Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e1cdc500-54c5-447c-974f-78ae9d1df2ff.roa
File:                     e1cdc500-54c5-447c-974f-78ae9d1df2ff.roa (raw, json)
Hash identifier:          W/5SO71V9yz/HRSdG7SO9VYNciy/pnZAV+w9YCwb47E=
Subject key identifier:   57:E9:01:7D:EB:3E:FE:D0:CC:8C:FC:45:A3:74:71:F7:0C:88:9D:B6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       112340C5C6F89644ACDA702FD892F85EE1BD8B98
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e1cdc500-54c5-447c-974f-78ae9d1df2ff.roa
Signing time:             Mon 21 Jul 2025 16:00:57 +0000
ROA not before:           Mon 21 Jul 2025 16:00:57 +0000
ROA not after:            Mon 25 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1ff7:8000::/39 maxlen: 39
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:23:40:c5:c6:f8:96:44:ac:da:70:2f:d8:92:f8:5e:e1:bd:8b:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 21 16:00:57 2025 GMT
            Not After : Aug 25 23:59:59 2025 GMT
        Subject: serialNumber=0795956f96f25da4fbdc7224f1ee87d7c3006cb1ced16fb90018c2fbcc3792c2, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:18:3e:70:3d:e1:88:92:c3:fc:75:32:11:8b:
                    70:8f:bd:01:20:c5:99:93:dd:39:05:fb:be:96:b2:
                    ce:dc:95:c9:93:44:27:72:cf:a3:4f:50:41:04:be:
                    11:94:0f:60:24:36:c5:2f:ba:37:10:9d:ca:47:d3:
                    bf:8d:fd:b5:d6:57:bd:75:c1:c8:d7:61:e1:a5:0f:
                    04:55:56:d1:f1:bf:c6:87:d6:da:19:42:99:c3:ae:
                    2e:57:46:8b:c3:2f:9b:62:c5:01:27:c9:36:5b:88:
                    59:47:71:6f:f4:29:0e:1d:f8:42:b3:48:a1:11:30:
                    c7:ba:a3:d6:20:8d:dc:fe:40:a9:7e:7a:af:bb:97:
                    87:e1:5f:01:c1:f6:8f:6f:a6:83:75:8c:59:e7:42:
                    3f:5d:34:f3:ad:33:75:6b:4a:da:2c:a0:12:30:69:
                    39:c2:fd:54:b3:38:bf:8d:c1:bb:8f:9d:41:1b:73:
                    87:dd:1b:15:a7:56:e4:51:47:e4:58:c1:b5:b5:53:
                    45:b5:a8:a2:5f:18:b4:84:e3:2b:f3:18:69:00:5d:
                    c0:3d:08:da:df:3c:8c:ea:08:75:4a:65:ee:c5:1e:
                    a2:a7:c0:66:81:23:5c:86:3a:07:92:75:ae:86:3e:
                    49:0d:77:34:fc:46:19:ab:b0:52:fa:60:06:04:a2:
                    20:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:E9:01:7D:EB:3E:FE:D0:CC:8C:FC:45:A3:74:71:F7:0C:88:9D:B6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e1cdc500-54c5-447c-974f-78ae9d1df2ff.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff7:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         45:9d:94:ce:df:df:92:60:dd:12:cc:10:0b:e8:28:e8:37:f5:
         03:e0:a4:94:f2:2d:df:23:d3:81:33:6f:81:55:97:c1:0a:01:
         e3:04:e0:55:22:ee:69:9d:cc:ff:78:0e:58:d5:71:c4:48:59:
         71:cb:45:da:8d:5c:92:16:f7:32:37:fe:ac:85:9e:97:12:4f:
         0b:bd:27:ae:82:8d:3e:82:a1:b2:57:e6:cb:9c:c4:9e:3d:ed:
         eb:ff:31:f6:16:24:fc:e3:de:4d:2e:ea:d5:44:c0:d9:4c:e4:
         90:c9:8b:2d:ee:0e:a9:c9:74:f9:4f:73:99:e5:47:24:38:a0:
         03:92:33:04:48:74:7c:c2:57:6c:4e:55:1c:e3:1a:89:33:31:
         a9:88:db:f7:6a:e4:3f:80:49:aa:b3:9e:e4:fb:59:4c:a7:89:
         19:78:b5:65:bc:f0:30:b1:ab:66:84:3b:d2:e7:31:c6:c7:a3:
         dc:9c:aa:47:83:0a:01:d4:48:6c:92:e2:ee:1d:31:ba:63:89:
         95:00:8f:6d:9f:bb:dc:7d:2d:7b:48:54:3e:22:67:0e:bf:9d:
         68:61:5c:e8:2f:66:a1:98:ec:60:2c:45:00:2c:6f:0b:54:99:
         86:da:d5:4a:f9:0f:58:75:21:e0:45:ab:70:4f:24:d7:98:73:
         de:8b:46:98
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUESNAxcb4lkSs2nAv2JL4XuG9i5gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIxMTYwMDU3WhcNMjUwODI1MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNzk1OTU2Zjk2ZjI1ZGE0ZmJkYzcyMjRmMWVlODdkN2Mz
MDA2Y2IxY2VkMTZmYjkwMDE4YzJmYmNjMzc5MmMyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/GD5wPeGIksP8dTIRi3CPvQEgxZmT3TkF+76Wss7clcmT
RCdyz6NPUEEEvhGUD2AkNsUvujcQncpH07+N/bXWV711wcjXYeGlDwRVVtHxv8aH
1toZQpnDri5XRovDL5tixQEnyTZbiFlHcW/0KQ4d+EKzSKERMMe6o9Ygjdz+QKl+
eq+7l4fhXwHB9o9vpoN1jFnnQj9dNPOtM3VrStosoBIwaTnC/VSzOL+NwbuPnUEb
c4fdGxWnVuRRR+RYwbW1U0W1qKJfGLSE4yvzGGkAXcA9CNrfPIzqCHVKZe7FHqKn
wGaBI1yGOgeSda6GPkkNdzT8RhmrsFL6YAYEoiDXAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUV+kBfes+/tDMjPxFo3Rx9wyInbYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2UxY2RjNTAwLTU0YzUtNDQ3Yy05NzRmLTc4YWU5ZDFkZjJmZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB/3gDANBgkqhkiG9w0BAQsFAAOCAQEARZ2Uzt/fkmDdEswQC+go6Df1
A+CklPIt3yPTgTNvgVWXwQoB4wTgVSLuaZ3M/3gOWNVxxEhZcctF2o1ckhb3Mjf+
rIWelxJPC70nroKNPoKhslfmy5zEnj3t6/8x9hYk/OPeTS7q1UTA2UzkkMmLLe4O
qcl0+U9zmeVHJDigA5IzBEh0fMJXbE5VHOMaiTMxqYjb92rkP4BJqrOe5PtZTKeJ
GXi1ZbzwMLGrZoQ70ucxxsej3JyqR4MKAdRIbJLi7h0xumOJlQCPbZ+73H0te0hU
PiJnDr+daGFc6C9moZjsYCxFACxvC1SZhtrVSvkPWHUh4EWrcE8k15hz3otGmA==
-----END CERTIFICATE-----
Generated at Wed Jul 23 08:26:17 2025 by rpki-client