Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cf9f9c1e-0e1b-4282-9df6-71ca543a6f1f.roa
File:                     cf9f9c1e-0e1b-4282-9df6-71ca543a6f1f.roa (raw, json)
Hash identifier:          Z4v0wHh2oHpN9c9sjKVEgTwxFFUvbEvvmpbrCmrQSzk=
Subject key identifier:   BB:7C:60:57:C7:CB:B5:39:AC:2C:FF:64:E2:68:99:0B:5D:10:36:F5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       07115D6DDEC77C22D41809C02FCA33E05FAB639A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cf9f9c1e-0e1b-4282-9df6-71ca543a6f1f.roa
Signing time:             Tue 26 Aug 2025 16:21:59 +0000
ROA not before:           Tue 26 Aug 2025 16:21:59 +0000
ROA not after:            Tue 30 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f38:8000::/39 maxlen: 39
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Sep 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:11:5d:6d:de:c7:7c:22:d4:18:09:c0:2f:ca:33:e0:5f:ab:63:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 26 16:21:59 2025 GMT
            Not After : Sep 30 23:59:59 2025 GMT
        Subject: serialNumber=b82abee2587e7ff3a0e6985041a7e797eb0fcf7da818d50b5e7b71222b5cc01f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:36:f0:db:87:94:b8:f5:7c:52:79:38:ea:79:
                    58:cf:96:77:29:4c:63:8f:71:ad:33:80:1d:30:bd:
                    91:49:37:a5:08:b5:fe:22:c4:44:be:e3:b9:a0:c4:
                    5c:c7:df:b8:fe:25:1d:29:93:4a:68:35:db:b2:9a:
                    07:fc:fa:ad:2c:94:03:a0:d8:4f:35:0e:7f:70:c3:
                    30:93:d0:67:78:aa:8f:2d:2c:a5:7b:06:14:ca:49:
                    b8:9e:0e:6b:19:3e:75:79:42:88:e5:cf:8f:12:76:
                    39:21:1e:1d:a6:c1:8d:1e:55:3d:cd:61:d9:c8:cf:
                    f3:4f:96:f0:1c:96:93:08:7f:b3:79:e7:4f:40:68:
                    3d:41:71:cb:48:7a:04:89:17:2c:ec:19:71:1a:f9:
                    2e:cc:c3:1b:d0:2b:ae:3d:72:dd:0e:f3:51:7e:39:
                    38:7e:5c:22:3f:02:87:c8:c8:4b:d3:e1:69:2a:d0:
                    8e:80:b0:3d:a8:0c:9c:6b:48:e9:af:33:82:6b:d2:
                    e4:0c:d3:54:08:b8:0e:db:a6:3f:c8:eb:fa:a9:7f:
                    e5:d1:0c:3b:e7:1e:8d:4f:76:a8:bf:a2:4d:18:3a:
                    79:39:08:c5:dd:e3:ae:20:02:f7:a1:7a:0e:e1:03:
                    85:72:ff:20:71:33:8d:30:22:d4:3c:30:e7:67:87:
                    78:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:7C:60:57:C7:CB:B5:39:AC:2C:FF:64:E2:68:99:0B:5D:10:36:F5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cf9f9c1e-0e1b-4282-9df6-71ca543a6f1f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f38:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         7f:23:1e:09:1f:9a:c1:6e:8c:f5:76:34:85:ba:33:80:4f:9d:
         7e:24:7a:6f:cf:70:25:1e:a6:50:9d:16:b0:fd:6b:82:5d:be:
         ca:a3:81:54:08:ee:39:c4:ab:3e:0f:1b:5a:1d:71:ae:d9:0c:
         85:09:97:2b:e5:85:6b:82:ad:1c:2e:cf:95:c3:d2:b0:ee:d2:
         50:d9:d7:03:75:b7:77:ec:32:ca:48:d7:a6:03:b5:e4:1e:66:
         78:e5:77:40:65:bc:5b:4c:04:03:a0:2c:97:ff:5b:90:4a:0e:
         11:e6:d7:34:bf:8e:d4:12:71:3c:f6:26:ba:da:84:07:51:9d:
         77:c2:0e:8b:f9:c6:ff:c2:33:46:89:06:7f:f5:ea:4e:95:bb:
         dc:1e:6d:80:90:45:f5:7f:17:95:a0:ba:03:8c:08:73:a1:9f:
         73:16:60:c8:9f:e5:ef:9f:cb:d4:d7:b4:9b:49:53:e2:7b:df:
         1e:6a:29:5a:bb:a1:df:41:a6:31:c9:0b:74:f6:0f:7c:7d:b7:
         92:9d:c6:e7:58:ad:da:93:75:a6:b5:69:da:ad:c3:13:bf:95:
         a7:62:43:b0:80:d4:14:88:e3:dc:4a:26:ae:02:f4:c5:c8:72:
         37:7d:7b:c3:5e:31:89:fc:20:71:fc:a4:b4:15:bc:c8:e5:f6:
         c6:d9:18:0a
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUBxFdbd7HfCLUGAnAL8oz4F+rY5owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODI2MTYyMTU5WhcNMjUwOTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiODJhYmVlMjU4N2U3ZmYzYTBlNjk4NTA0MWE3ZTc5N2Vi
MGZjZjdkYTgxOGQ1MGI1ZTdiNzEyMjJiNWNjMDFmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQChNvDbh5S49XxSeTjqeVjPlncpTGOPca0zgB0wvZFJN6UI
tf4ixES+47mgxFzH37j+JR0pk0poNduymgf8+q0slAOg2E81Dn9wwzCT0Gd4qo8t
LKV7BhTKSbieDmsZPnV5Qojlz48SdjkhHh2mwY0eVT3NYdnIz/NPlvAclpMIf7N5
509AaD1BcctIegSJFyzsGXEa+S7MwxvQK649ct0O81F+OTh+XCI/AofIyEvT4Wkq
0I6AsD2oDJxrSOmvM4Jr0uQM01QIuA7bpj/I6/qpf+XRDDvnHo1Pdqi/ok0YOnk5
CMXd464gAveheg7hA4Vy/yBxM40wItQ8MOdnh3h3AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUu3xgV8fLtTmsLP9k4miZC10QNvUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NmOWY5YzFlLTBlMWItNDI4Mi05ZGY2LTcxY2E1NDNhNmYxZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB84gDANBgkqhkiG9w0BAQsFAAOCAQEAfyMeCR+awW6M9XY0hbozgE+d
fiR6b89wJR6mUJ0WsP1rgl2+yqOBVAjuOcSrPg8bWh1xrtkMhQmXK+WFa4KtHC7P
lcPSsO7SUNnXA3W3d+wyykjXpgO15B5meOV3QGW8W0wEA6Asl/9bkEoOEebXNL+O
1BJxPPYmutqEB1Gdd8IOi/nG/8IzRokGf/XqTpW73B5tgJBF9X8XlaC6A4wIc6Gf
cxZgyJ/l75/L1Ne0m0lT4nvfHmopWruh30GmMckLdPYPfH23kp3G51it2pN1prVp
2q3DE7+Vp2JDsIDUFIjj3EomrgL0xchyN317w14xifwgcfyktBW8yOX2xtkYCg==
-----END CERTIFICATE-----