Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/379473a4-1fad-417b-8aa1-0054523c76bb.roa
File:                     379473a4-1fad-417b-8aa1-0054523c76bb.roa (raw, json)
Hash identifier:          J7N/V/B5KLHYNYJqLnoJAVtR6REgVw4ljnUhn1hPtqo=
Subject key identifier:   A8:A8:49:44:34:27:01:0F:CB:45:51:20:86:FE:F4:E5:9D:37:4F:ED
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       68B5DD2C9E03AD5A37F5A2179560FB33CB648A5A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/379473a4-1fad-417b-8aa1-0054523c76bb.roa
Signing time:             Tue 24 Jun 2025 00:21:41 +0000
ROA not before:           Tue 24 Jun 2025 00:21:41 +0000
ROA not after:            Tue 29 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2620:107:4002::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 07 Jul 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:b5:dd:2c:9e:03:ad:5a:37:f5:a2:17:95:60:fb:33:cb:64:8a:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 24 00:21:41 2025 GMT
            Not After : Jul 29 23:59:59 2025 GMT
        Subject: serialNumber=12906d67a01d6e54f5d8258c097adb295710fbcff835ee423a9e6c980f625636, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:03:17:23:7e:94:2e:5f:f6:1c:e7:40:e4:27:
                    78:e5:d5:43:00:30:98:8b:19:ee:bf:42:33:9e:73:
                    52:3b:9d:d0:25:9a:42:1d:f1:15:e4:5e:5e:a2:78:
                    53:9a:cf:68:67:f2:6c:8c:ab:3e:2f:7f:eb:91:12:
                    ae:29:fa:47:e0:21:44:99:bb:32:0f:b0:64:83:9c:
                    27:85:aa:72:e2:d0:30:64:cb:18:e7:18:ba:f6:92:
                    5c:83:c9:b0:1d:55:c3:66:33:79:c4:a1:57:2c:f6:
                    14:e7:8b:f0:dc:af:07:96:39:25:3f:66:45:ad:f9:
                    62:48:9d:31:9a:f2:ad:50:ce:dc:1b:0c:b1:77:2f:
                    63:fa:a4:41:74:6f:5f:f1:60:3d:b8:4f:ff:51:c0:
                    f2:8b:f3:4c:a0:dc:0e:50:0d:c5:2a:86:e9:5c:59:
                    d2:d0:94:52:28:75:5e:7d:cc:74:d3:e5:59:6d:98:
                    3b:dd:23:a2:c9:08:12:7e:55:df:62:c2:d6:2a:89:
                    7c:ad:34:81:12:42:9c:da:96:aa:84:4d:e0:fb:5b:
                    a8:0f:22:20:f8:d6:eb:8a:4d:ad:51:10:7f:2a:4a:
                    44:08:09:81:2e:60:d9:90:94:0e:be:0e:b0:4e:e6:
                    6a:fa:e5:98:ad:28:af:79:09:85:4b:13:9c:c0:b2:
                    e6:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:A8:49:44:34:27:01:0F:CB:45:51:20:86:FE:F4:E5:9D:37:4F:ED
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/379473a4-1fad-417b-8aa1-0054523c76bb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:107:4002::/48

    Signature Algorithm: sha256WithRSAEncryption
         be:b0:d2:83:97:4d:8d:0b:47:59:4f:30:2b:f8:69:fc:25:37:
         74:95:2f:97:2e:f4:1b:86:4a:76:87:4f:05:c6:9b:53:cb:36:
         89:a2:7b:0d:63:9d:80:7b:29:06:90:8f:ed:4f:42:dc:9d:5e:
         81:72:63:9a:1f:9e:5b:d1:bd:23:4f:3b:50:fc:43:b4:1e:73:
         88:37:bd:cb:d5:64:af:d9:de:4a:e8:f5:24:c3:24:b5:dc:17:
         c6:dc:94:96:c5:c3:4c:4a:8f:62:91:eb:14:d1:ea:46:e6:56:
         6b:4f:a2:6d:c6:38:fe:0b:81:04:20:ba:08:76:cd:36:02:84:
         1d:93:a4:0a:d3:15:98:ba:fc:90:aa:2e:4b:86:cc:84:27:f3:
         0c:75:af:f4:4b:81:94:eb:6c:96:5d:a3:ca:89:6f:8b:32:c4:
         12:3c:6a:49:9e:ce:ae:5b:b0:04:cc:85:c2:96:02:a7:6e:14:
         a9:7e:72:f6:1f:47:98:2c:f4:5f:35:ab:8b:75:96:55:20:9f:
         1c:cf:fd:c4:6b:ff:b6:8a:84:d9:7a:9f:53:e3:11:7f:be:c1:
         8f:9b:93:2b:2b:ee:99:6d:b2:38:7b:a6:53:4d:9c:10:fe:05:
         0b:78:ff:d2:a7:7f:46:7a:eb:ef:50:a5:0d:ea:e7:7f:75:f3:
         0f:e1:e0:20
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUaLXdLJ4DrVo39aIXlWD7M8tkilowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjI0MDAyMTQxWhcNMjUwNzI5MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMjkwNmQ2N2EwMWQ2ZTU0ZjVkODI1OGMwOTdhZGIyOTU3
MTBmYmNmZjgzNWVlNDIzYTllNmM5ODBmNjI1NjM2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqAxcjfpQuX/Yc50DkJ3jl1UMAMJiLGe6/QjOec1I7ndAl
mkId8RXkXl6ieFOaz2hn8myMqz4vf+uREq4p+kfgIUSZuzIPsGSDnCeFqnLi0DBk
yxjnGLr2klyDybAdVcNmM3nEoVcs9hTni/DcrweWOSU/ZkWt+WJInTGa8q1Qztwb
DLF3L2P6pEF0b1/xYD24T/9RwPKL80yg3A5QDcUqhulcWdLQlFIodV59zHTT5Vlt
mDvdI6LJCBJ+Vd9iwtYqiXytNIESQpzalqqETeD7W6gPIiD41uuKTa1REH8qSkQI
CYEuYNmQlA6+DrBO5mr65ZitKK95CYVLE5zAsuYHAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUqKhJRDQnAQ/LRVEghv705Z03T+0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM3OTQ3M2E0LTFmYWQtNDE3Yi04YWExLTAwNTQ1MjNjNzZiYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmIAEHQAIwDQYJKoZIhvcNAQELBQADggEBAL6w0oOXTY0LR1lPMCv4afwl
N3SVL5cu9BuGSnaHTwXGm1PLNomiew1jnYB7KQaQj+1PQtydXoFyY5ofnlvRvSNP
O1D8Q7Qec4g3vcvVZK/Z3kro9STDJLXcF8bclJbFw0xKj2KR6xTR6kbmVmtPom3G
OP4LgQQgugh2zTYChB2TpArTFZi6/JCqLkuGzIQn8wx1r/RLgZTrbJZdo8qJb4sy
xBI8akmezq5bsATMhcKWAqduFKl+cvYfR5gs9F81q4t1llUgnxzP/cRr/7aKhNl6
n1PjEX++wY+bkysr7pltsjh7plNNnBD+BQt4/9Knf0Z66+9QpQ3q53918w/h4CA=
-----END CERTIFICATE-----
Generated at Sat Jul 5 19:03:13 2025 by rpki-client