Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/616e4134-09a6-4be2-bb0a-458670061cbd.roa
File:                     616e4134-09a6-4be2-bb0a-458670061cbd.roa (raw, json)
Hash identifier:          PkbVgAPpuPhCQZdUA+FQf9YNmXq6aq7KPcTSl248PFk=
Subject key identifier:   58:90:DE:6B:6D:F0:3A:A4:6E:98:09:C5:20:62:EA:CA:40:F8:43:98
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2E8B6D378B4CC5F2F033CAF652763F73A705ED2D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/616e4134-09a6-4be2-bb0a-458670061cbd.roa
Signing time:             Tue 02 Sep 2025 00:11:12 +0000
ROA not before:           Tue 02 Sep 2025 00:11:12 +0000
ROA not after:            Tue 07 Oct 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1f25::/36 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 08 Sep 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:8b:6d:37:8b:4c:c5:f2:f0:33:ca:f6:52:76:3f:73:a7:05:ed:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep  2 00:11:12 2025 GMT
            Not After : Oct  7 23:59:59 2025 GMT
        Subject: serialNumber=1b6659bd7de05282a8d27a57a1ad5ccb1a401a9135bcd38573043a7a18ec2e80, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:24:20:08:9a:53:57:76:41:99:b3:15:5f:ab:
                    dd:9f:f6:ec:5b:27:3b:93:6d:99:e2:51:c2:53:07:
                    bf:f9:85:ea:e5:26:b1:23:0c:3b:2a:56:20:9e:dd:
                    24:d5:4c:0a:a8:8d:d4:42:e3:57:52:42:5f:e9:88:
                    4a:4d:b9:43:e4:b7:55:65:8b:bd:f8:57:ae:0f:3c:
                    a0:42:f6:73:fb:b4:da:8c:01:7e:73:ad:7d:a8:a5:
                    58:a1:48:92:5b:59:31:8b:ab:37:bb:1c:be:96:63:
                    35:e6:0d:7a:c8:2f:18:25:ad:fa:75:d5:ee:c6:f2:
                    a7:fb:6e:e4:c9:e8:55:7e:d0:97:e8:27:2a:d1:ac:
                    2d:80:d5:bc:8d:b5:18:9b:53:0a:75:de:3b:8a:78:
                    1c:cb:42:a9:d0:59:eb:92:5d:57:4f:54:ff:a5:cc:
                    f7:11:1f:45:46:a4:53:fe:5e:38:fd:c4:27:46:f4:
                    af:64:74:d7:76:1a:b5:2c:95:0e:10:31:da:08:97:
                    b7:70:db:ff:fd:85:fd:93:a2:53:cb:d6:82:5f:08:
                    35:34:fa:e5:42:75:82:a0:d4:8e:b6:e6:52:56:4e:
                    42:49:9d:97:63:a1:d7:bd:5b:2d:ee:ee:60:59:5e:
                    5d:a4:f4:d1:f1:7a:e6:de:9f:bb:d9:c0:c0:f6:11:
                    4c:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:90:DE:6B:6D:F0:3A:A4:6E:98:09:C5:20:62:EA:CA:40:F8:43:98
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/616e4134-09a6-4be2-bb0a-458670061cbd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f25::/36

    Signature Algorithm: sha256WithRSAEncryption
         40:c1:47:ec:78:3c:22:bc:6e:2a:f2:c6:a7:77:67:cb:9a:13:
         e2:5e:c6:8b:a2:06:dc:15:9b:06:85:6a:09:00:69:6f:8f:1d:
         7e:2b:47:f2:5a:63:0b:2b:99:a1:52:84:29:8e:33:c5:5e:b9:
         78:d1:8e:5b:1d:ac:d5:06:6c:ab:27:31:e7:95:b4:1f:79:9d:
         fb:cf:14:db:c8:a3:0a:ee:15:b9:52:fc:c8:7b:7d:24:21:0f:
         c9:a7:bc:d0:f7:c4:85:6d:89:ff:a8:25:8c:d6:69:5c:e4:3c:
         0e:1d:68:d5:8d:92:58:b0:ce:9f:e8:19:4d:f0:d7:8d:d1:3f:
         bd:e8:ce:70:a6:c9:05:08:29:1b:00:de:93:ab:d6:03:15:6e:
         b3:65:0f:7f:c5:b1:a4:fe:4d:7e:d3:eb:16:b5:2a:48:ac:fe:
         57:ed:cd:9a:b7:10:58:fe:3f:6e:45:fd:58:2e:51:5a:31:e6:
         21:97:ed:d6:29:58:74:48:64:ea:41:af:a2:7c:c6:6a:da:c2:
         4f:80:56:ee:d2:f1:7b:ec:ea:ed:e2:32:47:5f:f9:36:6e:09:
         de:60:69:13:64:d1:78:3c:ee:14:1e:a8:bb:4d:59:fb:7d:42:
         38:15:01:53:ef:69:d5:16:96:19:2a:e6:64:3d:75:d3:9b:bd:
         82:29:8d:e2
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIULottN4tMxfLwM8r2UnY/c6cF7S0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTAyMDAxMTEyWhcNMjUxMDA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYjY2NTliZDdkZTA1MjgyYThkMjdhNTdhMWFkNWNjYjFh
NDAxYTkxMzViY2QzODU3MzA0M2E3YTE4ZWMyZTgwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDlJCAImlNXdkGZsxVfq92f9uxbJzuTbZniUcJTB7/5herl
JrEjDDsqViCe3STVTAqojdRC41dSQl/piEpNuUPkt1Vli734V64PPKBC9nP7tNqM
AX5zrX2opVihSJJbWTGLqze7HL6WYzXmDXrILxglrfp11e7G8qf7buTJ6FV+0Jfo
JyrRrC2A1byNtRibUwp13juKeBzLQqnQWeuSXVdPVP+lzPcRH0VGpFP+Xjj9xCdG
9K9kdNd2GrUslQ4QMdoIl7dw2//9hf2TolPL1oJfCDU0+uVCdYKg1I625lJWTkJJ
nZdjode9Wy3u7mBZXl2k9NHxeuben7vZwMD2EUyvAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUWJDea23wOqRumAnFIGLqykD4Q5gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYxNmU0MTM0LTA5YTYtNGJlMi1iYjBhLTQ1ODY3MDA2MWNiZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8lADANBgkqhkiG9w0BAQsFAAOCAQEAQMFH7Hg8IrxuKvLGp3dny5oT
4l7Gi6IG3BWbBoVqCQBpb48dfitH8lpjCyuZoVKEKY4zxV65eNGOWx2s1QZsqycx
55W0H3md+88U28ijCu4VuVL8yHt9JCEPyae80PfEhW2J/6gljNZpXOQ8Dh1o1Y2S
WLDOn+gZTfDXjdE/vejOcKbJBQgpGwDek6vWAxVus2UPf8WxpP5NftPrFrUqSKz+
V+3NmrcQWP4/bkX9WC5RWjHmIZft1ilYdEhk6kGvonzGatrCT4BW7tLxe+zq7eIy
R1/5Nm4J3mBpE2TReDzuFB6ou01Z+31COBUBU+9p1RaWGSrmZD1105u9gimN4g==
-----END CERTIFICATE-----
Generated at Sat Sep 6 16:46:21 2025 by rpki-client