Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fd77e161-bf66-4f9c-a4c7-a0521006fc6b.roa
File:                     fd77e161-bf66-4f9c-a4c7-a0521006fc6b.roa (raw, json)
Hash identifier:          713Lk8Wi4vSUc3OkJEdvdNKJdnM2yfaY1vUPbAaczMU=
Subject key identifier:   EC:EB:53:E5:3A:A8:CB:5A:76:7F:14:21:44:B0:2C:F1:2A:A5:0E:A5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1FFFC9C7D9A161731D026F7E14EB467954384DE6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fd77e161-bf66-4f9c-a4c7-a0521006fc6b.roa
Signing time:             Wed 02 Apr 2025 00:20:25 +0000
ROA not before:           Wed 02 Apr 2025 00:20:25 +0000
ROA not after:            Wed 07 May 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1fef:7400::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 06 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:ff:c9:c7:d9:a1:61:73:1d:02:6f:7e:14:eb:46:79:54:38:4d:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr  2 00:20:25 2025 GMT
            Not After : May  7 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:70:4f:47:4e:28:f0:6a:06:33:14:ab:0e:56:
                    a3:ad:42:56:1b:da:65:77:37:10:4d:05:b9:4c:71:
                    6e:53:05:e2:27:c6:29:9d:0c:e6:a8:f9:74:63:a2:
                    72:64:29:5b:6a:bf:ad:6c:e4:ea:c8:ae:b6:c5:fc:
                    fa:a6:ca:93:1f:9a:b6:7c:73:87:6a:11:0c:02:99:
                    03:dc:af:39:8b:ab:ce:89:f2:a2:2b:6e:a5:96:6c:
                    69:84:76:40:91:4f:ca:78:33:2a:a8:a5:06:50:2f:
                    2e:e6:46:b9:7a:ec:f9:dd:ce:8a:83:93:e1:1d:93:
                    00:e4:f2:6d:1e:1e:6c:ef:5a:4d:47:10:8f:12:30:
                    05:f4:7c:17:3f:14:09:7b:f8:ae:f6:b0:bf:b3:dc:
                    ac:ee:90:5c:47:91:e9:86:85:ac:06:66:75:09:9b:
                    4e:d5:68:f6:2e:b6:96:04:6a:fa:ad:0d:9e:c2:3b:
                    93:e7:cd:1a:e3:78:f2:11:69:33:3a:6f:23:7f:c5:
                    6c:25:28:ab:18:a4:4d:fc:6d:40:24:8f:5b:79:c2:
                    4d:30:c2:1e:08:5a:35:5c:b9:eb:8c:25:22:45:55:
                    bb:18:de:4b:91:5d:fb:1c:42:e5:2d:69:87:4a:3d:
                    e7:e9:4d:37:2a:ed:cf:12:78:5b:2f:fc:e6:32:a1:
                    a2:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:EB:53:E5:3A:A8:CB:5A:76:7F:14:21:44:B0:2C:F1:2A:A5:0E:A5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fd77e161-bf66-4f9c-a4c7-a0521006fc6b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fef:7400::/40

    Signature Algorithm: sha256WithRSAEncryption
         3d:8e:d1:d2:2b:dc:c5:40:64:0e:0d:0e:a6:2a:6e:9d:c0:34:
         18:56:e5:00:86:45:07:02:ff:c2:30:69:06:db:3c:d3:63:25:
         8d:c2:b2:e8:94:cb:7d:15:41:2a:a6:24:d7:13:67:e8:61:71:
         80:23:e3:01:a1:fa:29:23:2b:6a:b2:90:52:a3:d6:d6:98:f4:
         c1:0b:48:2f:aa:24:d4:24:1b:b0:67:2e:23:9a:16:eb:6a:54:
         f8:fe:c8:74:22:25:28:d3:a9:73:75:f6:72:bc:52:54:41:43:
         56:14:ad:47:e2:d2:f3:b0:88:90:50:36:3b:f1:c7:34:aa:b8:
         66:42:11:a0:ab:47:6c:6b:62:f4:b2:34:65:e4:f4:f7:47:d9:
         ec:04:b2:6d:c4:a3:d2:1c:16:3f:16:ae:e5:d0:24:12:f8:02:
         9c:cb:3e:25:f7:89:0c:04:eb:d9:d4:16:2a:fd:0d:30:d5:64:
         30:72:b2:96:e5:fa:c3:1b:fb:18:6b:30:db:c1:6c:75:f1:34:
         e6:1d:9c:47:dd:cb:fe:85:8c:41:a9:b3:bc:09:31:45:11:21:
         c6:0d:74:1c:1e:05:96:eb:2c:8d:cd:ac:5e:af:8c:ee:b2:4f:
         27:55:be:56:38:e9:d6:b5:cb:c0:68:5e:57:d7:36:ab:68:87:
         30:db:15:fa
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUH//Jx9mhYXMdAm9+FOtGeVQ4TeYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDAyMDAyMDI1WhcNMjUwNTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0OGM3ZGNmNGQ3YzZkNzIwMmE4NDRiODhlZWNiMTJhM2Qw
MjRkZGY4MmExNTIzMTFiYWM5ZGQ1Mjc2ZDc3NGM5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwcE9HTijwagYzFKsOVqOtQlYb2mV3NxBNBblMcW5TBeIn
ximdDOao+XRjonJkKVtqv61s5OrIrrbF/PqmypMfmrZ8c4dqEQwCmQPcrzmLq86J
8qIrbqWWbGmEdkCRT8p4MyqopQZQLy7mRrl67PndzoqDk+EdkwDk8m0eHmzvWk1H
EI8SMAX0fBc/FAl7+K72sL+z3KzukFxHkemGhawGZnUJm07VaPYutpYEavqtDZ7C
O5PnzRrjePIRaTM6byN/xWwlKKsYpE38bUAkj1t5wk0wwh4IWjVcueuMJSJFVbsY
3kuRXfscQuUtaYdKPefpTTcq7c8SeFsv/OYyoaLNAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU7OtT5Tqoy1p2fxQhRLAs8SqlDqUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZkNzdlMTYxLWJmNjYtNGY5Yy1hNGM3LWEwNTIxMDA2ZmM2Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/vdDANBgkqhkiG9w0BAQsFAAOCAQEAPY7R0ivcxUBkDg0OpipuncA0
GFblAIZFBwL/wjBpBts802MljcKy6JTLfRVBKqYk1xNn6GFxgCPjAaH6KSMrarKQ
UqPW1pj0wQtIL6ok1CQbsGcuI5oW62pU+P7IdCIlKNOpc3X2crxSVEFDVhStR+LS
87CIkFA2O/HHNKq4ZkIRoKtHbGti9LI0ZeT090fZ7ASybcSj0hwWPxau5dAkEvgC
nMs+JfeJDATr2dQWKv0NMNVkMHKyluX6wxv7GGsw28FsdfE05h2cR93L/oWMQamz
vAkxRREhxg10HB4Flussjc2sXq+M7rJPJ1W+Vjjp1rXLwGheV9c2q2iHMNsV+g==
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:32:38 2025 by rpki-client