Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8abeef96-6bb3-461d-ba23-da389d854132.roa
File:                     8abeef96-6bb3-461d-ba23-da389d854132.roa (raw, json)
Hash identifier:          xNq81J1/vLwdX+VtH2AdvIh7+iL+viLX+A0qCe+2sAw=
Subject key identifier:   8F:56:E1:A6:F4:8B:23:72:04:9B:AB:DC:80:57:59:92:83:CE:DB:C4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       19A7C76B7C8F1F1AE24844BA1188AE1F2A508EC8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8abeef96-6bb3-461d-ba23-da389d854132.roa
Signing time:             Tue 26 Aug 2025 16:00:27 +0000
ROA not before:           Tue 26 Aug 2025 16:00:27 +0000
ROA not after:            Tue 30 Sep 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1ff2:2040::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Sep 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:a7:c7:6b:7c:8f:1f:1a:e2:48:44:ba:11:88:ae:1f:2a:50:8e:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 26 16:00:27 2025 GMT
            Not After : Sep 30 23:59:59 2025 GMT
        Subject: serialNumber=2087b8db4f248ffd9090a8975fc70e531631d925a7b0ce6c910fdb8104c29673, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:65:a9:52:82:f9:c9:80:f9:4b:24:af:e9:44:
                    26:69:4e:ce:21:ff:c3:8a:2e:88:24:c0:2f:12:8c:
                    53:ea:9f:8b:98:fe:0c:d0:e1:46:b1:36:e8:c2:cc:
                    f3:14:13:7f:86:fb:e9:db:48:c0:41:4a:2c:25:45:
                    7c:14:19:b6:24:0a:24:ae:29:85:48:d1:c0:54:db:
                    d5:9c:00:b3:85:cc:61:44:bd:ce:3c:6e:05:85:85:
                    91:dd:e2:38:a9:10:5e:ce:1a:5a:22:7d:f0:84:d9:
                    a2:15:72:0b:cf:db:4e:49:f8:27:1f:dc:63:9d:22:
                    3e:a7:4a:06:8f:1c:04:1b:8d:ba:be:0e:8d:b1:74:
                    41:a2:d3:d0:6b:ed:0e:b9:77:c3:13:dc:7a:b7:86:
                    49:87:79:56:55:e3:a9:dc:0e:56:76:05:0f:98:79:
                    c9:f8:2e:87:ea:66:38:53:7a:0c:f2:eb:b5:2b:fd:
                    11:d5:9b:7b:f1:13:9d:36:ec:d1:0c:bf:10:91:f7:
                    b6:0e:63:b1:d8:7f:2a:14:cf:b8:af:7c:d3:1d:81:
                    58:e6:56:07:0c:ab:e0:37:ae:4e:ab:2e:25:62:85:
                    87:82:c9:52:96:f5:fc:90:38:53:ee:b3:de:61:61:
                    b4:e9:78:7f:a4:4a:b0:d2:15:1b:9f:aa:1b:08:09:
                    d2:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:56:E1:A6:F4:8B:23:72:04:9B:AB:DC:80:57:59:92:83:CE:DB:C4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8abeef96-6bb3-461d-ba23-da389d854132.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff2:2040::/48

    Signature Algorithm: sha256WithRSAEncryption
         7c:33:74:3b:da:19:3a:63:bf:b5:df:ab:8e:67:73:92:be:8c:
         a0:23:c4:08:ff:b1:94:7f:5c:e4:5f:97:32:bc:1e:1c:16:2b:
         59:ee:64:4a:cd:4f:aa:1f:fd:67:71:9e:80:54:ff:f8:da:09:
         47:ed:7e:5e:d0:40:5d:41:7e:3e:40:15:df:5b:97:8b:2d:28:
         28:99:26:f0:05:8e:7e:f6:e9:af:57:4a:89:68:1b:4d:bf:8e:
         ed:66:38:fa:03:4c:fe:36:16:09:0d:81:fe:cb:23:61:6c:8b:
         dd:be:70:49:18:e8:47:7b:51:f9:a9:5e:e8:0a:04:9e:b0:fd:
         ae:0a:cd:c6:6f:0b:ff:cc:02:9a:9c:47:26:94:cb:52:4d:2e:
         4b:5e:16:4b:4c:4d:c8:49:c0:59:ac:4b:04:3a:64:69:47:ba:
         ae:a9:15:5f:77:8d:68:43:22:c8:7f:f9:74:11:70:05:39:33:
         99:d5:c4:71:2a:34:b4:12:f7:f1:b6:f1:b7:64:88:69:a4:a8:
         6b:4e:5f:a3:ba:96:c3:c3:ea:c7:3d:24:37:74:bb:da:6f:e3:
         63:74:43:96:78:91:60:c4:46:fd:26:4b:69:5c:73:d7:34:bc:
         26:f6:3d:d5:4b:f8:3d:8d:5d:f8:fb:a6:67:16:e6:2c:62:13:
         86:a9:fd:f9
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUGafHa3yPHxriSES6EYiuHypQjsgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODI2MTYwMDI3WhcNMjUwOTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMDg3YjhkYjRmMjQ4ZmZkOTA5MGE4OTc1ZmM3MGU1MzE2
MzFkOTI1YTdiMGNlNmM5MTBmZGI4MTA0YzI5NjczMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpZalSgvnJgPlLJK/pRCZpTs4h/8OKLogkwC8SjFPqn4uY
/gzQ4UaxNujCzPMUE3+G++nbSMBBSiwlRXwUGbYkCiSuKYVI0cBU29WcALOFzGFE
vc48bgWFhZHd4jipEF7OGloiffCE2aIVcgvP205J+Ccf3GOdIj6nSgaPHAQbjbq+
Do2xdEGi09Br7Q65d8MT3Hq3hkmHeVZV46ncDlZ2BQ+Yecn4LofqZjhTegzy67Ur
/RHVm3vxE5027NEMvxCR97YOY7HYfyoUz7ivfNMdgVjmVgcMq+A3rk6rLiVihYeC
yVKW9fyQOFPus95hYbTpeH+kSrDSFRufqhsICdLjAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUj1bhpvSLI3IEm6vcgFdZkoPO28QwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhhYmVlZjk2LTZiYjMtNDYxZC1iYTIzLWRhMzg5ZDg1NDEzMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/yIEAwDQYJKoZIhvcNAQELBQADggEBAHwzdDvaGTpjv7Xfq45nc5K+
jKAjxAj/sZR/XORflzK8HhwWK1nuZErNT6of/WdxnoBU//jaCUftfl7QQF1Bfj5A
Fd9bl4stKCiZJvAFjn726a9XSoloG02/ju1mOPoDTP42FgkNgf7LI2Fsi92+cEkY
6Ed7UfmpXugKBJ6w/a4KzcZvC//MApqcRyaUy1JNLkteFktMTchJwFmsSwQ6ZGlH
uq6pFV93jWhDIsh/+XQRcAU5M5nVxHEqNLQS9/G28bdkiGmkqGtOX6O6lsPD6sc9
JDd0u9pv42N0Q5Z4kWDERv0mS2lcc9c0vCb2PdVL+D2NXfj7pmcW5ixiE4ap/fk=
-----END CERTIFICATE-----
Generated at Sat Sep 6 14:14:24 2025 by rpki-client