Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f189e5be-37a6-4672-9a92-e8d2041c8b2d.roa
File:                     f189e5be-37a6-4672-9a92-e8d2041c8b2d.roa (raw, json)
Hash identifier:          RFMSrGnBDdKAnJuSuhg6P0d3AGPkyVbyz3FqYF3DIfM=
Subject key identifier:   EF:A7:2B:F2:93:45:5F:88:7F:77:80:6D:93:7A:7D:7D:88:1B:8D:12
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       52A84986C1F4A2C35CDFF3B64166749A5F06A134
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f189e5be-37a6-4672-9a92-e8d2041c8b2d.roa
Signing time:             Tue 03 Jun 2025 20:24:42 +0000
ROA not before:           Tue 03 Jun 2025 20:24:42 +0000
ROA not after:            Tue 08 Jul 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1fff:81b0::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 10 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:a8:49:86:c1:f4:a2:c3:5c:df:f3:b6:41:66:74:9a:5f:06:a1:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun  3 20:24:42 2025 GMT
            Not After : Jul  8 23:59:59 2025 GMT
        Subject: serialNumber=5858cf76d42ed0fad4a9e7f6901dce7916cd87aa780e7e7447f8e9b665576a8c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:81:ce:c7:d3:28:18:f6:02:bd:51:61:a5:36:
                    8a:06:f8:ed:b3:d7:78:50:a0:2c:d3:ea:9f:f7:7c:
                    a4:3d:6e:5d:9f:85:49:72:50:97:96:6a:a9:c1:4e:
                    ba:dd:e9:8e:57:14:02:b2:81:d7:fd:5d:f2:e2:3e:
                    87:73:d8:40:3a:49:21:07:fc:91:a5:20:f8:2b:6a:
                    70:42:c7:1b:46:e1:4a:46:57:0f:2e:f0:a8:9a:bc:
                    e8:7c:6c:c4:51:ec:d4:8d:d2:e3:59:ee:c6:94:96:
                    eb:8d:ed:82:5e:07:da:5f:f0:08:ae:87:0f:be:63:
                    a0:4f:75:55:ff:b6:26:58:cb:82:57:aa:6e:1e:ea:
                    a8:d2:4a:0d:2d:88:90:7e:c5:bb:59:55:ce:49:7d:
                    b1:47:8c:40:77:3d:17:d8:b0:e1:56:a3:24:00:7c:
                    f1:63:41:f3:ac:d7:b0:f0:94:f4:1b:41:fd:1f:f7:
                    70:05:cf:5b:6d:62:4b:97:18:8f:1d:2d:e0:b9:07:
                    e8:53:62:d0:c3:e1:60:73:89:76:4a:5e:a5:aa:0e:
                    0b:09:4c:df:f1:62:24:24:ae:68:92:e0:52:87:7d:
                    0f:aa:cc:1e:c3:16:e7:82:74:3b:84:bb:71:3e:af:
                    96:1c:ec:e8:3b:90:81:d2:32:45:72:4c:94:7a:65:
                    c0:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:A7:2B:F2:93:45:5F:88:7F:77:80:6D:93:7A:7D:7D:88:1B:8D:12
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f189e5be-37a6-4672-9a92-e8d2041c8b2d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fff:81b0::/48

    Signature Algorithm: sha256WithRSAEncryption
         0a:4f:9a:e9:7a:e8:3d:20:50:fe:ff:b8:86:d1:8c:55:0a:a9:
         83:01:2f:53:64:f2:6e:35:ed:e8:d0:ba:61:97:96:70:42:49:
         51:e8:ff:23:d3:89:6d:7d:4e:cd:a9:6e:6f:18:bd:b8:36:cb:
         a1:30:17:b7:9c:3f:0d:e4:57:20:dc:d7:6e:89:04:93:06:48:
         68:44:dc:47:a0:3c:ce:3b:e8:a0:6e:db:69:c5:fd:74:5f:74:
         a1:2f:4d:03:c2:e1:79:e9:f6:ae:7d:80:03:fd:d7:2f:8b:18:
         01:18:53:38:6b:df:4c:54:fd:ab:9f:a8:d0:58:d6:53:5e:46:
         c3:eb:49:34:af:42:f2:62:6a:cf:3e:cf:33:89:f8:78:d3:78:
         f6:00:92:77:77:ec:3b:33:54:a0:86:81:bf:7a:71:65:d3:67:
         3a:9b:2f:63:e5:57:40:51:02:bb:c4:f1:ed:4a:3c:6b:f9:ef:
         53:35:9e:17:c2:75:f1:c0:e6:c8:f4:14:02:db:9c:36:8b:84:
         27:49:60:67:5d:90:ff:15:03:77:bc:a0:a5:e5:ca:9f:c2:ab:
         14:fa:ab:01:11:0d:9c:d8:14:60:a1:50:ac:cc:3b:69:0b:f8:
         2d:83:69:e0:8d:55:e0:12:15:99:10:c7:4c:c2:87:0f:9d:46:
         24:04:c6:6c
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUUqhJhsH0osNc3/O2QWZ0ml8GoTQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjAzMjAyNDQyWhcNMjUwNzA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A1ODU4Y2Y3NmQ0MmVkMGZhZDRhOWU3ZjY5MDFkY2U3OTE2
Y2Q4N2FhNzgwZTdlNzQ0N2Y4ZTliNjY1NTc2YThjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCFgc7H0ygY9gK9UWGlNooG+O2z13hQoCzT6p/3fKQ9bl2f
hUlyUJeWaqnBTrrd6Y5XFAKygdf9XfLiPodz2EA6SSEH/JGlIPgranBCxxtG4UpG
Vw8u8KiavOh8bMRR7NSN0uNZ7saUluuN7YJeB9pf8Aiuhw++Y6BPdVX/tiZYy4JX
qm4e6qjSSg0tiJB+xbtZVc5JfbFHjEB3PRfYsOFWoyQAfPFjQfOs17DwlPQbQf0f
93AFz1ttYkuXGI8dLeC5B+hTYtDD4WBziXZKXqWqDgsJTN/xYiQkrmiS4FKHfQ+q
zB7DFueCdDuEu3E+r5Yc7Og7kIHSMkVyTJR6ZcChAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU76cr8pNFX4h/d4Btk3p9fYgbjRIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YxODllNWJlLTM3YTYtNDY3Mi05YTkyLWU4ZDIwNDFjOGIyZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB//gbAwDQYJKoZIhvcNAQELBQADggEBAApPmul66D0gUP7/uIbRjFUK
qYMBL1Nk8m417ejQumGXlnBCSVHo/yPTiW19Ts2pbm8Yvbg2y6EwF7ecPw3kVyDc
126JBJMGSGhE3EegPM476KBu22nF/XRfdKEvTQPC4Xnp9q59gAP91y+LGAEYUzhr
30xU/aufqNBY1lNeRsPrSTSvQvJias8+zzOJ+HjTePYAknd37DszVKCGgb96cWXT
ZzqbL2PlV0BRArvE8e1KPGv571M1nhfCdfHA5sj0FALbnDaLhCdJYGddkP8VA3e8
oKXlyp/CqxT6qwERDZzYFGChUKzMO2kL+C2DaeCNVeASFZkQx0zChw+dRiQExmw=
-----END CERTIFICATE-----