Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c88bc903-16fc-4d37-9398-665b5419307e.roa
File:                     c88bc903-16fc-4d37-9398-665b5419307e.roa (raw, json)
Hash identifier:          o/L+1LuB0Rk20f+MIy6/Ty3k3Ut9Qa09GY/2Lj9Greg=
Subject key identifier:   60:32:33:D8:05:2A:AF:22:3E:2D:0B:9D:E2:4B:1E:42:AD:97:43:7C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       12C98B6FAF515229FE623EDC653973297815B85F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c88bc903-16fc-4d37-9398-665b5419307e.roa
Signing time:             Fri 18 Jul 2025 00:20:14 +0000
ROA not before:           Fri 18 Jul 2025 00:20:14 +0000
ROA not after:            Fri 22 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f68:4000::/39 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:c9:8b:6f:af:51:52:29:fe:62:3e:dc:65:39:73:29:78:15:b8:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 18 00:20:14 2025 GMT
            Not After : Aug 22 23:59:59 2025 GMT
        Subject: serialNumber=08cd74285b9c8304a704918cb04e024f9c91a19136c1f840ca7ca50914b2a7ec, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:3f:dc:0c:28:c9:19:62:d9:b5:35:5b:a7:4a:
                    09:76:3f:6a:e1:fd:a6:1d:d3:ab:c9:f6:cd:cb:84:
                    8f:1a:41:9e:15:17:56:9b:d6:b2:a4:bf:af:05:07:
                    a6:84:24:0a:6f:7e:49:62:3e:d9:aa:8c:de:36:48:
                    4d:52:a0:55:0e:80:2e:26:9e:cc:96:cb:cd:ff:f8:
                    a4:d6:50:1b:63:c0:83:ce:a7:62:de:a5:bb:05:09:
                    27:56:79:ea:a2:fa:d9:c9:be:f0:39:b5:88:6d:45:
                    ed:ef:f1:6f:95:76:bd:5d:d0:52:6e:d5:c8:56:6b:
                    07:1e:86:5e:a0:d5:87:cc:c1:60:64:95:4b:ee:c9:
                    c0:9c:ec:14:9b:7f:f3:18:19:6c:24:27:f7:05:56:
                    cb:c3:f0:e2:55:72:0b:2c:e2:bc:45:09:2d:3a:07:
                    3b:4a:4f:d4:8b:a9:97:24:71:39:8c:38:ae:e9:73:
                    53:be:4a:31:12:32:88:ea:14:db:1c:e2:19:e5:6f:
                    ae:c1:59:2f:8e:6f:ca:aa:a7:27:94:8f:14:87:68:
                    5b:dd:f0:86:7b:44:7d:4a:65:8d:7c:52:fd:7b:04:
                    bd:4a:bc:8b:45:44:c4:95:02:bb:ab:bb:4b:5a:68:
                    b4:ca:2a:d7:5c:71:a3:9d:ab:37:4e:dc:61:e5:79:
                    9c:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:32:33:D8:05:2A:AF:22:3E:2D:0B:9D:E2:4B:1E:42:AD:97:43:7C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c88bc903-16fc-4d37-9398-665b5419307e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f68:4000::/39

    Signature Algorithm: sha256WithRSAEncryption
         1d:af:fd:c4:7d:42:69:90:95:b5:39:55:a0:11:09:01:99:31:
         c6:25:ed:27:26:ec:f9:59:ec:18:cf:1b:97:6f:ca:66:ea:f6:
         6e:10:84:11:b3:c1:fa:c4:ff:c9:6c:58:aa:1e:f5:1e:38:c0:
         9c:57:2c:86:4f:95:1e:de:ea:c8:5b:b9:d9:8b:f7:af:43:a3:
         a5:ef:2c:78:6f:cb:88:41:ca:60:3c:33:10:47:b2:3f:dd:e4:
         5c:67:07:09:50:cc:a2:42:4e:65:ff:26:b9:55:fe:e4:ae:a2:
         b2:dc:1e:b9:b4:ed:4e:00:4b:6f:e7:fb:3a:ce:18:4b:02:ec:
         c5:f7:6c:99:29:d6:47:d7:04:ad:4c:76:5a:b3:15:7d:30:50:
         ba:7f:d6:b9:07:b1:71:53:bc:c6:ed:5b:4e:51:c9:a4:df:1b:
         24:f5:86:37:39:87:cf:b0:69:bf:49:4e:3d:5a:1a:70:d5:64:
         45:dc:3d:d2:9f:9d:d8:df:46:6c:fb:40:d1:c7:eb:2e:86:80:
         83:70:69:61:9f:62:a1:b3:32:c3:30:93:8f:35:9e:9a:ed:db:
         e9:46:19:1d:74:59:85:04:f9:56:e4:49:06:01:33:b2:a9:86:
         2c:7b:55:07:f3:e6:56:7f:ac:27:5a:72:9e:71:e5:2f:7c:f3:
         f0:b4:50:9b
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUEsmLb69RUin+Yj7cZTlzKXgVuF8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE4MDAyMDE0WhcNMjUwODIyMjM1OTU5
WjB6MUkwRwYDVQQFE0AwOGNkNzQyODViOWM4MzA0YTcwNDkxOGNiMDRlMDI0Zjlj
OTFhMTkxMzZjMWY4NDBjYTdjYTUwOTE0YjJhN2VjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDVP9wMKMkZYtm1NVunSgl2P2rh/aYd06vJ9s3LhI8aQZ4V
F1ab1rKkv68FB6aEJApvfkliPtmqjN42SE1SoFUOgC4mnsyWy83/+KTWUBtjwIPO
p2LepbsFCSdWeeqi+tnJvvA5tYhtRe3v8W+Vdr1d0FJu1chWawcehl6g1YfMwWBk
lUvuycCc7BSbf/MYGWwkJ/cFVsvD8OJVcgss4rxFCS06BztKT9SLqZckcTmMOK7p
c1O+SjESMojqFNsc4hnlb67BWS+Ob8qqpyeUjxSHaFvd8IZ7RH1KZY18Uv17BL1K
vItFRMSVAruru0taaLTKKtdccaOdqzdO3GHleZyhAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUYDIz2AUqryI+LQud4kseQq2XQ3wwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M4OGJjOTAzLTE2ZmMtNGQzNy05Mzk4LTY2NWI1NDE5MzA3ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB9oQDANBgkqhkiG9w0BAQsFAAOCAQEAHa/9xH1CaZCVtTlVoBEJAZkx
xiXtJybs+VnsGM8bl2/KZur2bhCEEbPB+sT/yWxYqh71HjjAnFcshk+VHt7qyFu5
2Yv3r0Ojpe8seG/LiEHKYDwzEEeyP93kXGcHCVDMokJOZf8muVX+5K6istweubTt
TgBLb+f7Os4YSwLsxfdsmSnWR9cErUx2WrMVfTBQun/WuQexcVO8xu1bTlHJpN8b
JPWGNzmHz7Bpv0lOPVoacNVkRdw90p+d2N9GbPtA0cfrLoaAg3BpYZ9iobMywzCT
jzWemu3b6UYZHXRZhQT5VuRJBgEzsqmGLHtVB/PmVn+sJ1pynnHlL3zz8LRQmw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:56:39 2025 by rpki-client