Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/03ae4e74-5acd-4e00-b992-05190479b91d.roa
File:                     03ae4e74-5acd-4e00-b992-05190479b91d.roa (raw, json)
Hash identifier:          LWwXq27SLtGWl4DVhrvLp9LZ3wdXIJ53stOaDAnOC14=
Subject key identifier:   2F:EE:15:80:2D:FF:3E:56:52:A3:DD:01:DA:00:D3:2C:70:4B:C9:25
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       56C582334203FFC13C5951131E09E9EB2AD3F854
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/03ae4e74-5acd-4e00-b992-05190479b91d.roa
Signing time:             Mon 23 Jun 2025 15:20:12 +0000
ROA not before:           Mon 23 Jun 2025 15:20:12 +0000
ROA not after:            Mon 28 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f12:8000::/36 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 04 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:c5:82:33:42:03:ff:c1:3c:59:51:13:1e:09:e9:eb:2a:d3:f8:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 23 15:20:12 2025 GMT
            Not After : Jul 28 23:59:59 2025 GMT
        Subject: serialNumber=7d078439fe67c5c680c7cc720004a5aa31bac466d6b1cf19a818a7e15254d1a0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:b4:3b:0b:7e:29:92:7f:58:2c:00:d3:c6:a3:
                    b2:07:46:10:f9:f5:0d:7a:50:b7:3b:50:a6:c9:2f:
                    cc:82:ab:e2:c6:38:24:69:7e:ea:60:d8:ce:65:2d:
                    83:f2:7f:c3:8b:d3:e4:50:3a:1d:c7:9a:bf:2c:0c:
                    5d:a1:0b:df:48:b0:cc:fb:01:7c:42:76:d7:51:6a:
                    6a:a5:c5:b6:e2:7c:a8:f8:13:94:30:42:4a:f8:f8:
                    5f:d5:46:76:43:81:2d:5a:7f:de:e9:a1:48:2c:83:
                    00:68:bd:e0:ba:8f:b1:26:03:47:f8:19:39:ed:ea:
                    51:a0:51:35:a0:f5:ce:89:a3:9c:1f:b1:ef:a6:41:
                    95:22:b5:dc:27:2c:02:94:94:88:4b:fd:9c:08:e4:
                    84:e9:ef:2c:49:b1:c9:c7:82:af:ed:a4:83:91:fd:
                    83:db:56:ab:c1:de:6c:6a:29:77:f9:47:d2:b6:1b:
                    59:cf:3f:dd:e8:3e:82:e1:95:a5:81:b1:e4:2d:a7:
                    8e:d7:c4:6e:f0:b8:2a:c3:ed:d3:de:20:48:3e:ac:
                    a7:72:8d:e7:c9:a3:5e:5d:6e:52:d2:36:2f:ed:34:
                    83:e5:c7:18:a6:95:3d:b1:92:aa:ae:8c:aa:68:be:
                    cd:bd:d2:1b:e8:2d:81:5e:c3:a3:04:ed:14:19:69:
                    90:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:EE:15:80:2D:FF:3E:56:52:A3:DD:01:DA:00:D3:2C:70:4B:C9:25
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/03ae4e74-5acd-4e00-b992-05190479b91d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f12:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         0d:0b:65:c1:99:d9:f0:c4:39:46:a2:25:fc:2d:b5:ff:13:1b:
         1a:4b:48:e3:b6:ab:c1:a8:fc:a9:a2:49:11:52:ec:d3:5c:4d:
         20:92:fa:fa:51:44:bf:e0:ae:0d:76:fd:65:5e:67:04:7e:c7:
         2b:99:09:26:a4:87:51:b4:ff:93:0c:47:13:42:70:2d:1f:43:
         bc:36:ac:d8:9b:21:5a:e0:fc:a2:c9:cb:95:89:e9:80:8c:b5:
         34:34:85:2f:27:ca:bd:7e:ea:5d:2d:75:d5:b8:44:13:a4:c2:
         aa:0c:cd:6e:31:70:ec:04:b1:0c:eb:cf:9c:1d:4e:b7:b3:cf:
         ed:11:21:df:af:87:3f:80:9f:47:d2:4c:7e:2f:11:b5:23:59:
         fc:ed:1c:7a:af:f7:0e:dd:b1:c2:22:95:a1:a5:8d:dd:43:b5:
         be:8f:70:99:97:05:87:b5:bb:b0:c6:91:fa:75:78:84:f2:33:
         c9:f7:6c:17:20:b9:59:53:55:b7:96:fc:21:00:9f:5b:05:99:
         df:d1:a4:fe:78:cb:8f:a7:bf:05:57:65:d3:39:a3:76:33:78:
         dd:46:08:70:91:13:f1:b9:09:ff:40:d2:30:38:03:a6:08:7b:
         f1:f0:b7:a0:4c:14:e0:7f:60:e2:38:52:b6:5c:a8:12:6c:17:
         9a:43:fa:a4
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUVsWCM0ID/8E8WVETHgnp6yrT+FQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjIzMTUyMDEyWhcNMjUwNzI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZDA3ODQzOWZlNjdjNWM2ODBjN2NjNzIwMDA0YTVhYTMx
YmFjNDY2ZDZiMWNmMTlhODE4YTdlMTUyNTRkMWEwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCltDsLfimSf1gsANPGo7IHRhD59Q16ULc7UKbJL8yCq+LG
OCRpfupg2M5lLYPyf8OL0+RQOh3Hmr8sDF2hC99IsMz7AXxCdtdRamqlxbbifKj4
E5QwQkr4+F/VRnZDgS1af97poUgsgwBoveC6j7EmA0f4GTnt6lGgUTWg9c6Jo5wf
se+mQZUitdwnLAKUlIhL/ZwI5ITp7yxJscnHgq/tpIOR/YPbVqvB3mxqKXf5R9K2
G1nPP93oPoLhlaWBseQtp47XxG7wuCrD7dPeIEg+rKdyjefJo15dblLSNi/tNIPl
xximlT2xkqqujKpovs290hvoLYFew6ME7RQZaZB5AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUL+4VgC3/PlZSo90B2gDTLHBLySUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzAzYWU0ZTc0LTVhY2QtNGUwMC1iOTkyLTA1MTkwNDc5YjkxZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8SgDANBgkqhkiG9w0BAQsFAAOCAQEADQtlwZnZ8MQ5RqIl/C21/xMb
GktI47arwaj8qaJJEVLs01xNIJL6+lFEv+CuDXb9ZV5nBH7HK5kJJqSHUbT/kwxH
E0JwLR9DvDas2JshWuD8osnLlYnpgIy1NDSFLyfKvX7qXS111bhEE6TCqgzNbjFw
7ASxDOvPnB1Ot7PP7REh36+HP4CfR9JMfi8RtSNZ/O0ceq/3Dt2xwiKVoaWN3UO1
vo9wmZcFh7W7sMaR+nV4hPIzyfdsFyC5WVNVt5b8IQCfWwWZ39Gk/njLj6e/BVdl
0zmjdjN43UYIcJET8bkJ/0DSMDgDpgh78fC3oEwU4H9g4jhStlyoEmwXmkP6pA==
-----END CERTIFICATE-----
Generated at Thu Jul 3 05:11:12 2025 by rpki-client