-26b4ec796dde.roa (raw, json)
Hash identifier:          EokDUIGBJIlhVz8l7iDGWm18IpFoKWiakeg1U5rRBG0=
Subject key identifier:   94:3F:E4:B3:8B:A4:7F:7A:61:08:29:3B:7B:16:41:5C:A8:1E:78:77
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3B7499A69CD46817601EF932B232F65C2B5DAC41
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/88e587d9-8e06-45b7-b934-26b4ec796dde.roa
Signing time:             Tue 25 Mar 2025 17:01:37 +0000
ROA not before:           Tue 25 Mar 2025 17:01:37 +0000
ROA not after:            Tue 29 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff2:5040::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 06 Apr 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:74:99:a6:9c:d4:68:17:60:1e:f9:32:b2:32:f6:5c:2b:5d:ac:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 25 17:01:37 2025 GMT
            Not After : Apr 29 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:1f:e3:8c:5f:15:43:94:89:43:fb:2f:e3:25:
                    9f:45:5c:31:5f:27:39:b1:39:91:f3:3d:6f:65:0b:
                    6e:66:92:94:69:7f:c8:ca:98:21:75:90:e4:43:31:
                    5e:10:6f:ed:54:dc:ae:eb:c9:a0:6b:eb:11:2f:2f:
                    92:f4:d8:82:55:ca:00:52:f8:96:a0:96:4d:66:26:
                    74:ec:ea:ea:29:73:82:ff:6b:a8:0d:ac:c2:84:23:
                    94:72:63:01:23:34:fd:d8:be:36:d0:e0:e8:b3:e2:
                    02:b6:41:cf:bb:9d:4b:49:2d:09:0f:e3:77:ea:24:
                    37:93:cb:cc:0e:1b:30:b8:17:87:89:71:1a:de:8c:
                    d4:a8:48:8c:cb:24:40:50:ae:1f:c8:10:f7:6b:76:
                    50:30:2b:55:88:6e:ae:a2:8d:b6:d5:6b:50:79:24:
                    b3:32:a3:d5:14:9a:3f:a3:6e:94:2e:19:a7:f6:10:
                    40:67:11:c2:7c:e4:27:ee:2e:48:6a:28:fd:fc:ec:
                    68:b4:44:70:be:ff:d8:5e:65:12:f1:a9:20:fb:b5:
                    1d:3c:4c:ab:7b:fc:54:fe:b2:6b:87:ca:9f:10:62:
                    d6:4e:b3:b6:00:85:b8:38:16:18:e8:31:82:b9:8e:
                    5c:1a:70:42:00:96:46:d3:b3:56:8b:0d:e4:42:84:
                    d0:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:3F:E4:B3:8B:A4:7F:7A:61:08:29:3B:7B:16:41:5C:A8:1E:78:77
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/88e587d9-8e06-45b7-b934-26b4ec796dde.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff2:5040::/48

    Signature Algorithm: sha256WithRSAEncryption
         4b:f0:b5:37:90:0d:56:e9:2f:43:15:ae:6b:76:15:7c:65:74:
         56:d9:37:88:44:87:f2:65:12:b6:10:32:59:67:dc:46:51:e1:
         44:b6:dc:33:94:38:c7:3b:93:a2:fb:f8:3b:a5:7e:72:40:31:
         94:b1:10:99:9b:45:7b:35:f3:bb:a9:a2:1b:c4:3d:14:61:da:
         32:3f:06:46:93:89:7e:87:fa:85:5c:e6:f3:10:2d:59:72:ec:
         38:61:8d:b1:f5:7a:7e:a9:ec:a5:29:61:09:24:30:d6:15:0f:
         4a:64:91:04:ec:96:88:60:1f:4b:68:62:25:2e:34:57:1f:cc:
         1f:e4:29:3f:68:9e:d9:80:d5:eb:31:fd:f4:7b:dd:75:2d:27:
         29:3d:de:9d:e9:76:b3:6c:8d:ab:1b:95:e6:f0:4a:b3:25:4e:
         00:62:ed:43:e5:70:c5:a2:b8:bd:c0:0f:05:d6:88:64:aa:5b:
         ec:f0:4f:53:73:20:60:d9:7c:04:76:a2:6c:ad:e3:bc:0b:7a:
         3e:19:47:f5:b4:9d:84:e8:a4:64:e7:8e:24:4d:1f:75:ce:23:
         4e:f4:ae:9c:99:ab:94:d2:9a:5c:3b:07:11:7c:26:ae:da:78:
         05:2a:8d:57:28:56:57:2f:b4:08:17:43:08:6f:85:e8:a6:35:
         93:79:89:a4
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUO3SZppzUaBdgHvkysjL2XCtdrEEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI1MTcwMTM3WhcNMjUwNDI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A4OWJlMzRlYWJiMWM1MzRlNmNjZmJjY2U3NmY1NjBkMDkx
ZmM0MmJhZDRkMDdjZTc2MmI0ZDU2N2U5OWJlODY2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCkH+OMXxVDlIlD+y/jJZ9FXDFfJzmxOZHzPW9lC25mkpRp
f8jKmCF1kORDMV4Qb+1U3K7ryaBr6xEvL5L02IJVygBS+Jaglk1mJnTs6uopc4L/
a6gNrMKEI5RyYwEjNP3YvjbQ4Oiz4gK2Qc+7nUtJLQkP43fqJDeTy8wOGzC4F4eJ
cRrejNSoSIzLJEBQrh/IEPdrdlAwK1WIbq6ijbbVa1B5JLMyo9UUmj+jbpQuGaf2
EEBnEcJ85CfuLkhqKP387Gi0RHC+/9heZRLxqSD7tR08TKt7/FT+smuHyp8QYtZO
s7YAhbg4FhjoMYK5jlwacEIAlkbTs1aLDeRChNCzAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUlD/ks4ukf3phCCk7exZBXKgeeHcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg4ZTU4N2Q5LThlMDYtNDViNy1iOTM0LTI2YjRlYzc5NmRkZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/yUEAwDQYJKoZIhvcNAQELBQADggEBAEvwtTeQDVbpL0MVrmt2FXxl
dFbZN4hEh/JlErYQMlln3EZR4US23DOUOMc7k6L7+DulfnJAMZSxEJmbRXs187up
ohvEPRRh2jI/BkaTiX6H+oVc5vMQLVly7DhhjbH1en6p7KUpYQkkMNYVD0pkkQTs
lohgH0toYiUuNFcfzB/kKT9ontmA1esx/fR73XUtJyk93p3pdrNsjasblebwSrMl
TgBi7UPlcMWiuL3ADwXWiGSqW+zwT1NzIGDZfAR2omyt47wLej4ZR/W0nYTopGTn
jiRNH3XOI070rpyZq5TSmlw7BxF8Jq7aeAUqjVcoVlcvtAgXQwhvheimNZN5iaQ=
-----END CERTIFICATE-----