Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/62f1c6ae-c3ca-4326-b75a-fa2d7d8712d9.roa
File:                     62f1c6ae-c3ca-4326-b75a-fa2d7d8712d9.roa (raw, json)
Hash identifier:          v7X38y7P7whl6/nDq9b+cob2/HVXzOl5x3J9zvfucAg=
Subject key identifier:   DE:4B:04:47:F0:81:49:A8:8C:B0:5A:7C:A1:9D:99:60:AD:96:43:41
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       33ABE47F798751F57A083B65146F0BFE71152A10
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/62f1c6ae-c3ca-4326-b75a-fa2d7d8712d9.roa
Signing time:             Sat 30 Aug 2025 00:11:57 +0000
ROA not before:           Sat 30 Aug 2025 00:11:57 +0000
ROA not after:            Sat 04 Oct 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1ff3:8040::/46 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 08 Sep 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:ab:e4:7f:79:87:51:f5:7a:08:3b:65:14:6f:0b:fe:71:15:2a:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 30 00:11:57 2025 GMT
            Not After : Oct  4 23:59:59 2025 GMT
        Subject: serialNumber=5bea54bcd8a28a334b865c3355e985df604c7d10038ef69a5f0c9869f2bcb69c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:73:85:83:a4:ec:96:53:6f:6d:a2:4d:4b:23:
                    76:74:9f:0a:b6:28:0e:23:cf:0c:6e:44:87:eb:c6:
                    25:1a:2f:29:1b:20:7c:27:23:4c:0b:3f:3c:17:27:
                    c1:97:88:82:f6:93:81:d1:fc:67:51:69:e5:b5:ad:
                    3f:1d:6b:c2:e8:78:b9:72:4f:30:d6:2d:4b:20:f2:
                    ca:26:4b:ec:9b:bc:1a:be:c8:7b:71:fd:a7:4e:5d:
                    c2:fe:a4:62:22:d9:f9:32:52:de:e8:65:35:4f:2c:
                    e5:46:7a:1c:81:9f:8a:d3:2f:26:3c:d8:9a:25:26:
                    b9:c5:36:6a:59:c8:84:ec:73:8a:e6:9a:06:ec:d8:
                    ba:b7:d5:d0:a6:29:3f:1d:2a:f4:6a:ea:f2:25:27:
                    24:5e:c6:97:68:9e:97:70:74:ca:57:56:e9:ed:1f:
                    7e:80:a9:98:90:ff:7e:72:f1:8d:d8:04:e9:2b:b3:
                    3b:b5:bb:05:5f:14:19:b5:46:8d:5d:73:eb:7f:8f:
                    73:be:27:cb:53:e5:ab:c8:e6:f7:d2:c4:cf:1c:34:
                    be:0b:cc:83:41:79:f5:dc:98:31:f6:9c:1c:58:6d:
                    bb:87:65:cf:13:6f:83:9b:df:41:32:a6:b8:8e:28:
                    01:1e:3b:e9:8f:cf:79:c8:b1:2f:c0:e6:2e:2c:b2:
                    ca:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:4B:04:47:F0:81:49:A8:8C:B0:5A:7C:A1:9D:99:60:AD:96:43:41
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/62f1c6ae-c3ca-4326-b75a-fa2d7d8712d9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff3:8040::/46

    Signature Algorithm: sha256WithRSAEncryption
         7b:2f:fa:61:a1:26:77:87:df:83:a8:fa:70:80:84:5e:83:8c:
         22:4b:40:4d:9b:62:7e:ac:f3:3c:19:8b:07:e3:cc:92:09:2e:
         7b:00:af:9f:e9:a6:5d:6c:c6:b8:8b:4a:66:c2:ae:e0:06:35:
         9d:8a:0a:ef:90:e2:cd:ec:81:32:e6:a4:2f:9a:ba:8a:31:75:
         84:d1:fa:c5:35:03:3f:f2:05:6e:3c:9f:af:aa:69:c0:7b:02:
         1a:66:dd:96:98:57:db:b5:d8:02:2f:8a:74:0e:79:94:ac:c3:
         5d:b7:0c:09:67:16:0f:9b:ed:9b:30:ba:75:19:a2:b9:48:c2:
         e6:43:8e:ef:aa:a4:99:b7:ad:6d:5e:2c:3c:62:e5:38:9b:98:
         01:59:c3:a3:55:20:89:20:9a:c4:8e:02:b7:cf:8c:54:f5:3f:
         1f:6f:55:cb:7f:64:54:63:b3:3a:b2:90:02:bc:fd:0c:6a:89:
         80:94:ed:43:56:e4:e9:f8:04:cf:ec:7b:47:73:80:d5:84:b5:
         d4:2a:6d:2e:16:89:6c:32:5d:dc:04:fd:d6:84:1b:b0:70:2c:
         23:c2:32:8f:1e:9f:c8:22:07:76:16:ee:94:24:15:0f:7e:68:
         4b:f0:57:74:c2:0c:e1:3e:46:a6:5e:d2:f7:c6:03:f9:ca:79:
         d2:cf:11:16
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUM6vkf3mHUfV6CDtlFG8L/nEVKhAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODMwMDAxMTU3WhcNMjUxMDA0MjM1OTU5
WjB6MUkwRwYDVQQFE0A1YmVhNTRiY2Q4YTI4YTMzNGI4NjVjMzM1NWU5ODVkZjYw
NGM3ZDEwMDM4ZWY2OWE1ZjBjOTg2OWYyYmNiNjljMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmc4WDpOyWU29tok1LI3Z0nwq2KA4jzwxuRIfrxiUaLykb
IHwnI0wLPzwXJ8GXiIL2k4HR/GdRaeW1rT8da8LoeLlyTzDWLUsg8somS+ybvBq+
yHtx/adOXcL+pGIi2fkyUt7oZTVPLOVGehyBn4rTLyY82JolJrnFNmpZyITsc4rm
mgbs2Lq31dCmKT8dKvRq6vIlJyRexpdonpdwdMpXVuntH36AqZiQ/35y8Y3YBOkr
szu1uwVfFBm1Ro1dc+t/j3O+J8tT5avI5vfSxM8cNL4LzINBefXcmDH2nBxYbbuH
Zc8Tb4Ob30EypriOKAEeO+mPz3nIsS/A5i4ssspzAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU3ksER/CBSaiMsFp8oZ2ZYK2WQ0EwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYyZjFjNmFlLWMzY2EtNDMyNi1iNzVhLWZhMmQ3ZDg3MTJkOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwImAB/zgEAwDQYJKoZIhvcNAQELBQADggEBAHsv+mGhJneH34Oo+nCAhF6D
jCJLQE2bYn6s8zwZiwfjzJIJLnsAr5/ppl1sxriLSmbCruAGNZ2KCu+Q4s3sgTLm
pC+auooxdYTR+sU1Az/yBW48n6+qacB7Ahpm3ZaYV9u12AIvinQOeZSsw123DAln
Fg+b7ZswunUZorlIwuZDju+qpJm3rW1eLDxi5TibmAFZw6NVIIkgmsSOArfPjFT1
Px9vVct/ZFRjszqykAK8/QxqiYCU7UNW5On4BM/se0dzgNWEtdQqbS4WiWwyXdwE
/daEG7BwLCPCMo8en8giB3YW7pQkFQ9+aEvwV3TCDOE+RqZe0vfGA/nKedLPERY=
-----END CERTIFICATE-----