Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4a399bd-92c0-4ab0-8b7a-be88117e012b.roa
File:                     e4a399bd-92c0-4ab0-8b7a-be88117e012b.roa (raw, json)
Hash identifier:          aoLN5Z4vqlAeWGJJrbWIJojSUP6HGKh7nIAzAs4IclQ=
Subject key identifier:   4F:E4:3E:DB:19:89:4D:58:1E:07:8E:A4:09:EF:71:0C:D5:B9:72:C1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       02369E924FC7F74B4EE551803907C6533C102416
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4a399bd-92c0-4ab0-8b7a-be88117e012b.roa
Signing time:             Tue 08 Jul 2025 16:31:28 +0000
ROA not before:           Tue 08 Jul 2025 16:31:28 +0000
ROA not after:            Tue 12 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f32:6000::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:36:9e:92:4f:c7:f7:4b:4e:e5:51:80:39:07:c6:53:3c:10:24:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  8 16:31:28 2025 GMT
            Not After : Aug 12 23:59:59 2025 GMT
        Subject: serialNumber=514f6c670494469d56f724ea09f0681daf49388e31f7d11aa2c88ed406d58acf, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:62:a2:f0:d2:7a:a9:3c:c5:f5:75:00:9b:10:
                    db:c1:c8:4f:b6:53:36:29:a5:ec:fc:19:9d:77:bd:
                    e4:f4:82:f1:d7:1f:56:36:b4:8e:89:9e:07:13:6f:
                    a1:84:63:db:be:e5:b3:04:36:0b:42:41:16:a2:75:
                    f0:65:91:7a:8c:d5:87:5b:df:a4:51:d3:9c:19:e2:
                    5a:2f:f4:19:87:97:a6:88:88:3d:51:ad:05:ca:72:
                    a2:0e:35:a4:07:37:69:ce:ca:48:c4:d6:0b:65:4b:
                    ca:15:71:6d:d2:2f:74:a8:70:cb:81:48:5f:e0:cf:
                    a8:25:ac:a7:6b:58:db:d2:62:03:71:2e:e7:2c:a8:
                    af:5a:e4:7f:d4:c2:f6:67:b7:9a:07:30:8a:e7:c8:
                    c0:b9:dd:0d:7c:32:b6:00:01:59:fe:60:34:b3:b5:
                    05:ab:bf:09:c3:04:70:d1:7e:92:2e:07:d9:e5:27:
                    4d:94:cf:cd:f2:f9:70:c9:28:5d:bd:72:dc:3d:09:
                    e4:44:5a:fe:de:26:88:24:88:7f:42:d0:47:d1:3c:
                    c4:7a:11:b5:a7:45:a5:d9:62:50:25:4d:a7:dd:07:
                    74:50:63:fd:bb:4b:fe:04:1c:e8:52:07:a5:2a:d7:
                    6a:6e:56:b2:18:21:59:3c:94:da:1b:fa:00:01:bd:
                    52:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:E4:3E:DB:19:89:4D:58:1E:07:8E:A4:09:EF:71:0C:D5:B9:72:C1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4a399bd-92c0-4ab0-8b7a-be88117e012b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f32:6000::/40

    Signature Algorithm: sha256WithRSAEncryption
         93:98:ab:ed:00:81:c5:af:1d:90:03:6e:d5:99:6e:2c:2c:f3:
         c5:7c:1e:e0:d6:f8:0b:a8:d8:25:52:eb:95:d0:b3:41:c7:fa:
         fa:c2:ee:ac:ad:75:16:b5:72:5b:9e:84:a3:18:3c:b1:d1:06:
         49:39:64:4f:59:bd:2c:7b:cd:cc:a6:ad:2b:14:dd:7d:ca:e5:
         0d:5a:88:a6:1a:bd:2a:96:43:79:c9:0d:c9:e3:1c:69:f0:78:
         61:ff:11:11:60:55:b0:f6:45:45:2b:12:2c:7d:73:58:34:19:
         64:77:c3:ea:75:e8:0b:37:6d:4b:e7:b1:a8:b6:65:da:e4:74:
         55:fb:06:2a:c9:a1:3c:d7:d4:ff:d6:c9:a4:5a:34:c3:4c:ba:
         e7:94:83:0a:45:ef:4a:76:b7:3c:04:6f:96:4e:d2:80:99:ab:
         1d:64:35:94:44:3d:fb:cd:94:67:d9:55:21:90:04:07:82:33:
         f0:24:d5:ae:92:66:a6:1d:3a:c9:8f:e2:0a:d6:ac:44:d3:83:
         15:1f:58:05:84:2d:85:9c:1f:bd:da:f3:2a:27:74:5a:79:a6:
         60:bb:80:e7:d3:0d:71:70:88:5b:99:66:c9:3f:0e:d0:ef:7e:
         56:f8:21:9f:cd:3e:21:16:bd:93:76:d5:ee:13:14:5a:d6:11:
         90:ce:0b:fc
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUAjaekk/H90tO5VGAOQfGUzwQJBYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA4MTYzMTI4WhcNMjUwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A1MTRmNmM2NzA0OTQ0NjlkNTZmNzI0ZWEwOWYwNjgxZGFm
NDkzODhlMzFmN2QxMWFhMmM4OGVkNDA2ZDU4YWNmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMYqLw0nqpPMX1dQCbENvByE+2UzYppez8GZ13veT0gvHX
H1Y2tI6JngcTb6GEY9u+5bMENgtCQRaidfBlkXqM1Ydb36RR05wZ4lov9BmHl6aI
iD1RrQXKcqIONaQHN2nOykjE1gtlS8oVcW3SL3SocMuBSF/gz6glrKdrWNvSYgNx
LucsqK9a5H/UwvZnt5oHMIrnyMC53Q18MrYAAVn+YDSztQWrvwnDBHDRfpIuB9nl
J02Uz83y+XDJKF29ctw9CeREWv7eJogkiH9C0EfRPMR6EbWnRaXZYlAlTafdB3RQ
Y/27S/4EHOhSB6Uq12puVrIYIVk8lNob+gABvVJ5AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUT+Q+2xmJTVgeB46kCe9xDNW5csEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U0YTM5OWJkLTkyYzAtNGFiMC04YjdhLWJlODgxMTdlMDEyYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB8yYDANBgkqhkiG9w0BAQsFAAOCAQEAk5ir7QCBxa8dkANu1ZluLCzz
xXwe4Nb4C6jYJVLrldCzQcf6+sLurK11FrVyW56Eoxg8sdEGSTlkT1m9LHvNzKat
KxTdfcrlDVqIphq9KpZDeckNyeMcafB4Yf8REWBVsPZFRSsSLH1zWDQZZHfD6nXo
CzdtS+exqLZl2uR0VfsGKsmhPNfU/9bJpFo0w0y655SDCkXvSna3PARvlk7SgJmr
HWQ1lEQ9+82UZ9lVIZAEB4Iz8CTVrpJmph06yY/iCtasRNODFR9YBYQthZwfvdrz
Kid0WnmmYLuA59MNcXCIW5lmyT8O0O9+Vvghn80+IRa9k3bV7hMUWtYRkM4L/A==
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:55:20 2025 by rpki-client