Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cb904bd7-c5b9-4fb0-a66f-158ff7700b6b.roa
File:                     cb904bd7-c5b9-4fb0-a66f-158ff7700b6b.roa (raw, json)
Hash identifier:          jZ6CR9WpWPQlMU0J1ZZ3Ve7X51L/Rwu74GMJAMs2J9A=
Subject key identifier:   E3:75:C4:0A:33:DE:A6:E4:DC:6E:9F:F2:D2:40:F6:DC:23:8F:D2:6A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       403F361292B32D715AAA258E2E11AEDFB69BA55E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cb904bd7-c5b9-4fb0-a66f-158ff7700b6b.roa
Signing time:             Mon 19 May 2025 17:51:03 +0000
ROA not before:           Mon 19 May 2025 17:51:03 +0000
ROA not after:            Mon 23 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f12:800::/38 maxlen: 38
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:3f:36:12:92:b3:2d:71:5a:aa:25:8e:2e:11:ae:df:b6:9b:a5:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 19 17:51:03 2025 GMT
            Not After : Jun 23 23:59:59 2025 GMT
        Subject: serialNumber=728df5653e2f0b71dac10f09a5fe25651baa1e330facceddae2d5464eb329aa9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:67:6e:8e:3c:a0:04:4f:db:58:f4:3c:98:60:
                    04:5f:4f:a9:c1:1c:20:c2:b1:f0:b6:ae:55:75:61:
                    58:4f:3b:bb:1a:7b:44:ac:f3:18:8d:5a:41:10:82:
                    19:b4:c5:8c:87:76:e7:3d:39:9a:b7:b3:91:c2:59:
                    cf:36:a2:9f:eb:60:be:75:9f:00:2a:1d:a2:1c:76:
                    dc:fb:09:de:79:8f:8c:d7:d9:7b:04:19:dd:f2:aa:
                    9c:93:42:4a:31:d5:c7:8e:83:c8:88:65:83:49:47:
                    99:29:2c:74:a0:02:3e:f2:10:a3:98:89:03:d2:ca:
                    c1:d5:35:4a:e5:de:61:b2:09:49:b9:a9:99:00:ec:
                    a8:05:5e:9b:36:6e:06:f4:a5:55:14:be:40:2a:3d:
                    03:42:d6:4e:0c:7f:48:61:4c:f7:ae:74:89:5c:8e:
                    a7:75:ee:1c:25:38:c5:4a:0a:74:39:34:b9:7e:21:
                    3f:54:91:76:9c:35:e6:59:15:28:b7:68:45:a5:f2:
                    ed:c5:76:84:32:fd:6d:bc:fd:6c:47:5e:b3:3e:06:
                    5a:78:a2:a3:9d:a3:4f:a0:39:48:d5:da:0d:39:02:
                    72:b6:81:c2:d7:17:cd:32:d8:1e:f2:b1:4c:a9:c9:
                    c2:13:c8:ca:b7:c5:cb:3d:58:23:9b:ca:df:86:aa:
                    fa:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:75:C4:0A:33:DE:A6:E4:DC:6E:9F:F2:D2:40:F6:DC:23:8F:D2:6A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cb904bd7-c5b9-4fb0-a66f-158ff7700b6b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f12:800::/38

    Signature Algorithm: sha256WithRSAEncryption
         7c:46:d5:97:d5:18:e5:57:c7:ad:55:16:62:30:86:f6:13:5b:
         fd:3f:b5:de:11:e6:21:0c:8f:97:ff:92:89:6f:b7:62:dc:b9:
         40:22:2e:c3:85:ea:57:ba:40:be:c5:42:80:31:d1:f9:67:57:
         f9:8c:e3:d5:ba:35:1c:3d:6c:bc:c3:3c:dd:a7:f5:52:71:84:
         61:e8:ff:30:50:5e:d1:0a:bb:0f:08:ee:3e:c0:6d:b6:09:b8:
         77:05:5b:34:e9:6e:26:5d:9b:9f:28:82:d3:87:81:aa:10:3e:
         0b:27:cd:cc:13:cf:dc:4e:16:57:21:72:dc:60:20:94:b9:62:
         37:09:6e:b1:95:03:8f:67:48:37:fb:eb:35:57:a9:52:09:fb:
         23:42:cf:13:b0:51:45:cb:64:eb:aa:49:5f:15:6e:b3:74:32:
         5c:93:9d:a7:6d:36:f6:0e:7c:31:62:b2:e7:ec:59:60:ee:5d:
         5f:7d:aa:48:ff:00:65:ca:be:85:9c:89:67:47:ce:6e:5b:5d:
         66:c8:0c:d1:e3:36:8d:20:a4:9a:3f:cd:06:fc:1a:85:99:0b:
         ce:5f:f0:89:ca:7c:c0:60:55:4d:9a:df:1c:d7:fe:d9:8e:bb:
         98:8f:b8:ca:57:7e:2d:c4:a9:97:01:0b:92:f7:9e:a9:84:55:
         62:c2:a0:53
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUQD82EpKzLXFaqiWOLhGu37abpV4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTE5MTc1MTAzWhcNMjUwNjIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3MjhkZjU2NTNlMmYwYjcxZGFjMTBmMDlhNWZlMjU2NTFi
YWExZTMzMGZhY2NlZGRhZTJkNTQ2NGViMzI5YWE5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2Z26OPKAET9tY9DyYYARfT6nBHCDCsfC2rlV1YVhPO7sa
e0Ss8xiNWkEQghm0xYyHduc9OZq3s5HCWc82op/rYL51nwAqHaIcdtz7Cd55j4zX
2XsEGd3yqpyTQkox1ceOg8iIZYNJR5kpLHSgAj7yEKOYiQPSysHVNUrl3mGyCUm5
qZkA7KgFXps2bgb0pVUUvkAqPQNC1k4Mf0hhTPeudIlcjqd17hwlOMVKCnQ5NLl+
IT9UkXacNeZZFSi3aEWl8u3FdoQy/W28/WxHXrM+Blp4oqOdo0+gOUjV2g05AnK2
gcLXF80y2B7ysUypycITyMq3xcs9WCObyt+Gqvp7AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU43XECjPepuTcbp/y0kD23COP0mowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NiOTA0YmQ3LWM1YjktNGZiMC1hNjZmLTE1OGZmNzcwMGI2Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgImAB8SCDANBgkqhkiG9w0BAQsFAAOCAQEAfEbVl9UY5VfHrVUWYjCG9hNb
/T+13hHmIQyPl/+SiW+3Yty5QCIuw4XqV7pAvsVCgDHR+WdX+Yzj1bo1HD1svMM8
3af1UnGEYej/MFBe0Qq7DwjuPsBttgm4dwVbNOluJl2bnyiC04eBqhA+CyfNzBPP
3E4WVyFy3GAglLliNwlusZUDj2dIN/vrNVepUgn7I0LPE7BRRctk66pJXxVus3Qy
XJOdp2029g58MWKy5+xZYO5dX32qSP8AZcq+hZyJZ0fObltdZsgM0eM2jSCkmj/N
BvwahZkLzl/wicp8wGBVTZrfHNf+2Y67mI+4yld+LcSplwELkveeqYRVYsKgUw==
-----END CERTIFICATE-----