Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ef1681d2-ccb0-459c-89f1-3dea31b1515a.roa
File:                     ef1681d2-ccb0-459c-89f1-3dea31b1515a.roa (raw, json)
Hash identifier:          xeTgaGCzqD/HUKEofnuz8AmZ811thySOA2yKeHA0IhU=
Subject key identifier:   43:A3:CA:61:37:89:E1:67:63:9F:31:5F:91:18:D7:9A:49:5E:29:C7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       407C0FA925EAED7B4BC64C824A24A06386F585C0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ef1681d2-ccb0-459c-89f1-3dea31b1515a.roa
Signing time:             Fri 28 Mar 2025 17:11:32 +0000
ROA not before:           Fri 28 Mar 2025 17:11:32 +0000
ROA not after:            Fri 02 May 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f1d:4000::/37 maxlen: 37
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 17 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:7c:0f:a9:25:ea:ed:7b:4b:c6:4c:82:4a:24:a0:63:86:f5:85:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 28 17:11:32 2025 GMT
            Not After : May  2 23:59:59 2025 GMT
        Subject: serialNumber=7c8cbb3d4f096b33b0c5f0212883b9330f15c8e3684348d5f149c39a1609ed78, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:fb:a4:c5:1f:86:49:35:e7:95:45:e5:c8:a6:
                    66:20:4f:76:78:4d:7c:d6:a5:7e:36:3d:7a:f1:e5:
                    04:8a:d2:de:88:f3:45:2b:4a:47:e8:70:e0:cb:05:
                    48:18:15:87:c0:bd:a4:17:9a:5e:8d:c8:90:bf:7a:
                    f3:42:4d:9a:aa:83:b3:ae:99:ca:76:72:cb:3a:09:
                    81:97:9f:07:cc:d7:46:e4:19:db:95:96:a3:99:10:
                    98:12:07:47:20:01:b6:f1:5b:a8:d4:3e:04:4b:c8:
                    96:d9:a3:ca:24:99:a5:e1:8f:6c:5f:06:75:45:74:
                    3b:71:3c:2b:97:af:86:d1:2b:e2:2d:a9:60:58:a7:
                    6a:6c:bf:d8:6e:87:48:0f:1c:cb:80:de:74:70:50:
                    1b:2a:2c:33:fa:1b:4c:50:ee:40:1a:22:98:b4:02:
                    91:01:03:4a:76:14:dc:fd:50:93:c3:d9:b3:6c:23:
                    b3:14:9b:0a:a1:2d:98:cf:a1:04:d7:aa:41:1d:19:
                    ae:da:91:1d:dd:a2:42:6f:d6:e1:d7:71:ba:c9:27:
                    f2:ee:5c:87:63:cd:73:8f:93:27:9a:66:89:ab:b5:
                    d3:07:57:b5:d0:8d:0d:e9:ad:df:7b:6c:2c:51:74:
                    f1:c2:bf:2d:6b:cb:da:91:33:6f:fe:3d:66:67:00:
                    49:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:A3:CA:61:37:89:E1:67:63:9F:31:5F:91:18:D7:9A:49:5E:29:C7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ef1681d2-ccb0-459c-89f1-3dea31b1515a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f1d:4000::/37

    Signature Algorithm: sha256WithRSAEncryption
         c7:38:ef:63:f4:d4:18:d2:cc:19:97:50:cd:45:22:d8:bf:1a:
         ad:ed:58:46:9a:52:cf:07:08:13:ac:38:77:63:6b:97:42:26:
         a2:70:2b:e5:cc:1e:d0:67:ab:c4:c5:8f:b4:01:99:35:36:91:
         ce:8a:5e:39:91:00:1b:41:78:38:39:93:90:90:2e:de:04:1c:
         6a:10:97:b1:a6:5c:7d:8a:6f:19:64:96:7c:a0:39:08:f2:4e:
         84:ce:3b:60:b6:99:37:a5:bc:f1:ac:38:11:49:76:e4:26:c4:
         26:58:cb:4b:81:c7:f0:96:62:9a:cd:b6:31:6b:c9:f7:1e:2c:
         d9:12:d8:98:50:da:37:25:89:06:ef:82:bd:49:07:a4:88:86:
         cb:36:63:af:de:ef:34:cd:03:30:e2:d2:2f:81:f5:98:7d:a4:
         92:ec:43:67:75:95:b4:61:0f:50:0e:4d:10:95:04:64:f0:16:
         b1:8c:3a:3f:29:0b:7b:0c:76:f7:e6:92:74:f8:f8:66:aa:c4:
         ff:4a:68:26:da:fb:40:c0:3e:89:cb:8c:c6:48:cc:bc:e4:c5:
         3e:b4:8b:07:65:31:48:25:89:a5:52:f4:d0:3e:7b:43:d9:69:
         f2:81:d1:22:f0:88:83:fd:d8:7d:e2:56:97:86:f7:13:6a:ad:
         1e:2a:7b:b4
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUQHwPqSXq7XtLxkyCSiSgY4b1hcAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI4MTcxMTMyWhcNMjUwNTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A3YzhjYmIzZDRmMDk2YjMzYjBjNWYwMjEyODgzYjkzMzBm
MTVjOGUzNjg0MzQ4ZDVmMTQ5YzM5YTE2MDllZDc4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDn+6TFH4ZJNeeVReXIpmYgT3Z4TXzWpX42PXrx5QSK0t6I
80UrSkfocODLBUgYFYfAvaQXml6NyJC/evNCTZqqg7Oumcp2css6CYGXnwfM10bk
GduVlqOZEJgSB0cgAbbxW6jUPgRLyJbZo8okmaXhj2xfBnVFdDtxPCuXr4bRK+It
qWBYp2psv9huh0gPHMuA3nRwUBsqLDP6G0xQ7kAaIpi0ApEBA0p2FNz9UJPD2bNs
I7MUmwqhLZjPoQTXqkEdGa7akR3dokJv1uHXcbrJJ/LuXIdjzXOPkyeaZomrtdMH
V7XQjQ3prd97bCxRdPHCvy1ry9qRM2/+PWZnAElHAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUQ6PKYTeJ4WdjnzFfkRjXmkleKccwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VmMTY4MWQyLWNjYjAtNDU5Yy04OWYxLTNkZWEzMWIxNTE1YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgMmAB8dQDANBgkqhkiG9w0BAQsFAAOCAQEAxzjvY/TUGNLMGZdQzUUi2L8a
re1YRppSzwcIE6w4d2Nrl0ImonAr5cwe0GerxMWPtAGZNTaRzopeOZEAG0F4ODmT
kJAu3gQcahCXsaZcfYpvGWSWfKA5CPJOhM47YLaZN6W88aw4EUl25CbEJljLS4HH
8JZims22MWvJ9x4s2RLYmFDaNyWJBu+CvUkHpIiGyzZjr97vNM0DMOLSL4H1mH2k
kuxDZ3WVtGEPUA5NEJUEZPAWsYw6PykLewx29+aSdPj4ZqrE/0poJtr7QMA+icuM
xkjMvOTFPrSLB2UxSCWJpVL00D57Q9lp8oHRIvCIg/3YfeJWl4b3E2qtHip7tA==
-----END CERTIFICATE-----