Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0fb4995f-b5c0-47e5-8ac3-6d0232222f7c.roa
File:                     0fb4995f-b5c0-47e5-8ac3-6d0232222f7c.roa (raw, json)
Hash identifier:          zRAlT0XeEK4WiMgwieQn7KnkuvhvPVmKCyHP7amys40=
Subject key identifier:   33:20:CD:40:66:0B:A5:81:22:E6:C6:8E:45:F5:05:D8:16:A8:56:37
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       52910085B76F0F2102CCDB16AC6DA1D555730F95
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0fb4995f-b5c0-47e5-8ac3-6d0232222f7c.roa
Signing time:             Mon 04 Aug 2025 17:40:21 +0000
ROA not before:           Mon 04 Aug 2025 17:40:21 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.106.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:91:00:85:b7:6f:0f:21:02:cc:db:16:ac:6d:a1:d5:55:73:0f:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  4 17:40:21 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=59eff78fd773e4c43d1bec6ac6b38234ddcf2ddafefbba822c2d7f6b735c9abe, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:90:8a:28:51:b5:f1:25:5e:2a:51:38:45:47:
                    9b:2f:4e:f8:7d:40:6f:3b:da:af:26:46:fa:9e:22:
                    a3:af:f9:af:a6:a4:e1:3d:42:f5:74:03:a6:36:13:
                    dc:7f:0c:67:2f:3f:aa:a5:02:0f:c0:6d:70:41:c1:
                    9d:2c:65:65:eb:aa:64:1d:75:3a:c7:b8:b1:2a:d8:
                    31:42:69:7c:63:92:91:a5:ce:64:5d:20:ef:63:fd:
                    c9:f4:14:db:60:69:6a:d6:e8:f5:6f:63:d1:76:27:
                    be:49:ae:30:b0:f5:6a:e6:fe:73:b2:1f:43:aa:dc:
                    20:b5:c0:ef:c7:e4:24:b5:ea:30:3a:4a:14:ab:63:
                    ad:78:5b:04:95:6b:c4:a8:58:a0:fc:dd:e1:6a:ca:
                    34:25:38:44:7d:f2:2b:df:1c:0c:07:2e:55:99:3c:
                    f7:34:54:97:7e:3c:ee:9c:55:8e:fe:95:6a:b2:84:
                    b1:75:3a:95:48:69:db:7c:6c:d7:be:10:3b:d2:e0:
                    d7:bb:e0:da:67:4a:64:97:19:7b:8b:ef:3d:2d:8e:
                    5d:53:d0:df:ff:98:b5:86:8b:2b:9c:9f:0a:64:40:
                    80:f3:1f:23:cd:34:79:a8:e6:02:0e:28:be:8b:dd:
                    3d:57:ae:68:01:ff:9a:11:42:bc:89:7b:c7:6d:f7:
                    59:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:20:CD:40:66:0B:A5:81:22:E6:C6:8E:45:F5:05:D8:16:A8:56:37
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0fb4995f-b5c0-47e5-8ac3-6d0232222f7c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.106.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         94:62:8d:c4:7e:fd:21:77:80:2a:69:b0:12:38:5c:26:58:d2:
         b5:86:46:61:5b:49:e4:4c:7d:cb:ad:8f:09:13:19:6e:1e:f8:
         09:d5:98:a3:89:b6:c8:4e:89:04:3b:78:85:f9:ad:4d:1f:14:
         ad:5a:d9:6a:30:37:27:14:f5:3c:47:6e:35:04:d1:4a:c8:88:
         a8:4b:cd:5b:af:7f:47:84:07:b1:14:31:7f:17:1f:3d:48:c7:
         4d:06:16:67:a0:6d:85:0b:c3:80:a7:22:9b:9b:a2:30:08:69:
         c3:e5:78:08:e6:62:58:dc:ba:77:08:dd:d0:b1:e9:f6:a1:4b:
         f9:da:48:d9:d4:6f:d5:34:f6:ec:2e:8d:27:0a:12:7b:aa:81:
         f0:27:fd:86:f3:cf:af:64:2d:49:fe:73:b8:68:6d:21:09:1e:
         43:6c:5d:a7:02:1f:f1:47:bf:9e:f8:e1:41:31:f1:68:69:46:
         27:ce:69:a5:ad:47:92:9d:da:39:c4:a5:4b:28:3e:fa:63:ca:
         c6:34:ff:03:1a:93:0c:70:cf:d6:0d:0e:78:45:99:4d:94:55:
         88:02:b2:aa:9d:18:b5:be:47:70:66:eb:8f:36:c5:f9:13:1e:
         48:3e:91:55:93:6b:a2:52:19:ec:4a:ad:28:82:03:b6:d7:2e:
         31:50:a1:0b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUUpEAhbdvDyECzNsWrG2h1VVzD5UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA0MTc0MDIxWhcNMjUwOTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A1OWVmZjc4ZmQ3NzNlNGM0M2QxYmVjNmFjNmIzODIzNGRk
Y2YyZGRhZmVmYmJhODIyYzJkN2Y2YjczNWM5YWJlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDpkIooUbXxJV4qUThFR5svTvh9QG872q8mRvqeIqOv+a+m
pOE9QvV0A6Y2E9x/DGcvP6qlAg/AbXBBwZ0sZWXrqmQddTrHuLEq2DFCaXxjkpGl
zmRdIO9j/cn0FNtgaWrW6PVvY9F2J75JrjCw9Wrm/nOyH0Oq3CC1wO/H5CS16jA6
ShSrY614WwSVa8SoWKD83eFqyjQlOER98ivfHAwHLlWZPPc0VJd+PO6cVY7+lWqy
hLF1OpVIadt8bNe+EDvS4Ne74NpnSmSXGXuL7z0tjl1T0N//mLWGiyucnwpkQIDz
HyPNNHmo5gIOKL6L3T1XrmgB/5oRQryJe8dt91lLAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUMyDNQGYLpYEi5saORfUF2BaoVjcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBmYjQ5OTVmLWI1YzAtNDdlNS04YWMzLTZkMDIzMjIyMmY3Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4ajANBgkqhkiG9w0BAQsFAAOCAQEAlGKNxH79IXeAKmmwEjhcJljStYZG
YVtJ5Ex9y62PCRMZbh74CdWYo4m2yE6JBDt4hfmtTR8UrVrZajA3JxT1PEduNQTR
SsiIqEvNW69/R4QHsRQxfxcfPUjHTQYWZ6BthQvDgKcim5uiMAhpw+V4COZiWNy6
dwjd0LHp9qFL+dpI2dRv1TT27C6NJwoSe6qB8Cf9hvPPr2QtSf5zuGhtIQkeQ2xd
pwIf8Ue/nvjhQTHxaGlGJ85ppa1Hkp3aOcSlSyg++mPKxjT/AxqTDHDP1g0OeEWZ
TZRViAKyqp0Ytb5HcGbrjzbF+RMeSD6RVZNrolIZ7EqtKIIDttcuMVChCw==
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:03:29 2025 by rpki-client