Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/db7815cb-1080-4364-8968-f09bb1d6d0f7.roa
File:                     db7815cb-1080-4364-8968-f09bb1d6d0f7.roa (raw, json)
Hash identifier:          csRFqQHXO0AqB0h8F0SU6cRl2ES+hcwrGF84QjzRWF4=
Subject key identifier:   D6:5A:4B:09:EC:FF:31:9B:18:03:6D:CC:5A:62:CC:A1:E0:EE:C7:0F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3F4B4A595AFA5DC0AFC416D037A4CA236A87B135
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/db7815cb-1080-4364-8968-f09bb1d6d0f7.roa
Signing time:             Tue 08 Jul 2025 17:01:18 +0000
ROA not before:           Tue 08 Jul 2025 17:01:18 +0000
ROA not after:            Tue 12 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f2b:4000::/37 maxlen: 37
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:4b:4a:59:5a:fa:5d:c0:af:c4:16:d0:37:a4:ca:23:6a:87:b1:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  8 17:01:18 2025 GMT
            Not After : Aug 12 23:59:59 2025 GMT
        Subject: serialNumber=d5bd3b9bae333564c0ef6fa88fafc21ec628876b02ee142a9b63282d2e79109e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:96:94:c5:73:5e:9f:c6:a7:52:20:84:74:66:
                    a6:e2:06:be:01:7b:89:58:b8:d7:fe:29:a7:cb:cf:
                    7f:67:24:6b:db:c1:6b:a1:95:39:dc:0e:5b:94:30:
                    fd:95:bc:14:df:ee:d5:2c:71:b0:29:b1:16:60:bc:
                    53:2b:fe:dc:d1:e2:39:bb:f7:87:f7:e4:fc:77:dc:
                    2b:22:5a:69:d5:ec:27:25:c2:84:e0:70:f8:5b:cb:
                    52:e4:a1:46:2c:9a:bb:eb:99:2d:9c:b8:47:7b:f4:
                    66:61:72:32:84:58:e1:47:95:e7:c1:37:54:46:26:
                    6c:fc:ae:ac:e3:f1:4b:9b:16:42:21:0e:84:cb:c8:
                    44:09:e5:30:68:5c:bf:fa:a9:94:be:17:34:f5:d1:
                    c1:a5:f9:48:61:27:85:03:ba:5b:01:27:a3:e0:e0:
                    87:62:ec:b9:35:60:7e:20:01:99:31:38:99:21:00:
                    6b:7e:0e:a4:78:f4:c2:41:03:20:87:ae:49:ee:a0:
                    05:98:af:36:74:7f:cf:1d:fa:b4:6f:25:26:29:c6:
                    67:e8:8c:50:08:bf:89:83:3c:be:ff:3b:17:cb:d1:
                    f3:19:63:5e:74:5d:4d:09:73:a5:93:7c:7e:1f:03:
                    8d:08:6b:cb:e9:aa:08:5e:dd:79:b2:09:bf:a2:3d:
                    af:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:5A:4B:09:EC:FF:31:9B:18:03:6D:CC:5A:62:CC:A1:E0:EE:C7:0F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/db7815cb-1080-4364-8968-f09bb1d6d0f7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f2b:4000::/37

    Signature Algorithm: sha256WithRSAEncryption
         48:42:ae:e2:d6:8b:27:61:2c:c6:3a:56:d0:68:f2:84:c9:e6:
         03:48:49:72:64:20:40:35:15:40:0a:ef:a0:ec:51:30:8e:e4:
         8f:b5:d2:31:c6:30:12:24:ae:9b:5e:51:71:b6:00:b2:e4:f1:
         2d:d4:79:cf:65:bb:3a:92:5c:06:d3:c9:7c:da:6a:1d:50:cc:
         3b:7f:4a:b5:87:a5:9e:ec:f8:f9:34:d5:d7:85:21:a6:1c:15:
         a9:6e:cb:4e:34:6c:ea:09:c5:f1:56:14:1a:0b:65:27:dc:68:
         1c:46:64:f0:8a:ab:8d:85:8c:83:2f:f9:7b:99:89:52:8f:ff:
         0a:c7:e1:e4:3e:8a:b0:37:c5:c2:88:aa:40:18:51:53:80:d3:
         a1:45:5f:7d:22:64:a5:38:2e:27:f1:a5:ed:9f:5a:ef:4a:48:
         3d:d5:2f:8a:45:1e:28:c8:d7:af:cc:a1:c1:81:98:fc:d0:f2:
         4a:21:c1:18:54:75:83:1d:62:2f:ea:82:a5:74:2d:69:c7:93:
         26:73:a2:37:d4:c3:e0:49:94:a5:6f:20:c9:8f:67:1e:67:b0:
         9f:a1:f0:6b:4c:9b:f8:11:0f:75:0f:96:b2:2b:dd:dd:0d:3b:
         dd:ec:22:9f:9b:d0:14:c2:f8:50:c7:fa:6e:73:28:c5:87:ff:
         98:2d:e9:2e
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUP0tKWVr6XcCvxBbQN6TKI2qHsTUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA4MTcwMTE4WhcNMjUwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BkNWJkM2I5YmFlMzMzNTY0YzBlZjZmYTg4ZmFmYzIxZWM2
Mjg4NzZiMDJlZTE0MmE5YjYzMjgyZDJlNzkxMDllMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXlpTFc16fxqdSIIR0ZqbiBr4Be4lYuNf+KafLz39nJGvb
wWuhlTncDluUMP2VvBTf7tUscbApsRZgvFMr/tzR4jm794f35Px33CsiWmnV7Ccl
woTgcPhby1LkoUYsmrvrmS2cuEd79GZhcjKEWOFHlefBN1RGJmz8rqzj8UubFkIh
DoTLyEQJ5TBoXL/6qZS+FzT10cGl+UhhJ4UDulsBJ6Pg4Idi7Lk1YH4gAZkxOJkh
AGt+DqR49MJBAyCHrknuoAWYrzZ0f88d+rRvJSYpxmfojFAIv4mDPL7/OxfL0fMZ
Y150XU0Jc6WTfH4fA40Ia8vpqghe3XmyCb+iPa+vAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU1lpLCez/MZsYA23MWmLMoeDuxw8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RiNzgxNWNiLTEwODAtNDM2NC04OTY4LWYwOWJiMWQ2ZDBmNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgMmAB8rQDANBgkqhkiG9w0BAQsFAAOCAQEASEKu4taLJ2EsxjpW0GjyhMnm
A0hJcmQgQDUVQArvoOxRMI7kj7XSMcYwEiSum15RcbYAsuTxLdR5z2W7OpJcBtPJ
fNpqHVDMO39KtYelnuz4+TTV14UhphwVqW7LTjRs6gnF8VYUGgtlJ9xoHEZk8Iqr
jYWMgy/5e5mJUo//Csfh5D6KsDfFwoiqQBhRU4DToUVffSJkpTguJ/Gl7Z9a70pI
PdUvikUeKMjXr8yhwYGY/NDySiHBGFR1gx1iL+qCpXQtaceTJnOiN9TD4EmUpW8g
yY9nHmewn6Hwa0yb+BEPdQ+Wsivd3Q073ewin5vQFML4UMf6bnMoxYf/mC3pLg==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:12:45 2025 by rpki-client