Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dc03b0b8-dc48-442a-b40c-185ce689ee9e.roa
File:                     dc03b0b8-dc48-442a-b40c-185ce689ee9e.roa (raw, json)
Hash identifier:          vZvARKWbN7lGIaBMatA7TPChk7W9yDrxhCJK7Jix7hg=
Subject key identifier:   8E:D5:34:2A:3C:33:91:D7:DA:04:10:87:C5:48:91:BF:7A:4A:4E:53
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5462F42BCB8C4311874E1FCBB2BDBFDE35C7F296
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dc03b0b8-dc48-442a-b40c-185ce689ee9e.roa
Signing time:             Tue 26 Aug 2025 16:32:06 +0000
ROA not before:           Tue 26 Aug 2025 16:32:06 +0000
ROA not after:            Tue 30 Sep 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1f38:2000::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Sep 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:62:f4:2b:cb:8c:43:11:87:4e:1f:cb:b2:bd:bf:de:35:c7:f2:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 26 16:32:06 2025 GMT
            Not After : Sep 30 23:59:59 2025 GMT
        Subject: serialNumber=27c5b56d27dc662cfd826bebddc37aba76b273996f4e606af230a62748c8f25f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:60:3f:83:5c:29:2f:36:0a:6d:83:8c:3f:71:
                    51:a6:28:9e:22:db:c0:63:6a:87:8b:17:61:03:7c:
                    51:29:d2:15:47:18:0e:23:55:66:b3:11:5f:d9:2b:
                    ff:ae:56:eb:13:7a:47:28:07:1e:1c:d9:e1:31:20:
                    d3:e5:e3:9c:0d:f6:69:68:63:28:f6:c9:ed:5b:62:
                    ea:44:3b:64:86:46:6e:da:a1:9a:9d:57:6e:26:9b:
                    8e:39:c8:b8:b3:8b:bd:12:20:49:43:d0:0b:10:be:
                    1d:25:cf:bd:08:8b:06:11:e4:6a:2c:86:1b:e4:d4:
                    99:83:d2:fe:08:fd:90:65:52:58:0c:3a:02:fb:85:
                    90:73:26:dd:a0:bb:3f:c6:f9:54:22:37:6a:7b:13:
                    9e:47:2c:03:a2:f9:e4:a6:0b:ad:df:be:5b:d3:02:
                    89:f6:05:d6:34:e9:5a:49:9b:bc:83:95:d5:3f:9d:
                    43:65:88:fa:b6:65:b4:8a:5a:6e:63:14:d7:9c:83:
                    1b:87:a1:b8:4d:b0:cf:b4:29:70:78:fe:35:e5:ec:
                    52:d1:c2:dd:06:74:10:b4:1f:ad:b1:21:45:a9:2e:
                    e8:2b:f0:d1:a1:a8:18:ab:3e:13:16:e9:ea:80:2a:
                    04:11:c7:8d:a3:b9:11:9e:39:20:14:0b:f6:5a:74:
                    1d:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:D5:34:2A:3C:33:91:D7:DA:04:10:87:C5:48:91:BF:7A:4A:4E:53
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dc03b0b8-dc48-442a-b40c-185ce689ee9e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f38:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         c4:2d:7e:be:39:c1:30:84:68:07:8d:e8:31:e0:4b:ae:3b:2d:
         fe:6d:e0:64:26:22:99:b2:c6:67:c3:8d:a4:9c:84:c6:76:58:
         93:e5:6e:0b:95:dd:b4:c5:99:ff:a9:f0:77:e8:f5:c3:5f:9f:
         6a:49:85:37:0f:65:78:b0:b9:8b:50:55:f8:38:59:e4:b6:d0:
         a2:7a:92:b3:5f:04:2d:3f:e0:26:07:6f:0a:69:3b:a6:72:4d:
         f2:f9:ab:d2:35:12:47:43:00:75:be:43:39:80:a3:02:8c:c6:
         9a:2c:b8:2c:26:96:9f:50:bc:99:8a:da:99:fe:37:73:d1:b4:
         99:10:23:1b:24:bd:b1:01:cd:31:24:98:4f:2b:17:a0:c5:ab:
         d7:b2:da:f8:66:24:c1:0e:0c:09:56:40:48:6c:f3:9a:fc:cd:
         ce:78:88:49:70:5a:8b:cd:82:6c:92:46:e0:b9:e6:2d:0b:79:
         ee:70:c0:10:17:3b:6b:9d:c1:8d:26:6c:05:0d:da:c9:31:2e:
         7d:5a:74:f6:2a:ea:cf:ba:e7:67:a0:ba:0e:f4:2d:d1:65:be:
         2a:32:5e:41:2d:48:ec:a6:70:e8:d6:dc:22:78:32:58:b4:8b:
         22:bf:da:f9:e7:55:14:b1:94:f8:d2:aa:f9:09:56:43:db:51:
         8e:3a:a7:fd
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUVGL0K8uMQxGHTh/Lsr2/3jXH8pYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODI2MTYzMjA2WhcNMjUwOTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0AyN2M1YjU2ZDI3ZGM2NjJjZmQ4MjZiZWJkZGMzN2FiYTc2
YjI3Mzk5NmY0ZTYwNmFmMjMwYTYyNzQ4YzhmMjVmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0YD+DXCkvNgptg4w/cVGmKJ4i28BjaoeLF2EDfFEp0hVH
GA4jVWazEV/ZK/+uVusTekcoBx4c2eExINPl45wN9mloYyj2ye1bYupEO2SGRm7a
oZqdV24mm445yLizi70SIElD0AsQvh0lz70IiwYR5Goshhvk1JmD0v4I/ZBlUlgM
OgL7hZBzJt2guz/G+VQiN2p7E55HLAOi+eSmC63fvlvTAon2BdY06VpJm7yDldU/
nUNliPq2ZbSKWm5jFNecgxuHobhNsM+0KXB4/jXl7FLRwt0GdBC0H62xIUWpLugr
8NGhqBirPhMW6eqAKgQRx42juRGeOSAUC/ZadB19AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUjtU0KjwzkdfaBBCHxUiRv3pKTlMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RjMDNiMGI4LWRjNDgtNDQyYS1iNDBjLTE4NWNlNjg5ZWU5ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB84IDANBgkqhkiG9w0BAQsFAAOCAQEAxC1+vjnBMIRoB43oMeBLrjst
/m3gZCYimbLGZ8ONpJyExnZYk+VuC5XdtMWZ/6nwd+j1w1+fakmFNw9leLC5i1BV
+DhZ5LbQonqSs18ELT/gJgdvCmk7pnJN8vmr0jUSR0MAdb5DOYCjAozGmiy4LCaW
n1C8mYramf43c9G0mRAjGyS9sQHNMSSYTysXoMWr17La+GYkwQ4MCVZASGzzmvzN
zniISXBai82CbJJG4LnmLQt57nDAEBc7a53BjSZsBQ3ayTEufVp09irqz7rnZ6C6
DvQt0WW+KjJeQS1I7KZw6NbcIngyWLSLIr/a+edVFLGU+NKq+QlWQ9tRjjqn/Q==
-----END CERTIFICATE-----