Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d21d2b11-198a-4187-babe-5e898f2a1576.roa
File:                     d21d2b11-198a-4187-babe-5e898f2a1576.roa (raw, json)
Hash identifier:          2VctfGwNKTZw8q/6dsbnXPNgbc7sdDLWn6vupl7pl3w=
Subject key identifier:   DF:DB:1F:A7:6F:B0:C7:98:BF:1A:D4:3E:08:70:A0:FB:68:BE:29:5E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       19DC843C857BD6AA7E7710D093298D8DA0C765BA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d21d2b11-198a-4187-babe-5e898f2a1576.roa
Signing time:             Tue 24 Jun 2025 00:21:08 +0000
ROA not before:           Tue 24 Jun 2025 00:21:08 +0000
ROA not after:            Tue 29 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fa0:8000::/39 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 05 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:dc:84:3c:85:7b:d6:aa:7e:77:10:d0:93:29:8d:8d:a0:c7:65:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 24 00:21:08 2025 GMT
            Not After : Jul 29 23:59:59 2025 GMT
        Subject: serialNumber=abbd64e16a3dbd2b70b056df0838373d309d4621570e08f165e6f62f639e1372, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:48:86:0d:48:62:4b:84:6d:b1:22:6f:34:03:
                    75:40:8a:2f:71:59:71:43:05:ab:50:cf:32:4b:40:
                    d6:94:78:3a:11:9e:e5:32:e2:1a:97:8c:12:a7:ce:
                    6e:4c:61:43:32:d6:f0:9c:4f:94:74:44:88:cd:fc:
                    50:cc:8f:a1:eb:e6:ef:b3:e0:75:9f:32:74:fe:49:
                    69:d5:b3:59:22:a3:92:d1:73:cf:6b:44:3b:15:81:
                    95:07:99:3e:59:f9:a0:b3:4e:e7:4f:ce:8c:f2:8e:
                    bd:69:8a:01:3b:48:be:75:7f:23:be:8e:3a:b9:23:
                    3d:2e:20:bc:e0:95:45:25:3a:f4:ed:db:06:78:5c:
                    3b:b6:f1:b8:3f:5b:a3:0f:18:e2:a0:98:be:f7:dc:
                    09:98:dc:8a:f3:e0:34:f2:19:d7:c5:7d:57:dd:52:
                    40:2e:69:1b:33:bf:6d:0f:df:26:7f:4c:93:4e:09:
                    f4:70:96:cd:55:31:ef:80:f6:2b:d2:13:dd:dd:ed:
                    c3:41:57:28:f7:dc:69:8e:ba:cc:2e:e5:64:9a:ee:
                    ca:4e:6c:35:da:8d:79:2a:41:9f:fb:27:1c:d2:41:
                    61:25:9c:ef:f2:55:47:6c:f1:2e:55:ab:51:28:27:
                    59:4d:12:8f:d7:da:d4:63:b5:cb:07:0a:d3:bb:c4:
                    52:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:DB:1F:A7:6F:B0:C7:98:BF:1A:D4:3E:08:70:A0:FB:68:BE:29:5E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d21d2b11-198a-4187-babe-5e898f2a1576.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fa0:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         af:7b:44:6d:7c:4a:2a:51:9a:ba:a2:20:2c:41:b8:ea:e7:98:
         eb:69:1a:72:8a:63:ae:d0:23:27:d2:e2:44:0d:df:bd:43:23:
         e1:1b:2f:9a:df:9c:5c:ab:5c:2d:b1:1c:b0:5a:32:91:9f:86:
         f7:67:82:0c:9c:7c:bd:88:e2:2e:33:98:55:20:1f:48:da:c2:
         b2:ae:18:71:03:70:e0:0f:6a:7b:dd:52:74:02:4e:03:f2:74:
         51:1b:f0:67:18:b7:b7:18:98:eb:05:63:e6:2a:22:70:dd:03:
         f2:8a:ea:48:bf:8f:bd:37:5c:ae:83:02:cf:84:4c:aa:b3:3c:
         e6:39:cd:61:17:e1:d5:0d:4f:b9:36:4c:f8:3c:1b:88:ee:ef:
         bb:6b:90:77:b8:30:c5:97:c3:12:8e:ce:9f:39:4c:5c:ea:11:
         1f:51:e2:20:00:77:f5:9a:01:51:1b:7f:c6:fa:97:bd:39:6a:
         de:74:8d:78:1e:e6:02:80:6a:1b:90:f6:ae:6f:b6:9d:e0:6a:
         f3:f8:af:b1:11:be:83:65:a2:ea:f6:1a:56:96:ab:28:b8:7a:
         4c:c3:2c:ae:a9:05:ef:2d:08:20:5a:6f:aa:5d:33:f4:41:c7:
         57:b4:9e:60:0c:69:37:dc:85:5e:0e:2c:45:75:10:bb:91:b4:
         56:eb:d6:41
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUGdyEPIV71qp+dxDQkymNjaDHZbowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjI0MDAyMTA4WhcNMjUwNzI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYmJkNjRlMTZhM2RiZDJiNzBiMDU2ZGYwODM4MzczZDMw
OWQ0NjIxNTcwZTA4ZjE2NWU2ZjYyZjYzOWUxMzcyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvSIYNSGJLhG2xIm80A3VAii9xWXFDBatQzzJLQNaUeDoR
nuUy4hqXjBKnzm5MYUMy1vCcT5R0RIjN/FDMj6Hr5u+z4HWfMnT+SWnVs1kio5LR
c89rRDsVgZUHmT5Z+aCzTudPzozyjr1pigE7SL51fyO+jjq5Iz0uILzglUUlOvTt
2wZ4XDu28bg/W6MPGOKgmL733AmY3Irz4DTyGdfFfVfdUkAuaRszv20P3yZ/TJNO
CfRwls1VMe+A9ivSE93d7cNBVyj33GmOuswu5WSa7spObDXajXkqQZ/7JxzSQWEl
nO/yVUds8S5Vq1EoJ1lNEo/X2tRjtcsHCtO7xFLjAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU39sfp2+wx5i/GtQ+CHCg+2i+KV4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QyMWQyYjExLTE5OGEtNDE4Ny1iYWJlLTVlODk4ZjJhMTU3Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB+ggDANBgkqhkiG9w0BAQsFAAOCAQEAr3tEbXxKKlGauqIgLEG46ueY
62kacopjrtAjJ9LiRA3fvUMj4Rsvmt+cXKtcLbEcsFoykZ+G92eCDJx8vYjiLjOY
VSAfSNrCsq4YcQNw4A9qe91SdAJOA/J0URvwZxi3txiY6wVj5ioicN0D8orqSL+P
vTdcroMCz4RMqrM85jnNYRfh1Q1PuTZM+DwbiO7vu2uQd7gwxZfDEo7OnzlMXOoR
H1HiIAB39ZoBURt/xvqXvTlq3nSNeB7mAoBqG5D2rm+2neBq8/ivsRG+g2Wi6vYa
VparKLh6TMMsrqkF7y0IIFpvql0z9EHHV7SeYAxpN9yFXg4sRXUQu5G0VuvWQQ==
-----END CERTIFICATE-----
Generated at Fri Jul 4 03:46:46 2025 by rpki-client