Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a7ffda98-bd67-4a18-9797-35aa2e04a2b3.roa
File:                     a7ffda98-bd67-4a18-9797-35aa2e04a2b3.roa (raw, json)
Hash identifier:          TYIhwG02EvSPY6uJCLNbh5LWS6+tA3HAvihEq0EjT2I=
Subject key identifier:   AD:34:3F:5F:25:D9:04:E6:B4:76:50:87:C0:B5:0B:29:72:A9:63:0D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4B30D466FC6CE7B406A4D181ADB3F2DD6F039B31
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a7ffda98-bd67-4a18-9797-35aa2e04a2b3.roa
Signing time:             Sat 10 May 2025 00:11:45 +0000
ROA not before:           Sat 10 May 2025 00:11:45 +0000
ROA not after:            Sat 14 Jun 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f60:3400::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:30:d4:66:fc:6c:e7:b4:06:a4:d1:81:ad:b3:f2:dd:6f:03:9b:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 10 00:11:45 2025 GMT
            Not After : Jun 14 23:59:59 2025 GMT
        Subject: serialNumber=607a849258c711158f270211ffca0497440efc51748fc77e498852c957d4d7ad, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:2c:16:22:27:de:f3:c0:0c:59:44:cc:f7:37:
                    77:65:72:70:f8:7d:22:c9:6b:3e:f8:d0:c3:fa:08:
                    73:83:64:2f:2c:50:b8:3c:78:c5:6a:6d:98:3e:bb:
                    ed:d9:1d:44:02:9b:56:29:24:2d:e7:08:5a:9f:23:
                    2c:72:9f:9b:fe:66:db:eb:36:66:b3:bc:ac:73:45:
                    9b:7f:27:63:97:58:29:74:f4:c4:ac:94:43:a8:51:
                    b9:47:d1:5f:9e:34:e6:07:27:9d:97:69:2d:73:bf:
                    bc:db:f7:9b:67:ff:33:0b:96:c9:08:d4:00:3e:b8:
                    91:9f:76:aa:ea:e5:db:53:55:0b:8e:71:1a:7f:ca:
                    18:46:ab:00:47:7d:a6:cb:bd:59:f8:78:22:0d:10:
                    fc:98:44:38:78:5d:e5:00:df:67:98:43:0d:d9:9f:
                    58:88:c3:0e:44:5f:c4:79:00:e1:ac:1b:87:88:33:
                    e8:61:3a:ef:3a:1d:60:b1:80:e3:7f:f9:a9:ed:ca:
                    06:5c:30:29:2f:64:d6:a9:a6:52:b5:71:0f:ee:96:
                    68:b8:21:5b:ce:59:78:be:f0:b8:1b:cc:7d:84:a8:
                    e3:55:c2:07:c2:a6:26:ba:0f:75:fa:31:f4:25:cd:
                    3b:4e:7d:a5:ed:22:c6:f1:fc:57:e4:bd:5d:44:c5:
                    90:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:34:3F:5F:25:D9:04:E6:B4:76:50:87:C0:B5:0B:29:72:A9:63:0D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a7ffda98-bd67-4a18-9797-35aa2e04a2b3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f60:3400::/40

    Signature Algorithm: sha256WithRSAEncryption
         d0:61:12:6e:73:b8:82:95:2f:ba:dc:a6:ef:a4:87:46:ad:8a:
         b8:20:e9:91:35:b5:84:73:88:5c:5f:3c:09:b6:ce:21:de:76:
         ca:df:60:26:3b:53:e5:3a:23:65:9c:0d:c0:6d:dd:80:2c:0a:
         d9:fd:0b:67:bc:9d:00:eb:02:9b:7b:70:89:c3:03:3a:50:87:
         ac:7d:36:7f:a8:94:3b:65:ed:7d:eb:e5:86:29:46:48:2d:55:
         8a:f7:98:44:da:3a:9c:bd:77:be:95:7f:6a:c2:9b:09:fd:e1:
         d9:33:41:6e:1d:e2:2c:2b:c3:e4:12:e7:d0:0d:29:59:2b:c8:
         e4:62:88:83:be:b3:62:a3:f6:f2:2e:d5:e1:e1:af:6f:1b:ca:
         1b:33:f4:ab:90:3f:24:0a:ea:a6:1b:cc:f5:5a:97:2c:e9:30:
         5f:a0:57:af:bc:7a:77:b2:6d:6b:71:b1:94:ad:0c:7e:a2:19:
         04:c7:57:5f:13:68:7e:47:9f:2b:bd:5c:b0:cc:cd:ab:95:cc:
         f4:6a:31:7d:8b:3c:8e:4f:a2:3c:5a:74:51:ad:bd:22:20:dc:
         fc:37:45:51:3d:0e:ce:88:e4:d7:17:47:3f:85:24:3e:83:96:
         08:31:6b:33:ef:34:f6:55:73:56:41:88:1d:60:8a:73:3f:d3:
         f6:6c:2f:f8
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUSzDUZvxs57QGpNGBrbPy3W8DmzEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTEwMDAxMTQ1WhcNMjUwNjE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MDdhODQ5MjU4YzcxMTE1OGYyNzAyMTFmZmNhMDQ5NzQ0
MGVmYzUxNzQ4ZmM3N2U0OTg4NTJjOTU3ZDRkN2FkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDsLBYiJ97zwAxZRMz3N3dlcnD4fSLJaz740MP6CHODZC8s
ULg8eMVqbZg+u+3ZHUQCm1YpJC3nCFqfIyxyn5v+ZtvrNmazvKxzRZt/J2OXWCl0
9MSslEOoUblH0V+eNOYHJ52XaS1zv7zb95tn/zMLlskI1AA+uJGfdqrq5dtTVQuO
cRp/yhhGqwBHfabLvVn4eCINEPyYRDh4XeUA32eYQw3Zn1iIww5EX8R5AOGsG4eI
M+hhOu86HWCxgON/+antygZcMCkvZNapplK1cQ/ulmi4IVvOWXi+8LgbzH2EqONV
wgfCpia6D3X6MfQlzTtOfaXtIsbx/FfkvV1ExZAxAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUrTQ/XyXZBOa0dlCHwLULKXKpYw0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E3ZmZkYTk4LWJkNjctNGExOC05Nzk3LTM1YWEyZTA0YTJiMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9gNDANBgkqhkiG9w0BAQsFAAOCAQEA0GESbnO4gpUvutym76SHRq2K
uCDpkTW1hHOIXF88CbbOId52yt9gJjtT5TojZZwNwG3dgCwK2f0LZ7ydAOsCm3tw
icMDOlCHrH02f6iUO2XtfevlhilGSC1ViveYRNo6nL13vpV/asKbCf3h2TNBbh3i
LCvD5BLn0A0pWSvI5GKIg76zYqP28i7V4eGvbxvKGzP0q5A/JArqphvM9VqXLOkw
X6BXr7x6d7Jta3GxlK0MfqIZBMdXXxNofkefK71csMzNq5XM9GoxfYs8jk+iPFp0
Ua29IiDc/DdFUT0Ozojk1xdHP4UkPoOWCDFrM+809lVzVkGIHWCKcz/T9mwv+A==
-----END CERTIFICATE-----