Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6cb01528-0863-4282-b29c-5d2322edb608.roa
File:                     6cb01528-0863-4282-b29c-5d2322edb608.roa (raw, json)
Hash identifier:          jWhaIImf7y1f1RiAY6hTbgswXoVlJj3qdIgEUHDhr7Q=
Subject key identifier:   2A:6C:6A:87:CB:CE:7A:62:79:19:67:4D:AE:4F:F7:19:93:1A:54:AC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       135E45D64DA3EF15ACCFFF6D4B78A579DD71D2D3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6cb01528-0863-4282-b29c-5d2322edb608.roa
Signing time:             Mon 31 Mar 2025 15:30:34 +0000
ROA not before:           Mon 31 Mar 2025 15:30:34 +0000
ROA not after:            Mon 05 May 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f21:8000::/36 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 17 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:5e:45:d6:4d:a3:ef:15:ac:cf:ff:6d:4b:78:a5:79:dd:71:d2:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 31 15:30:34 2025 GMT
            Not After : May  5 23:59:59 2025 GMT
        Subject: serialNumber=93f593fd5ed50370e865bfc7f4efaf50ca5e09dad0459d222d08ed0a962da59e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:af:e9:f4:9e:5f:38:63:ae:51:30:1e:4f:2b:
                    fa:13:c8:f1:06:27:17:b0:fa:2a:d5:d2:98:90:cd:
                    dc:ac:3d:f1:52:72:e5:a9:8c:da:9f:82:08:cf:53:
                    32:6c:95:38:3a:71:de:0b:8a:cd:62:a9:2d:fc:2d:
                    df:27:2e:95:0f:2d:0e:1e:4c:c6:25:97:31:7e:b5:
                    0e:a3:06:dc:1e:28:5c:0a:6d:58:38:31:ff:34:2f:
                    55:c6:d2:9e:23:8c:9f:f8:c2:1a:5b:2a:20:23:80:
                    19:e4:30:c3:14:27:17:e1:d6:15:b7:9e:8a:1d:1b:
                    0a:3c:bf:37:7e:03:c9:1a:90:83:e3:e2:10:c2:e6:
                    ab:84:6e:fd:78:fd:15:e4:fd:7d:2e:3d:2d:c7:5e:
                    b6:45:df:95:2a:3f:db:7c:a4:a5:d4:6a:f2:47:49:
                    bb:65:b6:87:70:43:ff:be:59:0c:17:85:e4:f4:fb:
                    3c:ac:52:63:9d:03:b5:7c:f7:3e:76:bc:09:02:6a:
                    72:8a:e9:c5:e6:f2:ea:ac:e2:78:d9:a0:a5:aa:90:
                    ff:a3:7a:8f:e2:b3:78:4b:45:e6:53:05:7b:72:d3:
                    86:ef:db:27:6c:52:1f:bb:4f:f9:a1:98:f6:f6:63:
                    c2:ee:92:14:2b:27:26:2a:bf:6d:66:29:03:9e:4b:
                    9d:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:6C:6A:87:CB:CE:7A:62:79:19:67:4D:AE:4F:F7:19:93:1A:54:AC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6cb01528-0863-4282-b29c-5d2322edb608.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f21:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         37:d4:c1:c1:f6:f4:79:57:5c:6c:ec:ab:23:09:d3:97:f0:c9:
         5e:d5:44:9d:bc:58:3b:67:91:1f:f0:b6:93:55:2e:7c:21:04:
         e8:31:3d:49:9f:d4:ad:38:8b:c6:8b:a5:5d:c9:70:6a:5c:bf:
         65:66:3c:3f:d0:fe:e5:bd:26:bf:25:73:cd:fb:b2:86:48:bb:
         ac:2d:fd:06:7d:52:70:18:33:ca:c1:59:ca:4a:dc:8e:78:35:
         26:72:4c:30:d0:f6:91:57:46:4a:fd:58:bb:e6:9f:da:2c:4c:
         3f:06:ab:f6:8f:db:64:81:3e:62:e9:46:ff:e8:c9:79:37:33:
         69:9c:42:39:85:c3:ef:ad:2c:7e:90:07:47:12:09:54:12:6e:
         88:c2:1d:48:ee:2e:2b:8a:1a:22:be:7f:34:d7:f0:8a:a6:f4:
         ea:73:20:8e:03:a3:8d:27:6b:09:ca:d8:ef:6d:38:4d:3d:a0:
         ec:c6:8c:34:b9:09:c6:13:ec:95:52:41:38:09:37:2a:52:0a:
         56:f3:35:3a:8c:bb:ed:92:11:9b:0b:fd:9f:85:39:4e:24:97:
         c3:0c:20:30:ee:91:6c:a3:73:29:8e:f6:09:bf:be:0f:71:c6:
         53:63:4c:75:b7:cb:10:80:59:eb:57:ae:84:5d:4a:57:d8:9a:
         74:68:8c:82
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUE15F1k2j7xWsz/9tS3iled1x0tMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzMxMTUzMDM0WhcNMjUwNTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5M2Y1OTNmZDVlZDUwMzcwZTg2NWJmYzdmNGVmYWY1MGNh
NWUwOWRhZDA0NTlkMjIyZDA4ZWQwYTk2MmRhNTllMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDar+n0nl84Y65RMB5PK/oTyPEGJxew+irV0piQzdysPfFS
cuWpjNqfggjPUzJslTg6cd4Lis1iqS38Ld8nLpUPLQ4eTMYllzF+tQ6jBtweKFwK
bVg4Mf80L1XG0p4jjJ/4whpbKiAjgBnkMMMUJxfh1hW3noodGwo8vzd+A8kakIPj
4hDC5quEbv14/RXk/X0uPS3HXrZF35UqP9t8pKXUavJHSbtltodwQ/++WQwXheT0
+zysUmOdA7V89z52vAkCanKK6cXm8uqs4njZoKWqkP+jeo/is3hLReZTBXty04bv
2ydsUh+7T/mhmPb2Y8LukhQrJyYqv21mKQOeS53TAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUKmxqh8vOemJ5GWdNrk/3GZMaVKwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZjYjAxNTI4LTA4NjMtNDI4Mi1iMjljLTVkMjMyMmVkYjYwOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8hgDANBgkqhkiG9w0BAQsFAAOCAQEAN9TBwfb0eVdcbOyrIwnTl/DJ
XtVEnbxYO2eRH/C2k1UufCEE6DE9SZ/UrTiLxoulXclwaly/ZWY8P9D+5b0mvyVz
zfuyhki7rC39Bn1ScBgzysFZykrcjng1JnJMMND2kVdGSv1Yu+af2ixMPwar9o/b
ZIE+YulG/+jJeTczaZxCOYXD760sfpAHRxIJVBJuiMIdSO4uK4oaIr5/NNfwiqb0
6nMgjgOjjSdrCcrY7204TT2g7MaMNLkJxhPslVJBOAk3KlIKVvM1Ooy77ZIRmwv9
n4U5TiSXwwwgMO6RbKNzKY72Cb++D3HGU2NMdbfLEIBZ61euhF1KV9iadGiMgg==
-----END CERTIFICATE-----