Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/80d26464-05c9-4f2b-ba80-8facd3bbef1f.roa
File:                     80d26464-05c9-4f2b-ba80-8facd3bbef1f.roa (raw, json)
Hash identifier:          MBJy9XFT60HYmRYB/mh/JsTPWcURfIwSxy++B282s1E=
Subject key identifier:   F6:79:8E:60:1C:94:52:2F:26:87:E3:85:73:8C:70:46:C6:B6:E4:18
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       66E23E8102EC4A73AFB595CC3582C17480C42B61
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/80d26464-05c9-4f2b-ba80-8facd3bbef1f.roa
Signing time:             Mon 19 May 2025 17:32:00 +0000
ROA not before:           Mon 19 May 2025 17:32:00 +0000
ROA not after:            Mon 23 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f38:1000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 05 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:e2:3e:81:02:ec:4a:73:af:b5:95:cc:35:82:c1:74:80:c4:2b:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 19 17:32:00 2025 GMT
            Not After : Jun 23 23:59:59 2025 GMT
        Subject: serialNumber=9bf0b8d17d4bd0ea564b6e50970d0f06193825d1fbbc406bce9a120b19cce4cf, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:06:55:23:b6:f9:98:93:94:d6:d5:db:de:10:
                    9e:83:ce:29:57:98:64:bb:c9:9c:55:c8:28:d7:79:
                    50:28:12:01:d5:61:28:b1:80:31:93:ed:58:cd:5d:
                    8f:be:b0:4a:2f:4d:82:0b:77:ad:7e:b3:2a:14:9a:
                    54:15:63:a4:39:a3:a5:18:4d:4f:7d:94:b4:a1:30:
                    00:1e:9a:0c:9d:6a:c1:ec:30:ac:5c:8e:04:fe:d8:
                    49:02:ca:25:c6:79:81:81:44:bc:c0:87:01:92:5a:
                    3a:8b:28:b4:d4:c9:4d:b4:e6:7d:a1:f0:6a:0f:4b:
                    54:54:25:b5:3e:2b:0f:49:65:bb:b5:6f:7e:6f:e8:
                    64:c8:96:ed:2c:78:bb:d7:16:0d:c9:c0:be:d6:96:
                    b0:ce:b8:65:96:f4:3b:c2:26:51:f7:2e:b1:de:3a:
                    b0:a6:40:7b:a1:7b:68:d3:3a:d5:d1:cc:31:a3:40:
                    9e:55:16:6b:df:72:9f:9c:01:98:a6:30:f8:c5:18:
                    d2:c7:8a:0e:c6:7c:00:a4:4b:89:84:b3:1b:3d:ba:
                    3a:9c:11:7c:32:31:b3:4a:d2:f6:0d:96:52:84:f4:
                    3b:cb:43:29:bb:a8:7d:13:89:88:c0:5a:56:32:48:
                    45:73:84:28:2f:1a:5e:f1:53:d0:99:60:1f:7b:88:
                    e9:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:79:8E:60:1C:94:52:2F:26:87:E3:85:73:8C:70:46:C6:B6:E4:18
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/80d26464-05c9-4f2b-ba80-8facd3bbef1f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f38:1000::/40

    Signature Algorithm: sha256WithRSAEncryption
         92:b3:40:ad:b8:79:97:be:4f:b9:cb:bd:9d:50:a3:fa:9a:5e:
         7c:87:bb:ad:97:ab:b1:6b:9a:88:c0:8c:66:cd:5c:61:d3:c5:
         30:f7:68:ea:c5:5f:00:87:6c:30:cb:35:d9:03:8b:c3:b4:0b:
         38:04:cb:2b:6f:08:fa:59:f7:54:68:b5:42:fb:0c:b3:f5:e8:
         96:81:99:4a:7a:df:1b:f0:c6:df:b1:96:cb:ae:4f:a9:ca:2f:
         8a:59:6f:83:74:68:4f:e3:68:cf:00:47:fe:fd:32:7a:b7:c4:
         0d:77:72:71:13:7d:1e:c4:01:3d:c8:e0:c6:26:4e:a0:ec:2a:
         59:fa:8d:a3:c8:12:d6:8b:38:c9:cf:69:cc:fc:b8:29:0e:f4:
         ae:c3:71:c5:65:a9:37:31:fd:d4:9e:ee:83:2e:7d:b8:b7:6f:
         93:74:f0:cf:01:14:a8:d8:31:f3:39:1c:ff:0d:69:f0:50:f3:
         c7:db:97:c0:9a:c1:b8:b7:05:41:e0:31:73:12:5b:62:0f:e1:
         9f:c7:2d:40:d7:38:03:94:69:46:c5:04:0e:bf:63:b1:04:4a:
         ae:93:d6:b7:99:4e:18:d7:d1:1d:a7:4d:6c:c6:ce:09:72:e8:
         c4:c0:e9:19:3d:fc:c7:96:29:c6:6d:86:d1:a5:f4:b1:9c:38:
         f0:70:4c:e2
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUZuI+gQLsSnOvtZXMNYLBdIDEK2EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTE5MTczMjAwWhcNMjUwNjIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A5YmYwYjhkMTdkNGJkMGVhNTY0YjZlNTA5NzBkMGYwNjE5
MzgyNWQxZmJiYzQwNmJjZTlhMTIwYjE5Y2NlNGNmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQBlUjtvmYk5TW1dveEJ6DzilXmGS7yZxVyCjXeVAoEgHV
YSixgDGT7VjNXY++sEovTYILd61+syoUmlQVY6Q5o6UYTU99lLShMAAemgydasHs
MKxcjgT+2EkCyiXGeYGBRLzAhwGSWjqLKLTUyU205n2h8GoPS1RUJbU+Kw9JZbu1
b35v6GTIlu0seLvXFg3JwL7WlrDOuGWW9DvCJlH3LrHeOrCmQHuhe2jTOtXRzDGj
QJ5VFmvfcp+cAZimMPjFGNLHig7GfACkS4mEsxs9ujqcEXwyMbNK0vYNllKE9DvL
Qym7qH0TiYjAWlYySEVzhCgvGl7xU9CZYB97iOkBAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU9nmOYByUUi8mh+OFc4xwRsa25BgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgwZDI2NDY0LTA1YzktNGYyYi1iYTgwLThmYWNkM2JiZWYxZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB84EDANBgkqhkiG9w0BAQsFAAOCAQEAkrNArbh5l75Pucu9nVCj+ppe
fIe7rZersWuaiMCMZs1cYdPFMPdo6sVfAIdsMMs12QOLw7QLOATLK28I+ln3VGi1
QvsMs/XoloGZSnrfG/DG37GWy65Pqcovillvg3RoT+NozwBH/v0yerfEDXdycRN9
HsQBPcjgxiZOoOwqWfqNo8gS1os4yc9pzPy4KQ70rsNxxWWpNzH91J7ugy59uLdv
k3TwzwEUqNgx8zkc/w1p8FDzx9uXwJrBuLcFQeAxcxJbYg/hn8ctQNc4A5RpRsUE
Dr9jsQRKrpPWt5lOGNfRHadNbMbOCXLoxMDpGT38x5Ypxm2G0aX0sZw48HBM4g==
-----END CERTIFICATE-----