Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/048fb9ae-8241-47de-bfd7-b835fb43f457.roa
File:                     048fb9ae-8241-47de-bfd7-b835fb43f457.roa (raw, json)
Hash identifier:          1mFZ9UAfl+1MyNCD9/dWRvwe1QczqzmSv1PcEh0+XBQ=
Subject key identifier:   F9:F8:B1:06:A8:25:26:1A:57:26:01:19:B9:DA:47:19:33:AA:98:DD
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5C6E9B746FD52D8890C606FDEAD1A120D0B9998C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/048fb9ae-8241-47de-bfd7-b835fb43f457.roa
Signing time:             Fri 08 Aug 2025 00:12:30 +0000
ROA not before:           Fri 08 Aug 2025 00:12:30 +0000
ROA not after:            Fri 12 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        40.195.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:6e:9b:74:6f:d5:2d:88:90:c6:06:fd:ea:d1:a1:20:d0:b9:99:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  8 00:12:30 2025 GMT
            Not After : Sep 12 23:59:59 2025 GMT
        Subject: serialNumber=82d0d84f2244cf36d5703b9dcfe9890bccf77f1dfe63b12daf07a61045c373fb, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:72:d0:4a:5a:e6:b6:c7:ee:1f:a2:b4:ea:4e:
                    6e:a6:e1:a0:60:57:3c:b8:13:be:f7:c7:22:03:93:
                    8b:c5:aa:fa:a2:cc:db:7b:81:25:c5:b6:80:17:3c:
                    98:ec:da:f1:5a:57:4a:8e:50:ef:1f:6a:fe:c7:aa:
                    d0:db:90:fd:f0:74:c7:1a:5e:f5:32:11:fc:f6:65:
                    0b:18:dc:dc:a0:0b:e9:a0:85:37:c0:0b:d7:52:19:
                    22:b4:42:f0:16:26:d7:ac:42:3e:14:86:f8:5a:e5:
                    ff:83:0d:89:84:19:8c:8f:2b:b1:15:c2:86:b6:5f:
                    d0:16:f9:f0:1e:d6:98:9a:6e:ef:62:6c:30:d9:6c:
                    81:16:cf:3d:04:ff:bf:6e:47:da:d5:fe:79:6b:7f:
                    26:9f:e1:2a:1e:ff:b3:8d:b0:de:a7:8a:24:ea:3e:
                    c2:61:57:ef:3a:01:3a:d4:98:b4:66:4b:78:b5:d0:
                    e7:14:f9:68:6e:20:1b:56:69:ca:85:06:80:30:61:
                    a0:5b:de:da:5e:13:eb:ef:cb:72:a6:fd:16:e3:dd:
                    b0:88:f1:ea:f9:e2:32:00:36:fc:fd:e8:d9:c8:25:
                    b3:c2:6d:a9:d0:2f:9b:c6:78:7c:a9:00:5c:00:4c:
                    19:84:ff:35:13:a9:ec:e7:ed:e6:c6:29:63:18:ed:
                    a7:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:F8:B1:06:A8:25:26:1A:57:26:01:19:B9:DA:47:19:33:AA:98:DD
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/048fb9ae-8241-47de-bfd7-b835fb43f457.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  40.195.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         d0:03:01:89:08:44:04:f9:9f:94:63:23:a8:cd:00:ff:12:47:
         a0:d2:18:31:9c:2a:6f:a3:39:a0:b0:d5:cd:79:76:de:89:a7:
         4e:07:3c:d6:d5:3d:f8:c5:e9:2a:2a:53:13:22:5b:29:e6:f3:
         90:5b:4b:f5:e3:7e:c8:76:c3:fa:29:d5:6f:a0:7f:59:d2:64:
         86:9f:9e:40:0c:63:2a:88:31:c2:9b:ee:eb:d8:e8:7a:39:df:
         f4:60:46:7e:51:da:a0:a6:44:94:85:0d:c9:e8:2b:5f:c4:34:
         6a:f2:ff:35:e3:04:f5:a9:a4:f8:17:14:07:88:af:c2:42:39:
         ee:c1:26:41:ae:19:c6:0c:4c:77:24:a9:b1:c0:33:9f:49:b5:
         af:0c:26:61:7f:a2:9a:4e:06:d8:b0:4b:dd:20:0e:9f:56:e9:
         25:6b:b7:02:7c:12:24:82:82:2d:c5:83:17:10:f7:72:75:6a:
         de:a2:74:b8:6c:82:d1:1a:95:0a:4d:17:50:a5:d9:33:e9:51:
         0c:02:c8:63:a7:90:ff:9d:fd:b1:2c:51:f1:12:7a:7c:3b:32:
         92:19:ea:eb:5d:fd:15:7f:5d:33:50:69:27:cb:3e:7f:ea:c1:
         bb:d7:c3:75:84:46:69:cb:70:eb:2b:0b:cd:e3:25:36:6d:37:
         fb:71:fb:d8
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUXG6bdG/VLYiQxgb96tGhINC5mYwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA4MDAxMjMwWhcNMjUwOTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A4MmQwZDg0ZjIyNDRjZjM2ZDU3MDNiOWRjZmU5ODkwYmNj
Zjc3ZjFkZmU2M2IxMmRhZjA3YTYxMDQ1YzM3M2ZiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDoctBKWua2x+4forTqTm6m4aBgVzy4E773xyIDk4vFqvqi
zNt7gSXFtoAXPJjs2vFaV0qOUO8fav7HqtDbkP3wdMcaXvUyEfz2ZQsY3NygC+mg
hTfAC9dSGSK0QvAWJtesQj4Uhvha5f+DDYmEGYyPK7EVwoa2X9AW+fAe1piabu9i
bDDZbIEWzz0E/79uR9rV/nlrfyaf4Soe/7ONsN6niiTqPsJhV+86ATrUmLRmS3i1
0OcU+WhuIBtWacqFBoAwYaBb3tpeE+vvy3Km/Rbj3bCI8er54jIANvz96NnIJbPC
banQL5vGeHypAFwATBmE/zUTqezn7ebGKWMY7ae/AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU+fixBqglJhpXJgEZudpHGTOqmN0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA0OGZiOWFlLTgyNDEtNDdkZS1iZmQ3LWI4MzVmYjQzZjQ1Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAowzANBgkqhkiG9w0BAQsFAAOCAQEA0AMBiQhEBPmflGMjqM0A/xJHoNIY
MZwqb6M5oLDVzXl23omnTgc81tU9+MXpKipTEyJbKebzkFtL9eN+yHbD+inVb6B/
WdJkhp+eQAxjKogxwpvu69joejnf9GBGflHaoKZElIUNyegrX8Q0avL/NeME9amk
+BcUB4ivwkI57sEmQa4ZxgxMdySpscAzn0m1rwwmYX+imk4G2LBL3SAOn1bpJWu3
AnwSJIKCLcWDFxD3cnVq3qJ0uGyC0RqVCk0XUKXZM+lRDALIY6eQ/539sSxR8RJ6
fDsykhnq6139FX9dM1BpJ8s+f+rBu9fDdYRGactw6ysLzeMlNm03+3H72A==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:22:38 2025 by rpki-client