Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5820bae-05d9-4969-ba5c-057ac64a8fa5.roa
File:                     e5820bae-05d9-4969-ba5c-057ac64a8fa5.roa (raw, json)
Hash identifier:          YjrO7DDsLOpfh4gNQUznEakQosOHeBZBBQgYGT6RGxY=
Subject key identifier:   53:14:76:70:DC:D8:FD:E1:BA:D6:E8:52:60:C8:58:51:16:D1:81:DC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5F599B395110F9D2ADC0823731E88D3A3F4910A7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5820bae-05d9-4969-ba5c-057ac64a8fa5.roa
Signing time:             Mon 07 Jul 2025 17:10:54 +0000
ROA not before:           Mon 07 Jul 2025 17:10:54 +0000
ROA not after:            Mon 11 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f00:50c0::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 22 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:59:9b:39:51:10:f9:d2:ad:c0:82:37:31:e8:8d:3a:3f:49:10:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  7 17:10:54 2025 GMT
            Not After : Aug 11 23:59:59 2025 GMT
        Subject: serialNumber=a6aa84298b186e5defd925365d5848074522ac0602765a9460d1e9cfd22e85f2, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:40:a7:87:8f:9a:69:7a:b3:a9:bb:65:ab:ff:
                    27:18:e8:fd:d1:57:9e:2c:7e:6c:77:ef:96:27:94:
                    16:24:61:e1:e0:54:88:38:33:90:03:0d:67:38:59:
                    2a:0e:bd:47:c3:74:01:ca:ad:cc:c8:f2:27:d0:c1:
                    92:88:57:7f:5b:71:3e:61:3a:d1:66:85:fb:3d:2e:
                    f3:83:6a:65:63:72:49:47:a3:b2:97:64:fd:49:f4:
                    cd:f9:7a:e8:51:8d:98:6d:19:75:0b:cc:1f:87:d9:
                    5f:54:d9:a8:77:a0:77:e6:ac:e8:7b:df:0a:71:17:
                    d7:f4:be:d6:e7:89:28:c3:c3:3b:38:7f:a6:7e:ff:
                    a1:77:78:73:b1:9a:d7:39:93:e7:2e:f6:77:74:4b:
                    a8:88:a8:e2:00:3c:d1:92:5f:7d:46:f9:67:6c:47:
                    af:45:47:b1:7d:07:4b:c6:50:47:e4:1b:4d:e6:c6:
                    1b:6f:af:55:7b:98:ed:0c:d1:ea:ef:33:41:e3:9e:
                    71:7c:74:93:8f:34:2f:37:27:01:da:24:e0:47:b7:
                    7d:de:4b:28:e4:ca:21:d4:75:cb:09:e2:eb:0f:6b:
                    b4:6e:7b:74:ba:b9:af:91:ca:70:e7:a0:ad:f6:6e:
                    69:59:1e:7e:b1:e4:fc:cd:d6:35:87:2e:a2:91:e7:
                    93:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:14:76:70:DC:D8:FD:E1:BA:D6:E8:52:60:C8:58:51:16:D1:81:DC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5820bae-05d9-4969-ba5c-057ac64a8fa5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00:50c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         2a:0a:2a:5f:43:ec:de:d1:63:0c:aa:d1:f0:74:e2:9e:61:b3:
         b4:88:14:b1:30:8d:c3:25:68:84:b5:df:71:04:84:df:e1:1d:
         8e:ee:35:c5:12:3b:2b:b8:a2:1c:fe:2e:ee:03:a4:06:85:14:
         71:94:a7:2a:3b:f2:77:5f:66:f6:f0:6b:f5:f4:ef:2d:8a:2f:
         3e:d2:d6:db:65:e7:8e:2b:ab:15:92:2f:fb:fe:f5:ff:1e:b0:
         a3:9e:0d:1f:e7:16:a3:24:6e:22:9a:43:aa:10:7a:ff:94:19:
         06:11:de:c0:6a:44:fe:3c:72:97:71:1d:6b:65:e5:00:36:e9:
         d4:eb:a3:6a:51:f3:da:f2:7b:4b:8a:79:4a:9b:17:ad:44:c6:
         31:78:54:e0:fd:28:80:86:b6:6d:f4:5b:82:d8:ce:0e:b5:76:
         94:a5:62:03:6a:92:1b:99:1f:e4:9a:8f:cf:7a:e7:54:24:a3:
         7b:c6:00:85:f0:0e:7b:c3:f1:3b:dc:2b:f1:46:33:c7:57:14:
         69:eb:4c:f2:da:8a:33:85:81:1a:7d:a4:13:d6:48:36:45:02:
         5b:05:5f:22:b9:12:30:bb:a2:61:64:cb:33:4e:98:b3:e5:ca:
         53:08:e3:e7:db:db:09:e1:73:f2:a9:6d:fe:f1:17:bc:12:30:
         71:1c:16:76
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUX1mbOVEQ+dKtwII3MeiNOj9JEKcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA3MTcxMDU0WhcNMjUwODExMjM1OTU5
WjB6MUkwRwYDVQQFE0BhNmFhODQyOThiMTg2ZTVkZWZkOTI1MzY1ZDU4NDgwNzQ1
MjJhYzA2MDI3NjVhOTQ2MGQxZTljZmQyMmU4NWYyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDrQKeHj5pperOpu2Wr/ycY6P3RV54sfmx375YnlBYkYeHg
VIg4M5ADDWc4WSoOvUfDdAHKrczI8ifQwZKIV39bcT5hOtFmhfs9LvODamVjcklH
o7KXZP1J9M35euhRjZhtGXULzB+H2V9U2ah3oHfmrOh73wpxF9f0vtbniSjDwzs4
f6Z+/6F3eHOxmtc5k+cu9nd0S6iIqOIAPNGSX31G+WdsR69FR7F9B0vGUEfkG03m
xhtvr1V7mO0M0ervM0HjnnF8dJOPNC83JwHaJOBHt33eSyjkyiHUdcsJ4usPa7Ru
e3S6ua+RynDnoK32bmlZHn6x5PzN1jWHLqKR55MnAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUUxR2cNzY/eG61uhSYMhYURbRgdwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U1ODIwYmFlLTA1ZDktNDk2OS1iYTVjLTA1N2FjNjRhOGZhNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB8AUMAwDQYJKoZIhvcNAQELBQADggEBACoKKl9D7N7RYwyq0fB04p5h
s7SIFLEwjcMlaIS133EEhN/hHY7uNcUSOyu4ohz+Lu4DpAaFFHGUpyo78ndfZvbw
a/X07y2KLz7S1ttl544rqxWSL/v+9f8esKOeDR/nFqMkbiKaQ6oQev+UGQYR3sBq
RP48cpdxHWtl5QA26dTro2pR89rye0uKeUqbF61ExjF4VOD9KICGtm30W4LYzg61
dpSlYgNqkhuZH+Saj89651Qko3vGAIXwDnvD8TvcK/FGM8dXFGnrTPLaijOFgRp9
pBPWSDZFAlsFXyK5EjC7omFkyzNOmLPlylMI4+fb2wnhc/Kpbf7xF7wSMHEcFnY=
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:13:24 2025 by rpki-client