Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/256bc272-ebb6-462f-991d-7a61b0a215d4.roa
File:                     256bc272-ebb6-462f-991d-7a61b0a215d4.roa (raw, json)
Hash identifier:          RMPkK72tVB2zXciw05fk3QzawM8QmgZDCcV3gzYVRFM=
Subject key identifier:   86:49:A5:8F:15:AF:5A:9C:A2:74:5D:7A:2C:63:40:7A:16:3E:C5:A5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2ECD68CAFEA483207E51CB225AA50D8F4435E46A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/256bc272-ebb6-462f-991d-7a61b0a215d4.roa
Signing time:             Sat 17 May 2025 00:41:56 +0000
ROA not before:           Sat 17 May 2025 00:41:56 +0000
ROA not after:            Sat 21 Jun 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f00:8090::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 10 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:cd:68:ca:fe:a4:83:20:7e:51:cb:22:5a:a5:0d:8f:44:35:e4:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 17 00:41:56 2025 GMT
            Not After : Jun 21 23:59:59 2025 GMT
        Subject: serialNumber=1d7c2517a9863708beda28b02d114452845c0830fcbe8d426766883fbee34dbf, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:c8:54:ed:21:b7:ca:95:9b:07:1e:d2:2c:4d:
                    5d:c6:82:65:a3:27:bf:92:36:82:15:7b:2b:59:85:
                    c1:ee:18:63:e6:b1:6e:b3:56:e9:3c:f2:72:f7:1d:
                    b2:54:bc:67:73:84:26:b6:89:9e:61:c3:1a:f2:d5:
                    35:1c:16:44:b5:10:b8:bb:59:aa:86:88:5b:ae:6b:
                    df:0a:20:6d:a5:cd:c6:e8:e1:b3:12:1f:94:48:37:
                    f3:98:be:94:73:e9:6d:5d:55:8b:0b:c2:14:19:a6:
                    cc:63:91:1e:c0:d2:7d:6d:70:3d:61:26:e8:42:ad:
                    9d:52:a9:92:69:99:48:58:a2:5e:6d:16:fe:20:db:
                    99:5d:58:c6:7d:c4:20:11:74:e5:ef:b8:cc:b9:22:
                    21:17:cf:a0:ab:dc:a1:7e:25:cb:63:9b:1b:aa:21:
                    27:6d:cd:85:04:58:1f:83:fc:d3:4e:3b:97:ca:59:
                    ca:b4:3f:da:75:b9:83:3e:f4:e2:6c:77:1d:15:66:
                    0a:e1:be:e5:46:32:a3:70:e8:8f:a3:a6:aa:fb:45:
                    7c:48:a1:2e:04:57:d8:3d:2c:ed:a0:cb:cc:7d:f0:
                    d2:f2:40:00:53:16:16:6f:ea:08:07:03:db:03:08:
                    b6:f6:ec:16:e5:89:85:23:16:2c:e8:8e:e6:62:d8:
                    a6:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:49:A5:8F:15:AF:5A:9C:A2:74:5D:7A:2C:63:40:7A:16:3E:C5:A5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/256bc272-ebb6-462f-991d-7a61b0a215d4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00:8090::/48

    Signature Algorithm: sha256WithRSAEncryption
         7f:c3:5f:4b:c7:46:76:4a:fd:30:85:eb:62:d9:03:84:cd:ad:
         53:51:58:60:a7:35:b1:f8:f8:74:7a:2d:0e:7d:7e:7c:38:0f:
         f8:3a:d9:89:df:c4:c7:1e:c9:b0:8d:2b:85:4d:22:22:5d:be:
         31:16:7a:59:76:da:4c:96:f3:45:14:16:43:3b:4b:cc:2d:11:
         e7:b0:bb:ad:11:99:07:71:0a:14:b7:01:63:63:91:42:f9:f8:
         d4:11:31:88:06:a5:38:46:c4:5c:c6:27:8b:4a:4f:05:68:ab:
         d5:e4:c9:81:8a:28:ad:bd:98:2e:b6:54:74:2c:b4:57:a1:18:
         b0:ed:f9:22:17:3b:7f:d0:cf:22:81:97:6f:25:a7:94:47:51:
         c7:fe:13:bc:64:55:56:5b:3f:86:07:5d:7a:5d:64:cd:54:0e:
         3c:ce:1e:db:08:ac:69:04:e4:bc:b8:c3:19:75:88:6b:ec:36:
         38:2b:b3:5c:c6:18:52:52:c1:15:34:3e:27:fc:3a:82:3d:cd:
         06:82:40:a1:9b:06:51:c9:80:09:5b:9f:51:ee:79:ac:59:9b:
         06:9f:3f:ba:37:c3:9f:5e:1a:9b:69:f3:1a:d3:c1:38:e3:bb:
         de:c3:62:89:1a:f4:99:a6:e4:6c:b0:bb:99:99:79:01:35:ef:
         0a:fe:25:47
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIULs1oyv6kgyB+UcsiWqUNj0Q15GowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTE3MDA0MTU2WhcNMjUwNjIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AxZDdjMjUxN2E5ODYzNzA4YmVkYTI4YjAyZDExNDQ1Mjg0
NWMwODMwZmNiZThkNDI2NzY2ODgzZmJlZTM0ZGJmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyyFTtIbfKlZsHHtIsTV3GgmWjJ7+SNoIVeytZhcHuGGPm
sW6zVuk88nL3HbJUvGdzhCa2iZ5hwxry1TUcFkS1ELi7WaqGiFuua98KIG2lzcbo
4bMSH5RIN/OYvpRz6W1dVYsLwhQZpsxjkR7A0n1tcD1hJuhCrZ1SqZJpmUhYol5t
Fv4g25ldWMZ9xCARdOXvuMy5IiEXz6Cr3KF+JctjmxuqISdtzYUEWB+D/NNOO5fK
Wcq0P9p1uYM+9OJsdx0VZgrhvuVGMqNw6I+jpqr7RXxIoS4EV9g9LO2gy8x98NLy
QABTFhZv6ggHA9sDCLb27BbliYUjFizojuZi2KbBAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUhkmljxWvWpyidF16LGNAehY+xaUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI1NmJjMjcyLWViYjYtNDYyZi05OTFkLTdhNjFiMGEyMTVkNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB8AgJAwDQYJKoZIhvcNAQELBQADggEBAH/DX0vHRnZK/TCF62LZA4TN
rVNRWGCnNbH4+HR6LQ59fnw4D/g62YnfxMceybCNK4VNIiJdvjEWell22kyW80UU
FkM7S8wtEeewu60RmQdxChS3AWNjkUL5+NQRMYgGpThGxFzGJ4tKTwVoq9XkyYGK
KK29mC62VHQstFehGLDt+SIXO3/QzyKBl28lp5RHUcf+E7xkVVZbP4YHXXpdZM1U
DjzOHtsIrGkE5Ly4wxl1iGvsNjgrs1zGGFJSwRU0Pif8OoI9zQaCQKGbBlHJgAlb
n1HueaxZmwafP7o3w59eGptp8xrTwTjju97DYoka9Jmm5Gywu5mZeQE17wr+JUc=
-----END CERTIFICATE-----
Generated at Mon Jun 9 10:46:33 2025 by rpki-client