Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1b35ef4c-a3c4-48e9-9f86-c2d68b0fe6ce.roa
File:                     1b35ef4c-a3c4-48e9-9f86-c2d68b0fe6ce.roa (raw, json)
Hash identifier:          +MFnfvvN9r+xDnECdW7sfgoVjacL/w3YIuAr9LEsRZQ=
Subject key identifier:   F4:7F:96:65:77:4A:FD:D8:2C:36:24:B9:C6:EF:C4:62:DD:46:54:F4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0B529DFD2B58784F145C0E62BB310FABE588D31F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1b35ef4c-a3c4-48e9-9f86-c2d68b0fe6ce.roa
Signing time:             Tue 20 May 2025 00:30:18 +0000
ROA not before:           Tue 20 May 2025 00:30:18 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ffd:81c2::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:52:9d:fd:2b:58:78:4f:14:5c:0e:62:bb:31:0f:ab:e5:88:d3:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 20 00:30:18 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=450f2790075c78de5324eff4b496b189cb74567523d2c9d22d35f2251b6147ee, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:1e:cb:d8:b9:0b:ee:e6:2e:6c:15:18:86:ac:
                    fd:d3:be:bb:68:13:0d:06:de:2d:41:10:5b:2d:d2:
                    f3:b9:a0:68:62:a0:16:19:9a:26:09:34:cb:65:80:
                    84:89:f0:34:48:95:b0:1a:32:8e:28:c3:47:e1:f7:
                    57:83:b1:60:96:5e:6a:0a:6e:4c:46:e6:b9:18:6a:
                    81:54:df:7e:5b:af:18:73:93:05:b2:6a:9d:7e:23:
                    26:78:01:31:45:f7:50:c4:e3:5c:31:e1:c5:ff:df:
                    b9:77:3c:be:08:44:3d:ab:32:bd:30:8c:1a:43:81:
                    d3:7d:51:f8:a9:a9:8f:05:a8:d8:62:b0:6b:71:00:
                    76:86:f2:56:5e:e9:25:0a:2e:62:44:cd:99:c7:81:
                    4b:4a:c4:7a:47:7d:0f:f9:da:10:99:5c:f4:16:c7:
                    bb:88:20:3f:a0:91:fe:6f:8c:b7:ba:fd:31:2f:52:
                    ca:21:e9:27:8e:95:eb:f3:81:a6:5a:72:61:97:df:
                    34:8d:4f:1b:4a:c3:3f:f0:01:84:25:92:2b:87:eb:
                    8d:db:01:7d:47:ef:70:cf:48:ac:b2:07:24:95:c9:
                    f2:c1:f3:41:40:6a:48:1e:8d:30:6e:68:19:45:eb:
                    ff:8b:44:f5:85:b8:c0:73:5f:92:5a:77:8b:bd:09:
                    53:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:7F:96:65:77:4A:FD:D8:2C:36:24:B9:C6:EF:C4:62:DD:46:54:F4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1b35ef4c-a3c4-48e9-9f86-c2d68b0fe6ce.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffd:81c2::/48

    Signature Algorithm: sha256WithRSAEncryption
         48:75:17:64:06:95:3a:f4:2e:af:b8:d5:30:5d:11:f0:b9:ae:
         a2:68:48:f5:41:b7:9f:59:29:49:f3:19:75:44:4c:92:81:b7:
         0e:25:54:bd:ac:68:4f:c7:ba:ac:95:23:5d:24:8e:4f:47:a1:
         0c:af:e9:4e:5b:8d:67:33:87:7c:7d:66:99:d3:5a:42:0e:a9:
         c2:c1:8a:d3:ea:62:cd:d9:5b:b6:a5:53:c1:74:ab:d6:39:f0:
         f0:c1:5c:95:8a:d6:72:07:34:cf:cf:84:eb:5b:7d:8c:19:e5:
         d8:ab:79:a5:fc:1e:be:0c:1d:5a:f4:27:2a:44:3d:e1:38:e2:
         64:0b:e0:d4:50:36:0d:71:50:05:2d:dc:a3:d0:df:ac:6c:14:
         a2:0e:b4:3e:00:3b:97:24:74:97:e9:f2:be:8d:01:06:67:c5:
         a5:19:16:4e:92:bc:8a:ae:cc:0d:69:b6:22:7e:52:00:2d:b8:
         f9:87:4e:b9:cd:75:1e:7d:68:00:c2:6e:af:5c:f6:e4:89:bb:
         3c:b3:06:c5:cc:ae:ff:e1:12:73:f7:80:19:2c:74:d5:65:b9:
         55:94:fa:96:e1:53:4f:9a:20:22:e1:2d:27:05:01:20:57:2e:
         5b:3f:4b:86:07:12:9a:fe:d7:30:f4:31:de:13:66:1d:de:da:
         6f:89:22:1d
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUC1Kd/StYeE8UXA5iuzEPq+WI0x8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTIwMDAzMDE4WhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NTBmMjc5MDA3NWM3OGRlNTMyNGVmZjRiNDk2YjE4OWNi
NzQ1Njc1MjNkMmM5ZDIyZDM1ZjIyNTFiNjE0N2VlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWHsvYuQvu5i5sFRiGrP3TvrtoEw0G3i1BEFst0vO5oGhi
oBYZmiYJNMtlgISJ8DRIlbAaMo4ow0fh91eDsWCWXmoKbkxG5rkYaoFU335brxhz
kwWyap1+IyZ4ATFF91DE41wx4cX/37l3PL4IRD2rMr0wjBpDgdN9UfipqY8FqNhi
sGtxAHaG8lZe6SUKLmJEzZnHgUtKxHpHfQ/52hCZXPQWx7uIID+gkf5vjLe6/TEv
Usoh6SeOlevzgaZacmGX3zSNTxtKwz/wAYQlkiuH643bAX1H73DPSKyyBySVyfLB
80FAakgejTBuaBlF6/+LRPWFuMBzX5Jad4u9CVODAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU9H+WZXdK/dgsNiS5xu/EYt1GVPQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFiMzVlZjRjLWEzYzQtNDhlOS05Zjg2LWMyZDY4YjBmZTZjZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/9gcIwDQYJKoZIhvcNAQELBQADggEBAEh1F2QGlTr0Lq+41TBdEfC5
rqJoSPVBt59ZKUnzGXVETJKBtw4lVL2saE/HuqyVI10kjk9HoQyv6U5bjWczh3x9
ZpnTWkIOqcLBitPqYs3ZW7alU8F0q9Y58PDBXJWK1nIHNM/PhOtbfYwZ5direaX8
Hr4MHVr0JypEPeE44mQL4NRQNg1xUAUt3KPQ36xsFKIOtD4AO5ckdJfp8r6NAQZn
xaUZFk6SvIquzA1ptiJ+UgAtuPmHTrnNdR59aADCbq9c9uSJuzyzBsXMrv/hEnP3
gBksdNVluVWU+pbhU0+aICLhLScFASBXLls/S4YHEpr+1zD0Md4TZh3e2m+JIh0=
-----END CERTIFICATE-----
Generated at Sun Jun 1 04:21:48 2025 by rpki-client