Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/17721a9e-0a8f-4b71-a56e-234b61d375d3.roa
File:                     17721a9e-0a8f-4b71-a56e-234b61d375d3.roa (raw, json)
Hash identifier:          2DrXN+9SeyQVJPqOY6yl8XFNoD3OAJKG4QQgqNpiRWI=
Subject key identifier:   B7:B2:8D:64:27:D5:63:40:82:EA:03:80:5C:14:F0:45:8E:EC:F3:D5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7756E2CC96EBB34A46554E992B66D015D9C1D979
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/17721a9e-0a8f-4b71-a56e-234b61d375d3.roa
Signing time:             Wed 16 Jul 2025 00:10:16 +0000
ROA not before:           Wed 16 Jul 2025 00:10:16 +0000
ROA not after:            Wed 20 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.142.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:56:e2:cc:96:eb:b3:4a:46:55:4e:99:2b:66:d0:15:d9:c1:d9:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 16 00:10:16 2025 GMT
            Not After : Aug 20 23:59:59 2025 GMT
        Subject: serialNumber=44dd0669ec32279eddc802841773020569e8bca5a82cd18f5f46595cdcf28b8d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:6d:55:2a:f9:20:d2:c1:be:5f:7e:ff:f0:6e:
                    be:66:50:26:11:eb:1e:23:86:45:dd:9a:d0:2c:c9:
                    f1:15:d7:ba:0c:55:02:20:82:e2:91:1e:cf:b1:aa:
                    87:c3:ad:70:63:19:e1:d1:ef:aa:3e:44:3a:83:08:
                    20:2e:d8:d1:57:dd:15:e3:07:36:fc:1c:91:94:d7:
                    a5:98:3c:bf:10:72:be:39:e1:88:c9:04:46:ba:72:
                    cc:ff:47:6f:23:b1:85:32:20:f4:17:d2:87:c8:b6:
                    0d:4e:12:55:19:e5:16:ba:c4:7d:f6:3a:c2:8b:b9:
                    96:b8:94:67:ad:45:5d:7f:5e:74:45:af:d4:2c:bb:
                    ce:33:a1:25:ed:fe:98:e7:bf:e4:5b:15:18:b5:9e:
                    ac:08:b3:7f:be:dd:cb:0a:15:df:a9:b7:57:2c:db:
                    5e:b7:ec:64:99:b4:f1:54:b0:d6:da:a4:d1:a2:f4:
                    dc:6c:cd:81:1b:27:08:64:fd:e5:46:e7:7a:85:57:
                    ee:bb:b3:e3:6d:b5:17:4b:86:4c:54:b6:62:69:05:
                    56:7c:67:7d:8c:a1:69:08:0f:25:ee:f2:7d:a8:e6:
                    b8:fb:af:89:e9:c6:14:8a:56:d4:2c:61:53:67:6b:
                    84:d4:5a:ee:30:3b:cf:0a:9f:ce:ae:ec:9d:8a:3f:
                    b2:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:B2:8D:64:27:D5:63:40:82:EA:03:80:5C:14:F0:45:8E:EC:F3:D5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/17721a9e-0a8f-4b71-a56e-234b61d375d3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.142.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         29:b8:23:07:4b:40:d4:90:c6:ca:e2:08:62:9e:83:0c:fb:96:
         82:e9:b3:2d:1c:db:e4:8f:9b:c0:58:ec:96:f6:d3:c3:ef:66:
         2a:30:35:14:7f:96:08:13:e8:f4:a7:64:bc:9e:af:a6:22:40:
         8d:bc:e3:2c:93:7b:33:72:65:13:ad:50:bb:f7:84:d6:d1:df:
         dc:94:a4:83:6f:6e:22:d0:3a:25:eb:ad:52:ef:76:91:97:bd:
         be:f0:ad:f3:fe:02:44:f1:29:e1:ca:9e:c8:76:ae:6a:4e:b6:
         4c:c2:44:57:c3:d8:77:66:a5:d6:96:f2:97:b8:a8:f2:5e:6f:
         b1:30:d6:56:2a:6a:93:ef:fd:71:9e:8c:02:2d:81:ac:4f:65:
         39:4b:53:ab:28:86:52:59:8b:7e:34:73:b1:cc:6f:5c:50:99:
         0a:79:0f:33:b0:b8:59:28:b4:93:4f:62:e7:d6:26:c4:b0:b6:
         24:00:b8:f6:ab:a7:2a:d1:f2:8f:2d:19:e3:aa:b3:e9:31:ed:
         4e:ff:a9:dc:47:0a:e7:02:36:b3:67:55:4f:97:e6:76:a9:81:
         6e:24:c0:d5:ff:8c:af:55:5c:52:fb:09:28:6d:2e:e5:22:29:
         04:6b:4a:85:ac:69:ab:e3:33:34:3b:0a:83:cd:69:32:73:5c:
         86:d5:1a:14
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUd1bizJbrs0pGVU6ZK2bQFdnB2XkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE2MDAxMDE2WhcNMjUwODIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A0NGRkMDY2OWVjMzIyNzllZGRjODAyODQxNzczMDIwNTY5
ZThiY2E1YTgyY2QxOGY1ZjQ2NTk1Y2RjZjI4YjhkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDTbVUq+SDSwb5ffv/wbr5mUCYR6x4jhkXdmtAsyfEV17oM
VQIgguKRHs+xqofDrXBjGeHR76o+RDqDCCAu2NFX3RXjBzb8HJGU16WYPL8Qcr45
4YjJBEa6csz/R28jsYUyIPQX0ofItg1OElUZ5Ra6xH32OsKLuZa4lGetRV1/XnRF
r9Qsu84zoSXt/pjnv+RbFRi1nqwIs3++3csKFd+pt1cs21637GSZtPFUsNbapNGi
9NxszYEbJwhk/eVG53qFV+67s+NttRdLhkxUtmJpBVZ8Z32MoWkIDyXu8n2o5rj7
r4npxhSKVtQsYVNna4TUWu4wO88Kn86u7J2KP7IDAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUt7KNZCfVY0CC6gOAXBTwRY7s89UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE3NzIxYTllLTBhOGYtNGI3MS1hNTZlLTIzNGI2MWQzNzVkMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQjjANBgkqhkiG9w0BAQsFAAOCAQEAKbgjB0tA1JDGyuIIYp6DDPuWgumz
LRzb5I+bwFjslvbTw+9mKjA1FH+WCBPo9KdkvJ6vpiJAjbzjLJN7M3JlE61Qu/eE
1tHf3JSkg29uItA6JeutUu92kZe9vvCt8/4CRPEp4cqeyHauak62TMJEV8PYd2al
1pbyl7io8l5vsTDWVipqk+/9cZ6MAi2BrE9lOUtTqyiGUlmLfjRzscxvXFCZCnkP
M7C4WSi0k09i59YmxLC2JAC49qunKtHyjy0Z46qz6THtTv+p3EcK5wI2s2dVT5fm
dqmBbiTA1f+Mr1VcUvsJKG0u5SIpBGtKhaxpq+MzNDsKg81pMnNchtUaFA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:25:30 2025 by rpki-client