Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/93977caf-592d-4ba6-b79f-4c7b035e0f67.roa
File:                     93977caf-592d-4ba6-b79f-4c7b035e0f67.roa (raw, json)
Hash identifier:          ILVD3rmTSOQWYtk8xC+9qU0D7XBsaqwX2ZlIOWLENGw=
Subject key identifier:   54:A2:CC:2A:80:34:36:D1:0A:89:D0:61:FC:A6:16:07:F3:E5:18:1B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       13F8D6BBBCC6679F666B45D729803A65BF2E6896
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/93977caf-592d-4ba6-b79f-4c7b035e0f67.roa
Signing time:             Wed 16 Jul 2025 00:21:16 +0000
ROA not before:           Wed 16 Jul 2025 00:21:16 +0000
ROA not after:            Wed 20 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f27:4000::/36 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:f8:d6:bb:bc:c6:67:9f:66:6b:45:d7:29:80:3a:65:bf:2e:68:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 16 00:21:16 2025 GMT
            Not After : Aug 20 23:59:59 2025 GMT
        Subject: serialNumber=b67477f2deb929c702f45248b08499e294c31237e085b3a40615da9572cc3f5c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:c6:b6:ec:34:bc:9d:d6:4f:8c:50:0f:b7:67:
                    ad:a5:f9:95:34:6b:0e:0a:db:cb:d1:04:5c:71:6e:
                    6c:68:37:80:d5:ee:68:ff:ee:c2:2d:74:d8:a9:c8:
                    e9:e6:5f:63:67:e9:f0:b2:c4:ae:f5:57:47:e4:03:
                    85:01:5c:ef:ca:56:8c:ed:84:89:4f:88:69:7a:2a:
                    91:78:8f:77:9a:0f:54:7d:fa:8a:ee:52:8d:61:3c:
                    d8:7f:a5:4a:f5:6a:8b:03:09:da:0b:b9:19:93:91:
                    6a:99:4b:2f:0d:a3:5c:95:46:2a:ef:b9:b7:67:9c:
                    78:aa:bb:94:50:96:9c:26:dd:6f:d1:54:d6:3d:19:
                    81:f3:77:1a:93:7d:3d:6f:c9:ea:11:26:0b:7d:89:
                    eb:b7:43:37:1a:4c:0a:98:bd:77:58:a5:9a:a8:86:
                    90:62:fb:96:37:87:fe:e6:07:bd:bf:d1:96:65:72:
                    b6:2b:3b:e1:6f:f8:ce:de:2a:b1:3c:39:2b:9a:8b:
                    39:06:08:6d:c7:11:86:5f:04:27:bd:c5:0a:2c:cf:
                    71:1d:ab:9d:7d:fc:c3:87:e3:0e:c7:da:86:ad:85:
                    32:63:01:85:e9:4a:08:2b:dc:64:cc:29:1a:c0:5b:
                    8e:81:1c:2c:dc:7d:d7:94:46:75:b2:59:dc:8e:c1:
                    c8:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:A2:CC:2A:80:34:36:D1:0A:89:D0:61:FC:A6:16:07:F3:E5:18:1B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/93977caf-592d-4ba6-b79f-4c7b035e0f67.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f27:4000::/36

    Signature Algorithm: sha256WithRSAEncryption
         24:c5:94:a2:8f:70:1d:98:c9:f3:6c:ee:d5:bc:e3:6a:b7:51:
         75:40:32:65:c4:54:a5:fc:ad:1f:a7:9b:3d:6d:5c:97:e2:18:
         39:f6:e7:c5:e2:9f:69:d6:6e:89:bb:53:54:ae:98:c3:0b:76:
         66:5c:77:18:48:31:71:ef:90:dd:e8:a8:7b:aa:6d:8b:2a:e8:
         46:d8:3d:84:ae:d5:d8:09:e1:0a:e1:79:f3:7f:e1:0f:22:9d:
         f4:bc:76:87:6c:d8:60:89:d1:4a:fe:65:56:dd:c7:47:3a:66:
         dc:f0:77:62:bc:4e:ce:e2:57:45:3e:44:f1:71:1d:71:a7:24:
         6b:6f:0a:78:63:ed:f2:3b:af:01:c5:21:33:a5:5d:fa:e8:dc:
         82:92:ae:4a:99:1f:10:11:53:90:80:f5:69:44:27:78:0d:53:
         78:fd:63:7e:a9:db:14:b6:cd:ff:ea:3b:93:85:01:7d:b8:8b:
         13:00:40:fe:75:bf:c3:d5:2f:90:33:8f:2f:07:ba:ef:25:8e:
         55:a9:85:bb:b8:31:0c:61:58:3f:e8:3c:45:f9:3c:60:cc:7b:
         2d:7a:67:10:aa:e0:af:7e:43:2f:4a:16:42:97:40:2a:11:30:
         45:62:ed:82:d9:a0:71:92:11:e8:34:d3:de:aa:77:32:87:5b:
         4a:40:9b:43
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUE/jWu7zGZ59ma0XXKYA6Zb8uaJYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE2MDAyMTE2WhcNMjUwODIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNjc0NzdmMmRlYjkyOWM3MDJmNDUyNDhiMDg0OTllMjk0
YzMxMjM3ZTA4NWIzYTQwNjE1ZGE5NTcyY2MzZjVjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOxrbsNLyd1k+MUA+3Z62l+ZU0aw4K28vRBFxxbmxoN4DV
7mj/7sItdNipyOnmX2Nn6fCyxK71V0fkA4UBXO/KVozthIlPiGl6KpF4j3eaD1R9
+oruUo1hPNh/pUr1aosDCdoLuRmTkWqZSy8No1yVRirvubdnnHiqu5RQlpwm3W/R
VNY9GYHzdxqTfT1vyeoRJgt9ieu3QzcaTAqYvXdYpZqohpBi+5Y3h/7mB72/0ZZl
crYrO+Fv+M7eKrE8OSuaizkGCG3HEYZfBCe9xQosz3Edq519/MOH4w7H2oathTJj
AYXpSggr3GTMKRrAW46BHCzcfdeURnWyWdyOwch1AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUVKLMKoA0NtEKidBh/KYWB/PlGBswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkzOTc3Y2FmLTU5MmQtNGJhNi1iNzlmLTRjN2IwMzVlMGY2Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8nQDANBgkqhkiG9w0BAQsFAAOCAQEAJMWUoo9wHZjJ82zu1bzjardR
dUAyZcRUpfytH6ebPW1cl+IYOfbnxeKfadZuibtTVK6Ywwt2Zlx3GEgxce+Q3eio
e6ptiyroRtg9hK7V2AnhCuF583/hDyKd9Lx2h2zYYInRSv5lVt3HRzpm3PB3YrxO
zuJXRT5E8XEdcacka28KeGPt8juvAcUhM6Vd+ujcgpKuSpkfEBFTkID1aUQneA1T
eP1jfqnbFLbN/+o7k4UBfbiLEwBA/nW/w9UvkDOPLwe67yWOVamFu7gxDGFYP+g8
Rfk8YMx7LXpnEKrgr35DL0oWQpdAKhEwRWLtgtmgcZIR6DTT3qp3ModbSkCbQw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:53:34 2025 by rpki-client