Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/90f2e0fa-942a-4974-8bc7-c6bdfcdcaa41.roa
File:                     90f2e0fa-942a-4974-8bc7-c6bdfcdcaa41.roa (raw, json)
Hash identifier:          Ane2YAfTktYbGn5OAZc5cjvI712o5Pef9rZO0/ntXZU=
Subject key identifier:   BD:84:26:16:C6:62:B9:39:31:3F:8A:9B:68:02:0A:B5:13:43:06:09
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       73E2C36E6C2C401E81A40D35289AAE252BC9F7F3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/90f2e0fa-942a-4974-8bc7-c6bdfcdcaa41.roa
Signing time:             Tue 08 Jul 2025 15:20:24 +0000
ROA not before:           Tue 08 Jul 2025 15:20:24 +0000
ROA not after:            Tue 12 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f00:a440::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:e2:c3:6e:6c:2c:40:1e:81:a4:0d:35:28:9a:ae:25:2b:c9:f7:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  8 15:20:24 2025 GMT
            Not After : Aug 12 23:59:59 2025 GMT
        Subject: serialNumber=c832996dd6c377992bec077a3d7fbac524b18fc3a0e6e1676202c667dba01985, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:75:08:fd:dd:d3:8f:99:e3:69:58:17:7a:ed:
                    8b:cc:d8:2b:22:e6:bc:3e:a9:f3:17:fa:4d:0c:3e:
                    03:b5:6d:86:19:85:00:44:08:aa:de:6f:24:75:e0:
                    6a:34:20:e5:82:79:a8:a0:c4:1b:51:e1:cc:59:1c:
                    fc:ba:31:0a:1d:b3:5c:db:0a:7f:37:23:e8:ed:91:
                    48:38:a0:b1:ea:be:80:fe:12:df:2d:40:18:f7:bf:
                    43:80:f7:7a:85:0b:d6:f4:80:1f:5f:0c:c1:9f:f3:
                    7e:d0:fe:7a:8a:ad:fc:a7:6d:71:77:13:76:dc:14:
                    02:05:f1:1e:55:80:e4:a3:f8:ec:79:c5:82:13:19:
                    4f:b4:ea:85:aa:47:4a:04:04:f8:4a:48:5c:d3:2b:
                    4b:27:c0:e9:8f:d9:a2:2a:5d:9a:55:ca:03:69:02:
                    71:d1:7a:6a:da:98:00:9c:b6:2a:a3:7f:5b:58:2e:
                    dc:df:d9:ba:5c:0a:9b:2b:6e:53:a6:d7:76:c5:3a:
                    62:49:f3:a9:5b:e5:c3:51:ba:9e:65:1b:0f:e2:1d:
                    b1:60:99:d3:f5:f2:c4:b0:59:01:f5:f9:98:2d:af:
                    48:7b:2f:50:4b:7d:11:ac:b5:f0:b9:a9:34:43:8e:
                    b8:a8:d1:b4:1e:2b:3e:e4:16:1a:16:a7:29:af:27:
                    d9:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:84:26:16:C6:62:B9:39:31:3F:8A:9B:68:02:0A:B5:13:43:06:09
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/90f2e0fa-942a-4974-8bc7-c6bdfcdcaa41.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00:a440::/48

    Signature Algorithm: sha256WithRSAEncryption
         55:79:31:3f:64:ad:68:26:b0:5f:cd:69:73:56:00:40:40:20:
         91:7e:81:4d:bd:a7:d1:ca:8e:54:a0:a6:1d:a3:84:2f:11:42:
         5c:6a:cb:8b:cd:77:da:07:f2:84:73:87:01:ed:86:e7:ae:1a:
         4a:7b:bb:3c:e6:54:ba:8d:b8:8f:db:fc:d5:37:0b:cf:79:18:
         73:a8:07:b9:8d:a8:ca:76:34:b4:aa:94:87:00:70:14:8d:07:
         fe:60:c5:02:40:a3:ef:9f:a4:d0:80:88:b4:13:06:08:2b:a6:
         6a:40:ea:89:1e:c6:ee:b8:95:ec:8e:42:ba:77:ef:2f:37:ec:
         f2:5b:0a:08:23:d8:86:0d:5a:ea:c8:5d:50:5a:23:f7:5e:3f:
         37:88:16:8a:58:09:ed:30:69:64:19:79:15:5a:e0:13:fb:c3:
         fb:7a:ce:5f:48:62:44:3b:31:ff:81:53:b4:f9:3e:63:d8:78:
         4b:52:aa:d9:c5:eb:b7:4c:91:1d:b6:60:8d:02:64:ca:ba:3e:
         c0:a4:2e:ec:58:69:45:cc:8f:4e:0e:9e:5b:08:e3:3c:28:e5:
         b3:35:c3:e5:3b:bc:4e:81:13:e6:af:fe:82:11:a7:72:c3:80:
         9c:c5:ea:d5:78:88:62:90:94:4b:fa:52:3d:25:74:98:b2:2e:
         9d:e4:50:55
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUc+LDbmwsQB6BpA01KJquJSvJ9/MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA4MTUyMDI0WhcNMjUwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BjODMyOTk2ZGQ2YzM3Nzk5MmJlYzA3N2EzZDdmYmFjNTI0
YjE4ZmMzYTBlNmUxNjc2MjAyYzY2N2RiYTAxOTg1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDgdQj93dOPmeNpWBd67YvM2Csi5rw+qfMX+k0MPgO1bYYZ
hQBECKrebyR14Go0IOWCeaigxBtR4cxZHPy6MQods1zbCn83I+jtkUg4oLHqvoD+
Et8tQBj3v0OA93qFC9b0gB9fDMGf837Q/nqKrfynbXF3E3bcFAIF8R5VgOSj+Ox5
xYITGU+06oWqR0oEBPhKSFzTK0snwOmP2aIqXZpVygNpAnHRemramACctiqjf1tY
Ltzf2bpcCpsrblOm13bFOmJJ86lb5cNRup5lGw/iHbFgmdP18sSwWQH1+Zgtr0h7
L1BLfRGstfC5qTRDjrio0bQeKz7kFhoWpymvJ9nfAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUvYQmFsZiuTkxP4qbaAIKtRNDBgkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkwZjJlMGZhLTk0MmEtNDk3NC04YmM3LWM2YmRmY2RjYWE0MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB8ApEAwDQYJKoZIhvcNAQELBQADggEBAFV5MT9krWgmsF/NaXNWAEBA
IJF+gU29p9HKjlSgph2jhC8RQlxqy4vNd9oH8oRzhwHthueuGkp7uzzmVLqNuI/b
/NU3C895GHOoB7mNqMp2NLSqlIcAcBSNB/5gxQJAo++fpNCAiLQTBggrpmpA6oke
xu64leyOQrp37y837PJbCggj2IYNWurIXVBaI/dePzeIFopYCe0waWQZeRVa4BP7
w/t6zl9IYkQ7Mf+BU7T5PmPYeEtSqtnF67dMkR22YI0CZMq6PsCkLuxYaUXMj04O
nlsI4zwo5bM1w+U7vE6BE+av/oIRp3LDgJzF6tV4iGKQlEv6Uj0ldJiyLp3kUFU=
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:13:18 2025 by rpki-client