Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/be83d719-2355-41b1-a762-eb7db3a7c65f.roa
File:                     be83d719-2355-41b1-a762-eb7db3a7c65f.roa (raw, json)
Hash identifier:          26rrRuYB5TFNbWmFTWa7q0mwtmIvt6ky4eGSO9uAYW8=
Subject key identifier:   D8:61:FF:D6:0E:F3:4E:86:24:58:FC:B5:CB:6D:54:E4:31:7C:7E:F3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1DF9B221949FB54DDBA920B7F72E41E2560CB480
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/be83d719-2355-41b1-a762-eb7db3a7c65f.roa
Signing time:             Tue 03 Jun 2025 20:22:34 +0000
ROA not before:           Tue 03 Jun 2025 20:22:34 +0000
ROA not after:            Tue 08 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff4:1000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 10 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:f9:b2:21:94:9f:b5:4d:db:a9:20:b7:f7:2e:41:e2:56:0c:b4:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun  3 20:22:34 2025 GMT
            Not After : Jul  8 23:59:59 2025 GMT
        Subject: serialNumber=389261336ebde378e263bea99313574980c56f0416ff926bbdf24159ab8493fc, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:76:0f:77:53:66:a4:b5:41:c9:98:03:de:ee:
                    f6:55:01:b3:20:d6:7e:17:7c:16:1b:d3:8c:cd:11:
                    74:be:cc:41:53:ec:52:14:96:06:df:f7:23:d2:52:
                    0d:41:68:b0:b2:d5:cc:93:8a:b8:38:53:50:c4:dc:
                    a9:db:f1:31:49:68:f9:44:01:ea:2b:64:06:34:0f:
                    ae:16:24:4c:5a:45:72:51:d7:ba:ab:4e:25:2b:ee:
                    c7:00:e9:ec:31:d3:be:35:a8:a0:47:59:05:e9:95:
                    f1:01:5a:21:a8:17:b8:b5:28:9e:21:70:98:61:bf:
                    03:95:20:a8:86:77:87:77:fb:77:51:c6:87:75:15:
                    ac:7d:23:60:8d:52:fc:04:35:8e:7f:3a:ea:9c:87:
                    e0:c2:b6:3d:47:c1:23:22:79:0a:25:04:44:3c:8e:
                    27:d8:dc:86:c2:22:6d:f3:8b:de:9e:1f:5a:e1:9e:
                    11:7c:38:ed:09:d1:45:a9:05:fc:fd:81:bf:7b:52:
                    97:aa:c1:2a:71:45:45:86:ac:84:75:2c:17:49:f7:
                    90:e9:f0:d9:38:06:3f:6c:bd:9f:78:22:89:b4:09:
                    cc:da:39:91:63:f7:86:c9:ec:00:29:6f:5e:ca:83:
                    b4:be:d2:6d:e5:fe:00:89:7c:d4:01:d4:db:51:e2:
                    5d:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:61:FF:D6:0E:F3:4E:86:24:58:FC:B5:CB:6D:54:E4:31:7C:7E:F3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/be83d719-2355-41b1-a762-eb7db3a7c65f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff4:1000::/40

    Signature Algorithm: sha256WithRSAEncryption
         2c:aa:83:3d:71:e1:2a:be:dd:b8:92:24:70:45:11:c1:4b:60:
         9c:46:93:63:e7:37:a5:d0:02:c8:3a:ce:11:02:08:c1:95:9d:
         e1:fa:7a:a3:39:46:b4:c7:aa:f5:9d:d0:67:bc:0b:8b:4e:8c:
         53:6d:52:f5:d5:6c:35:83:ae:be:a0:95:2f:05:de:f4:96:13:
         a1:4f:da:66:0e:23:52:05:46:55:e2:c0:c5:6b:b9:93:b3:2b:
         b5:bd:2c:8a:ff:60:42:dd:ed:90:0e:da:e3:0a:72:9a:26:25:
         60:10:89:53:95:e1:f5:e2:4f:f6:4c:30:d3:b3:74:e7:61:f3:
         47:ae:0b:b5:87:71:47:76:fc:41:f0:b1:9c:d5:80:da:c4:10:
         39:32:07:91:71:35:3c:b4:0e:92:35:3b:68:44:0e:54:3c:58:
         d1:07:7c:f1:cc:23:5f:86:c1:ec:26:48:4b:48:b6:47:8a:12:
         04:87:7c:42:72:fd:c0:96:a1:b0:e8:1b:04:52:c0:63:de:0d:
         67:bd:37:33:4b:44:b1:2c:9a:de:1a:bd:ae:28:7e:fb:68:59:
         0a:36:ac:e9:d5:a4:6b:86:5d:75:42:48:91:f2:7b:5e:b0:ad:
         49:3a:7a:3b:0e:4e:34:fb:20:02:6b:25:3b:24:96:f4:9b:17:
         14:f8:a6:d7
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUHfmyIZSftU3bqSC39y5B4lYMtIAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjAzMjAyMjM0WhcNMjUwNzA4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzODkyNjEzMzZlYmRlMzc4ZTI2M2JlYTk5MzEzNTc0OTgw
YzU2ZjA0MTZmZjkyNmJiZGYyNDE1OWFiODQ5M2ZjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9dg93U2aktUHJmAPe7vZVAbMg1n4XfBYb04zNEXS+zEFT
7FIUlgbf9yPSUg1BaLCy1cyTirg4U1DE3Knb8TFJaPlEAeorZAY0D64WJExaRXJR
17qrTiUr7scA6ewx0741qKBHWQXplfEBWiGoF7i1KJ4hcJhhvwOVIKiGd4d3+3dR
xod1Fax9I2CNUvwENY5/Ouqch+DCtj1HwSMieQolBEQ8jifY3IbCIm3zi96eH1rh
nhF8OO0J0UWpBfz9gb97UpeqwSpxRUWGrIR1LBdJ95Dp8Nk4Bj9svZ94Iom0Ccza
OZFj94bJ7AApb17Kg7S+0m3l/gCJfNQB1NtR4l2jAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU2GH/1g7zToYkWPy1y21U5DF8fvMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JlODNkNzE5LTIzNTUtNDFiMS1hNzYyLWViN2RiM2E3YzY1Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/0EDANBgkqhkiG9w0BAQsFAAOCAQEALKqDPXHhKr7duJIkcEURwUtg
nEaTY+c3pdACyDrOEQIIwZWd4fp6ozlGtMeq9Z3QZ7wLi06MU21S9dVsNYOuvqCV
LwXe9JYToU/aZg4jUgVGVeLAxWu5k7Mrtb0siv9gQt3tkA7a4wpymiYlYBCJU5Xh
9eJP9kww07N052HzR64LtYdxR3b8QfCxnNWA2sQQOTIHkXE1PLQOkjU7aEQOVDxY
0Qd88cwjX4bB7CZIS0i2R4oSBId8QnL9wJahsOgbBFLAY94NZ703M0tEsSya3hq9
rih++2hZCjas6dWka4ZddUJIkfJ7XrCtSTp6Ow5ONPsgAmslOySW9JsXFPim1w==
-----END CERTIFICATE-----
Generated at Sun Jun 8 20:27:37 2025 by rpki-client