Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/daa42d09-1a05-43e1-aec3-6bcf52959a4d.roa
File:                     daa42d09-1a05-43e1-aec3-6bcf52959a4d.roa (raw, json)
Hash identifier:          mFFi7C7L+SlNXITQboU0ML8MmqA/OEcZesmHCs0CHCY=
Subject key identifier:   DE:0B:7A:15:7C:D9:FD:CF:BE:95:80:B9:33:0C:B1:13:7D:56:43:EB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       58D27D46C2835CD8268D1042E84644BE1F0CB280
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/daa42d09-1a05-43e1-aec3-6bcf52959a4d.roa
Signing time:             Fri 15 Aug 2025 00:40:22 +0000
ROA not before:           Fri 15 Aug 2025 00:40:22 +0000
ROA not after:            Fri 19 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f38:8010::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 21 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:d2:7d:46:c2:83:5c:d8:26:8d:10:42:e8:46:44:be:1f:0c:b2:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 15 00:40:22 2025 GMT
            Not After : Sep 19 23:59:59 2025 GMT
        Subject: serialNumber=c1731b8fdb1b2ef0441bbb4695628a7ed3186bd2529ea1bf6b0df11c4f7b0ca9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:42:0a:45:f5:a1:72:71:c2:95:6e:86:ac:17:
                    6d:70:ad:73:f3:e8:3f:71:61:bb:a4:f5:69:54:78:
                    25:fe:3b:73:80:29:31:12:20:e8:2c:15:60:27:9e:
                    cf:f8:bc:cb:0a:66:79:89:c5:a5:1f:24:f1:7a:4c:
                    a4:e7:4e:7c:00:55:3c:ff:c2:1d:23:7c:b3:9d:87:
                    7e:b6:ca:88:9c:53:87:8f:92:be:20:11:e5:eb:e3:
                    df:20:05:f6:6a:15:4b:b7:3e:e1:da:00:04:cb:d4:
                    2e:5e:e0:12:5d:80:d7:6e:df:45:1f:75:9c:3e:97:
                    f5:4d:b1:ef:f4:92:fe:14:5f:22:ac:05:ac:a9:aa:
                    83:7a:da:4f:f0:f2:5d:a1:05:c6:df:5e:0b:cc:49:
                    e7:43:ec:74:ee:c5:47:00:59:49:63:72:a2:40:e2:
                    bb:a3:92:df:09:f7:bb:12:70:3c:f9:70:05:67:e1:
                    95:4a:3d:f8:2d:1c:02:e8:bd:3b:11:76:24:9b:3f:
                    15:cf:37:37:70:32:a3:24:fd:89:24:a6:82:de:65:
                    dc:05:c8:3d:c2:f1:da:95:fd:2f:1e:77:79:fe:9d:
                    b9:1b:0a:56:7a:85:3d:b5:c1:92:89:3e:4c:57:71:
                    4d:3a:6a:f0:84:78:98:a6:fb:eb:63:a6:54:06:2f:
                    39:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:0B:7A:15:7C:D9:FD:CF:BE:95:80:B9:33:0C:B1:13:7D:56:43:EB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/daa42d09-1a05-43e1-aec3-6bcf52959a4d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f38:8010::/48

    Signature Algorithm: sha256WithRSAEncryption
         ce:7e:e5:60:bd:73:7e:30:79:c4:df:0d:d6:27:f1:28:ed:45:
         7f:e5:5d:ac:52:77:74:25:a7:e8:89:9c:0e:18:95:49:af:cd:
         1e:c8:bd:ba:c0:f1:77:18:33:c1:7b:84:f9:71:cc:f7:cb:19:
         3d:db:e7:27:d2:70:74:58:98:9e:c9:b9:c0:8c:ab:99:81:59:
         91:e9:90:c2:cd:d4:54:3a:85:45:68:1a:f2:9d:60:ca:cf:62:
         ae:07:99:eb:da:a4:9f:29:b0:f5:1f:47:0e:ba:37:3d:83:22:
         c1:c4:00:fe:87:f7:65:3d:7f:4f:a3:6f:4f:63:25:ea:6b:72:
         57:0c:b9:1d:07:1c:c2:d2:60:8c:1c:64:b8:74:f3:11:31:1f:
         b1:2f:6d:db:7b:02:15:91:4d:bb:9a:d8:a1:e5:22:24:8d:33:
         d1:4b:fc:bf:1c:2e:86:20:28:b1:78:92:cc:58:75:7c:46:3d:
         fc:60:80:ca:81:7b:4f:29:f3:e8:f2:26:5b:25:72:14:bb:34:
         3a:90:08:74:46:7d:6a:a3:08:64:9c:1b:15:dc:71:22:db:00:
         85:02:18:2c:76:81:45:37:b0:37:ad:62:63:2a:66:4c:a8:03:
         36:b8:f6:91:3d:7f:0f:d1:24:dc:54:46:94:a8:91:31:fb:46:
         ee:76:f5:a5
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUWNJ9RsKDXNgmjRBC6EZEvh8MsoAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODE1MDA0MDIyWhcNMjUwOTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BjMTczMWI4ZmRiMWIyZWYwNDQxYmJiNDY5NTYyOGE3ZWQz
MTg2YmQyNTI5ZWExYmY2YjBkZjExYzRmN2IwY2E5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCoQgpF9aFyccKVboasF21wrXPz6D9xYbuk9WlUeCX+O3OA
KTESIOgsFWAnns/4vMsKZnmJxaUfJPF6TKTnTnwAVTz/wh0jfLOdh362yoicU4eP
kr4gEeXr498gBfZqFUu3PuHaAATL1C5e4BJdgNdu30UfdZw+l/VNse/0kv4UXyKs
BaypqoN62k/w8l2hBcbfXgvMSedD7HTuxUcAWUljcqJA4rujkt8J97sScDz5cAVn
4ZVKPfgtHALovTsRdiSbPxXPNzdwMqMk/YkkpoLeZdwFyD3C8dqV/S8ed3n+nbkb
ClZ6hT21wZKJPkxXcU06avCEeJim++tjplQGLznVAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU3gt6FXzZ/c++lYC5MwyxE31WQ+swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RhYTQyZDA5LTFhMDUtNDNlMS1hZWMzLTZiY2Y1Mjk1OWE0ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB84gBAwDQYJKoZIhvcNAQELBQADggEBAM5+5WC9c34wecTfDdYn8Sjt
RX/lXaxSd3Qlp+iJnA4YlUmvzR7IvbrA8XcYM8F7hPlxzPfLGT3b5yfScHRYmJ7J
ucCMq5mBWZHpkMLN1FQ6hUVoGvKdYMrPYq4HmevapJ8psPUfRw66Nz2DIsHEAP6H
92U9f0+jb09jJeprclcMuR0HHMLSYIwcZLh08xExH7Evbdt7AhWRTbua2KHlIiSN
M9FL/L8cLoYgKLF4ksxYdXxGPfxggMqBe08p8+jyJlslchS7NDqQCHRGfWqjCGSc
GxXccSLbAIUCGCx2gUU3sDetYmMqZkyoAza49pE9fw/RJNxURpSokTH7Ru529aU=
-----END CERTIFICATE-----