Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fae3eabc-4cd1-446b-b61d-51ce31c26fb8.roa
File:                     fae3eabc-4cd1-446b-b61d-51ce31c26fb8.roa (raw, json)
Hash identifier:          hhWcU6ZjxM3SCWrYzJUHueDKdevPLDsKNzU9OsXzxB4=
Subject key identifier:   41:22:49:67:D2:FE:86:6A:98:50:8E:F4:7E:E9:C8:06:2F:7F:CD:EB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       41E9E17E1A725AD0B7D7D0189A81F557792AD35A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fae3eabc-4cd1-446b-b61d-51ce31c26fb8.roa
Signing time:             Mon 16 Jun 2025 15:11:24 +0000
ROA not before:           Mon 16 Jun 2025 15:11:24 +0000
ROA not after:            Mon 21 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ffa:c000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 02 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:e9:e1:7e:1a:72:5a:d0:b7:d7:d0:18:9a:81:f5:57:79:2a:d3:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 16 15:11:24 2025 GMT
            Not After : Jul 21 23:59:59 2025 GMT
        Subject: serialNumber=7947a053fb2c807ba1f4de1263f59840da567d0fc33e6a1a589fa44bcac550a8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:b1:34:80:e6:7e:88:47:1a:e7:7d:77:80:c0:
                    36:f9:f9:aa:3a:b4:29:91:25:c8:ee:7c:24:21:42:
                    ba:f6:8a:e3:7e:33:e4:32:5c:54:e4:1e:38:af:fb:
                    c2:22:e6:95:03:03:6e:0b:0c:93:63:0a:10:4b:c1:
                    6f:d7:8d:4a:8c:f4:b1:42:65:79:be:50:41:3c:82:
                    6e:05:0d:08:ca:a3:08:25:c6:4b:8e:f0:d1:6d:64:
                    d7:7b:31:d8:47:00:41:03:b1:fd:d8:ca:01:fa:f7:
                    f3:f2:46:39:f0:4c:8b:ea:55:c8:73:fd:f0:ce:13:
                    80:4e:3e:7d:cf:70:e6:14:0c:19:f6:b0:4d:ad:a6:
                    4b:68:33:e4:05:d4:70:3f:16:f3:a1:1b:14:e0:d2:
                    c0:19:48:60:98:a0:cb:13:fc:7a:e9:2c:38:e8:89:
                    48:ce:a0:db:c9:84:6e:c9:94:4e:0d:6c:cc:cf:95:
                    3f:55:e9:03:64:e9:2f:21:bd:6c:bf:c5:4e:e5:c9:
                    9b:bb:6d:b3:b0:58:83:5e:7b:d6:0e:07:cd:cc:f3:
                    39:04:5a:3c:b0:a7:2d:24:42:a3:a7:aa:12:61:cc:
                    55:92:7d:c1:c5:72:d6:44:bf:cd:e1:41:8d:a0:88:
                    70:83:29:75:bf:e7:56:58:cd:3a:28:69:d3:27:29:
                    19:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:22:49:67:D2:FE:86:6A:98:50:8E:F4:7E:E9:C8:06:2F:7F:CD:EB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fae3eabc-4cd1-446b-b61d-51ce31c26fb8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffa:c000::/40

    Signature Algorithm: sha256WithRSAEncryption
         42:78:b1:e9:0c:69:08:4b:d4:cc:80:31:86:c6:73:17:2a:9e:
         75:01:32:ca:98:61:b4:f5:d8:e5:21:00:c9:12:1d:ad:53:86:
         d5:13:b4:55:9b:e3:fe:ce:56:38:54:88:76:73:5e:0b:a0:37:
         ab:52:dc:54:b9:75:bf:c3:8b:ea:88:ac:35:00:7c:80:07:a7:
         c2:aa:da:76:8a:a6:74:a7:8e:d3:71:58:18:1b:eb:8d:aa:6f:
         d6:c3:e9:62:b7:aa:d3:70:4c:36:04:6e:f5:d5:63:ee:59:05:
         4c:bf:99:a1:14:69:1e:3b:3b:59:ce:b0:51:71:b2:3d:d0:7b:
         ef:c9:3b:de:21:dc:67:92:ba:8f:66:9a:71:a1:f6:d9:d8:8c:
         52:85:58:d0:0d:ac:c0:41:dd:6e:7f:46:93:91:1b:35:26:f2:
         2f:f6:bf:4e:27:cd:6d:64:ec:1f:6a:07:59:27:70:57:b1:7b:
         37:5a:1d:7a:7d:62:f7:60:01:40:c1:0d:72:2f:e9:ac:95:2c:
         05:3b:64:71:04:c2:f8:fb:86:b8:da:43:96:65:bf:7b:1c:58:
         84:15:9e:4b:dd:36:81:19:89:94:62:be:09:cf:b4:12:20:67:
         04:19:35:c3:7a:60:e8:86:58:c3:67:05:6a:e8:90:02:2d:89:
         f4:24:48:e1
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUQenhfhpyWtC319AYmoH1V3kq01owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjE2MTUxMTI0WhcNMjUwNzIxMjM1OTU5
WjB6MUkwRwYDVQQFE0A3OTQ3YTA1M2ZiMmM4MDdiYTFmNGRlMTI2M2Y1OTg0MGRh
NTY3ZDBmYzMzZTZhMWE1ODlmYTQ0YmNhYzU1MGE4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOsTSA5n6IRxrnfXeAwDb5+ao6tCmRJcjufCQhQrr2iuN+
M+QyXFTkHjiv+8Ii5pUDA24LDJNjChBLwW/XjUqM9LFCZXm+UEE8gm4FDQjKowgl
xkuO8NFtZNd7MdhHAEEDsf3YygH69/PyRjnwTIvqVchz/fDOE4BOPn3PcOYUDBn2
sE2tpktoM+QF1HA/FvOhGxTg0sAZSGCYoMsT/HrpLDjoiUjOoNvJhG7JlE4NbMzP
lT9V6QNk6S8hvWy/xU7lyZu7bbOwWINee9YOB83M8zkEWjywpy0kQqOnqhJhzFWS
fcHFctZEv83hQY2giHCDKXW/51ZYzTooadMnKRkJAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUQSJJZ9L+hmqYUI70funIBi9/zeswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZhZTNlYWJjLTRjZDEtNDQ2Yi1iNjFkLTUxY2UzMWMyNmZiOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/6wDANBgkqhkiG9w0BAQsFAAOCAQEAQnix6QxpCEvUzIAxhsZzFyqe
dQEyyphhtPXY5SEAyRIdrVOG1RO0VZvj/s5WOFSIdnNeC6A3q1LcVLl1v8OL6ois
NQB8gAenwqradoqmdKeO03FYGBvrjapv1sPpYreq03BMNgRu9dVj7lkFTL+ZoRRp
Hjs7Wc6wUXGyPdB778k73iHcZ5K6j2aacaH22diMUoVY0A2swEHdbn9Gk5EbNSby
L/a/TifNbWTsH2oHWSdwV7F7N1oden1i92ABQMENci/prJUsBTtkcQTC+PuGuNpD
lmW/exxYhBWeS902gRmJlGK+Cc+0EiBnBBk1w3pg6IZYw2cFauiQAi2J9CRI4Q==
-----END CERTIFICATE-----
Generated at Mon Jun 30 20:49:21 2025 by rpki-client