Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/adaa4791-2396-4651-8851-2a7cbc3cb36f.roa
File:                     adaa4791-2396-4651-8851-2a7cbc3cb36f.roa (raw, json)
Hash identifier:          eZu1G9irkwVdokoD4bWy74uMVJ7HXscZMEzRBt9VIAM=
Subject key identifier:   45:3A:2F:34:2B:08:99:E0:A8:4D:28:86:92:46:C7:E8:EE:1B:0F:30
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0677CE5DA28C4109F48FD01DBDCF3B21049B2C73
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/adaa4791-2396-4651-8851-2a7cbc3cb36f.roa
Signing time:             Mon 07 Jul 2025 16:40:20 +0000
ROA not before:           Mon 07 Jul 2025 16:40:20 +0000
ROA not after:            Mon 11 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f00:40d0::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 26 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:77:ce:5d:a2:8c:41:09:f4:8f:d0:1d:bd:cf:3b:21:04:9b:2c:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  7 16:40:20 2025 GMT
            Not After : Aug 11 23:59:59 2025 GMT
        Subject: serialNumber=3bf4025d9175ca6683a756a131e0fe9af82f16c79413d11b3f9d05a7ef90676c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:34:cd:11:cf:bc:d2:48:b1:15:47:bd:e9:f8:
                    e1:93:c5:88:84:fa:f1:91:c0:50:bb:3a:3b:5e:0b:
                    4c:73:01:cd:89:a7:f9:58:78:b1:30:4d:d6:f5:6b:
                    0b:3f:43:95:76:d6:4f:d6:2f:59:ae:51:e2:86:db:
                    8f:ee:12:eb:7d:73:86:ea:dd:df:6d:4c:7e:86:4d:
                    08:aa:37:3d:52:5c:b1:86:b3:6f:c7:0b:29:99:09:
                    d5:be:11:31:b1:cc:06:b6:b0:d4:73:a7:f2:c4:68:
                    18:a2:16:78:59:af:db:c6:b1:61:98:e8:1a:87:37:
                    99:15:d8:79:6a:b9:c4:21:ef:0e:f4:1e:a6:2a:be:
                    06:41:e5:43:ec:8a:c4:52:b8:26:dd:cf:78:f6:95:
                    ac:99:3f:4c:97:ec:14:e4:f3:9e:87:d1:41:fd:54:
                    a9:a8:1d:e2:2c:39:c7:23:50:70:7d:54:fb:cc:00:
                    2e:a7:3d:92:24:ac:aa:79:39:b5:2b:6f:41:2a:f3:
                    e7:e9:ff:f3:12:ea:01:00:d0:e0:1b:03:df:ef:c5:
                    dd:19:03:8e:f0:cf:12:94:11:e3:8b:e2:77:57:81:
                    60:a2:98:a8:47:10:83:94:04:dc:61:34:3c:6a:8a:
                    71:62:ef:36:0f:ec:b7:69:5c:db:23:29:36:37:12:
                    7d:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:3A:2F:34:2B:08:99:E0:A8:4D:28:86:92:46:C7:E8:EE:1B:0F:30
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/adaa4791-2396-4651-8851-2a7cbc3cb36f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00:40d0::/48

    Signature Algorithm: sha256WithRSAEncryption
         ba:39:b2:42:1f:37:d4:da:d5:3a:8c:3c:f4:22:c7:d4:b5:d9:
         b5:f4:05:26:a6:88:a7:8e:07:a2:3d:45:2a:10:5c:77:94:33:
         5a:6e:ad:87:0e:68:69:95:4a:24:b9:ca:d3:73:10:97:a8:1a:
         14:27:00:66:30:a3:35:3f:59:e2:10:6b:21:3d:84:64:fa:1a:
         fd:81:76:8a:7e:6a:cd:a9:e1:70:c6:a4:54:eb:11:d7:82:30:
         ff:2f:35:d3:31:ac:14:f3:27:44:12:d7:6c:6b:63:6e:76:b5:
         99:84:7f:1a:e8:80:49:c0:90:19:2f:09:14:ae:2d:c3:f4:d2:
         9a:76:0e:60:39:1a:dd:60:af:eb:15:3e:e4:db:f5:99:fa:77:
         04:41:89:9a:2d:43:39:ca:a0:da:51:46:70:2f:1d:d2:54:86:
         c9:5f:b9:a1:5b:1c:23:7c:f0:ed:c9:73:26:ea:dc:d3:07:73:
         3e:db:8a:e0:d2:bf:1b:c6:b9:48:d9:39:e1:a4:72:13:02:d2:
         4e:41:4b:f4:27:2f:a6:41:91:56:5a:1d:d8:a9:dd:f4:cf:5b:
         b1:88:ab:01:76:b5:28:ff:ed:e7:fc:c2:b4:27:47:c8:d6:a4:
         75:58:4a:55:fa:46:e2:41:ef:19:ec:ee:a0:fe:c8:8b:c1:57:
         b8:58:93:c7
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUBnfOXaKMQQn0j9Advc87IQSbLHMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA3MTY0MDIwWhcNMjUwODExMjM1OTU5
WjB6MUkwRwYDVQQFE0AzYmY0MDI1ZDkxNzVjYTY2ODNhNzU2YTEzMWUwZmU5YWY4
MmYxNmM3OTQxM2QxMWIzZjlkMDVhN2VmOTA2NzZjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDCNM0Rz7zSSLEVR73p+OGTxYiE+vGRwFC7OjteC0xzAc2J
p/lYeLEwTdb1aws/Q5V21k/WL1muUeKG24/uEut9c4bq3d9tTH6GTQiqNz1SXLGG
s2/HCymZCdW+ETGxzAa2sNRzp/LEaBiiFnhZr9vGsWGY6BqHN5kV2HlqucQh7w70
HqYqvgZB5UPsisRSuCbdz3j2layZP0yX7BTk856H0UH9VKmoHeIsOccjUHB9VPvM
AC6nPZIkrKp5ObUrb0Eq8+fp//MS6gEA0OAbA9/vxd0ZA47wzxKUEeOL4ndXgWCi
mKhHEIOUBNxhNDxqinFi7zYP7LdpXNsjKTY3En3VAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQURTovNCsImeCoTSiGkkbH6O4bDzAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FkYWE0NzkxLTIzOTYtNDY1MS04ODUxLTJhN2NiYzNjYjM2Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB8AQNAwDQYJKoZIhvcNAQELBQADggEBALo5skIfN9Ta1TqMPPQix9S1
2bX0BSamiKeOB6I9RSoQXHeUM1purYcOaGmVSiS5ytNzEJeoGhQnAGYwozU/WeIQ
ayE9hGT6Gv2Bdop+as2p4XDGpFTrEdeCMP8vNdMxrBTzJ0QS12xrY252tZmEfxro
gEnAkBkvCRSuLcP00pp2DmA5Gt1gr+sVPuTb9Zn6dwRBiZotQznKoNpRRnAvHdJU
hslfuaFbHCN88O3Jcybq3NMHcz7biuDSvxvGuUjZOeGkchMC0k5BS/QnL6ZBkVZa
Hdip3fTPW7GIqwF2tSj/7ef8wrQnR8jWpHVYSlX6RuJB7xns7qD+yIvBV7hYk8c=
-----END CERTIFICATE-----