Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/91abda45-0cb9-4b48-94cf-80f7b19fa7f5.roa
File:                     91abda45-0cb9-4b48-94cf-80f7b19fa7f5.roa (raw, json)
Hash identifier:          nP5FEiJId3GN5733IYjYvG0ViBPw78tfiu1FIxISHQg=
Subject key identifier:   2A:57:EE:87:E9:DF:66:F9:C0:67:D7:7B:58:4F:ED:54:6E:DF:F2:C2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       63820D4347AE4C28047D5D95A0AB89BE49CEAF43
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/91abda45-0cb9-4b48-94cf-80f7b19fa7f5.roa
Signing time:             Fri 16 May 2025 16:41:14 +0000
ROA not before:           Fri 16 May 2025 16:41:14 +0000
ROA not after:            Fri 20 Jun 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1f61:5080::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:82:0d:43:47:ae:4c:28:04:7d:5d:95:a0:ab:89:be:49:ce:af:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 16 16:41:14 2025 GMT
            Not After : Jun 20 23:59:59 2025 GMT
        Subject: serialNumber=6140f0b615e6d0bc74c5f3a4c21e61ad9e56d08748fb2d0df5067d32d9fbbe94, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:6a:41:75:b3:a6:60:ec:ed:8d:02:46:2d:94:
                    b5:77:c6:96:25:bb:24:2a:68:b5:77:34:5d:40:bf:
                    72:d9:9a:b2:07:6d:cf:62:1d:c2:34:d2:4a:67:4d:
                    6f:16:f7:1e:d0:00:69:54:68:68:86:25:60:de:46:
                    c4:e0:7b:60:59:ec:02:21:bf:70:f0:47:6d:30:ca:
                    ed:e4:45:d4:68:89:30:82:df:e3:ae:1e:9c:2e:24:
                    dd:85:14:28:1c:af:e8:72:e2:26:22:e0:93:35:71:
                    a8:ba:16:28:f4:d6:df:43:31:71:5a:ce:0d:70:09:
                    20:cf:de:5e:fe:67:d6:8c:35:90:99:3e:f8:f3:aa:
                    12:5b:af:86:38:bc:18:3c:2a:2f:dd:16:18:db:52:
                    83:0f:95:f4:22:51:df:16:9d:09:a8:6b:6d:ea:7d:
                    0a:68:94:85:62:dd:bd:48:6c:ba:43:05:64:93:d9:
                    1d:43:37:bc:6b:77:b1:ea:49:10:fc:3c:a6:aa:b5:
                    67:ca:7e:a4:5a:54:dd:0f:f9:40:28:86:15:2c:f5:
                    b3:39:ad:45:96:2b:7d:ff:28:11:54:58:f6:c6:1a:
                    5f:0b:e5:a3:99:96:4c:e0:81:54:fe:c8:2b:b1:94:
                    de:82:9d:39:83:c5:df:5b:57:d6:61:9c:98:e8:76:
                    2a:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:57:EE:87:E9:DF:66:F9:C0:67:D7:7B:58:4F:ED:54:6E:DF:F2:C2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/91abda45-0cb9-4b48-94cf-80f7b19fa7f5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f61:5080::/48

    Signature Algorithm: sha256WithRSAEncryption
         d8:ad:41:c1:49:98:23:25:b2:39:a6:f2:bc:93:73:81:7e:30:
         a4:9c:82:0b:5a:92:15:31:65:a7:66:39:3c:c2:14:55:57:e0:
         f4:21:01:a9:35:4a:1a:70:23:6c:12:a1:93:3f:34:24:bb:31:
         65:d3:c4:73:97:6c:7d:e6:20:5d:ad:c5:b4:ea:e7:9e:ac:b4:
         38:54:db:ee:8c:4b:5a:15:79:8b:f0:7b:af:bb:77:6b:2d:c6:
         91:36:61:3b:67:74:27:a0:c7:c2:62:59:ec:52:a8:49:7c:91:
         de:93:57:7a:07:b7:0a:9e:14:b6:ea:5e:99:99:7d:85:45:56:
         51:bd:8a:ea:6e:5c:d4:44:44:72:67:85:72:36:30:5b:49:64:
         eb:04:c1:00:03:d7:08:6a:aa:e2:7a:a7:bb:4c:60:7d:ab:b8:
         b9:c2:fd:8c:94:41:2b:c3:00:ea:62:65:d0:5d:73:23:e1:f2:
         fb:6d:ee:69:6e:6a:46:9b:e8:9a:5d:76:61:f5:4d:89:52:42:
         cf:85:1d:9c:3b:3f:29:5e:a5:ed:f4:e4:1e:ef:e6:7f:c1:d5:
         ff:fe:f6:aa:9b:8b:29:f5:25:c0:a7:77:f0:87:39:cf:ff:ef:
         fe:62:e1:46:18:83:98:33:27:c7:f1:89:13:f6:b0:d6:eb:c1:
         1f:ee:74:99
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUY4INQ0euTCgEfV2VoKuJvknOr0MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTE2MTY0MTE0WhcNMjUwNjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A2MTQwZjBiNjE1ZTZkMGJjNzRjNWYzYTRjMjFlNjFhZDll
NTZkMDg3NDhmYjJkMGRmNTA2N2QzMmQ5ZmJiZTk0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCiakF1s6Zg7O2NAkYtlLV3xpYluyQqaLV3NF1Av3LZmrIH
bc9iHcI00kpnTW8W9x7QAGlUaGiGJWDeRsTge2BZ7AIhv3DwR20wyu3kRdRoiTCC
3+OuHpwuJN2FFCgcr+hy4iYi4JM1cai6Fij01t9DMXFazg1wCSDP3l7+Z9aMNZCZ
PvjzqhJbr4Y4vBg8Ki/dFhjbUoMPlfQiUd8WnQmoa23qfQpolIVi3b1IbLpDBWST
2R1DN7xrd7HqSRD8PKaqtWfKfqRaVN0P+UAohhUs9bM5rUWWK33/KBFUWPbGGl8L
5aOZlkzggVT+yCuxlN6CnTmDxd9bV9ZhnJjodiptAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUKlfuh+nfZvnAZ9d7WE/tVG7f8sIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkxYWJkYTQ1LTBjYjktNGI0OC05NGNmLTgwZjdiMTlmYTdmNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB9hUIAwDQYJKoZIhvcNAQELBQADggEBANitQcFJmCMlsjmm8ryTc4F+
MKScggtakhUxZadmOTzCFFVX4PQhAak1ShpwI2wSoZM/NCS7MWXTxHOXbH3mIF2t
xbTq556stDhU2+6MS1oVeYvwe6+7d2stxpE2YTtndCegx8JiWexSqEl8kd6TV3oH
twqeFLbqXpmZfYVFVlG9iupuXNRERHJnhXI2MFtJZOsEwQAD1whqquJ6p7tMYH2r
uLnC/YyUQSvDAOpiZdBdcyPh8vtt7mluakab6JpddmH1TYlSQs+FHZw7Pylepe30
5B7v5n/B1f/+9qqbiyn1JcCnd/CHOc//7/5i4UYYg5gzJ8fxiRP2sNbrwR/udJk=
-----END CERTIFICATE-----
Generated at Sun Jun 1 04:40:59 2025 by rpki-client