Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/19e514fc-84b3-4e18-a36c-84ba61d84273.roa
File:                     19e514fc-84b3-4e18-a36c-84ba61d84273.roa (raw, json)
Hash identifier:          6CjkGNM9fH41w9ZLohxwsLENzRCjHIc03N7HjVJDyBY=
Subject key identifier:   8D:8B:84:17:B9:06:0C:32:AD:79:E4:64:EF:CB:A8:60:97:69:4E:99
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2637CDC43F22F7296C61C48EB2BE16BD0F3C176C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/19e514fc-84b3-4e18-a36c-84ba61d84273.roa
Signing time:             Tue 05 Aug 2025 00:30:25 +0000
ROA not before:           Tue 05 Aug 2025 00:30:25 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.209.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:37:cd:c4:3f:22:f7:29:6c:61:c4:8e:b2:be:16:bd:0f:3c:17:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  5 00:30:25 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=575d366f2c4bc5bbe4405035ff06558f1e11771e821e9d0ee593112cde8d4e0a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:d5:f6:fa:23:a2:a7:7c:e8:11:09:63:a1:0c:
                    f7:b9:0a:8f:55:be:eb:91:c0:51:11:49:1f:ea:cc:
                    70:6d:11:37:0b:7e:ef:6a:88:d5:d1:ba:a2:53:b7:
                    c6:54:cc:96:2b:2c:81:2c:05:b1:19:09:a9:08:5b:
                    89:c3:a6:e4:12:b6:4f:08:5b:53:91:6d:6b:17:91:
                    ec:f6:7f:77:8f:86:07:69:51:32:c8:e2:2f:8d:50:
                    8f:71:34:48:1a:ef:04:f1:dd:03:e3:26:e5:ec:5e:
                    11:92:1e:24:76:48:14:79:e4:e1:04:02:ad:91:ac:
                    8c:b9:65:6f:b0:62:af:3a:ff:a2:be:68:c6:43:d3:
                    cd:d7:02:b1:f4:b3:fe:02:16:c2:54:89:86:e3:29:
                    77:ce:df:a0:46:9e:66:5a:6f:a2:fb:8e:43:78:79:
                    23:b8:f6:4b:3f:1b:f1:a2:97:b9:b5:9f:97:ba:cb:
                    a9:ef:4f:b5:f1:e6:e8:68:ad:ec:57:4d:eb:0d:8b:
                    a7:cd:cb:66:2a:6f:cb:cc:1f:fb:63:4e:f8:70:39:
                    8a:90:5c:8a:c4:41:7b:9c:50:cf:88:a0:50:04:2d:
                    03:ac:ce:3e:6e:ed:65:e6:ea:2d:4b:5f:b7:e5:15:
                    e4:d4:eb:0f:f3:ed:03:17:2c:b7:90:60:38:b9:8f:
                    d3:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:8B:84:17:B9:06:0C:32:AD:79:E4:64:EF:CB:A8:60:97:69:4E:99
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/19e514fc-84b3-4e18-a36c-84ba61d84273.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.209.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         4b:ff:b4:79:27:57:73:6e:6e:8f:b4:40:30:fc:cf:e5:60:df:
         d1:7a:54:4f:d2:34:8d:01:71:0d:76:82:d2:9e:6d:bf:93:83:
         64:bb:e6:7d:b7:91:94:e4:08:10:f3:cb:00:5b:9a:a8:60:90:
         8d:8a:3c:b1:54:b3:ea:07:7d:56:86:74:1c:b9:ee:21:fb:b0:
         69:57:aa:3c:04:42:6d:e2:11:44:b9:8c:e0:83:cf:05:2c:05:
         e4:06:54:66:e5:38:73:d3:22:1d:c8:d5:19:fd:48:71:0c:42:
         9b:1d:1e:77:13:a9:df:f6:16:f5:64:91:53:9e:90:38:cd:a5:
         10:a1:21:84:3e:22:a3:df:33:2b:fd:9d:29:e9:d4:c5:28:d4:
         d7:1d:9f:f7:db:59:4d:85:cd:cb:d8:fd:9d:3f:cf:c5:0e:6f:
         34:1a:2b:a8:74:2a:4d:6b:b0:e4:bf:b6:9c:a0:9c:d3:ab:5d:
         bc:ca:15:7e:30:99:88:80:56:a0:ea:90:e1:3f:c6:e2:78:64:
         c2:ea:a5:8e:18:dc:fa:38:ae:fa:1f:e8:78:1a:c8:55:60:05:
         59:fd:f4:e9:8d:c1:66:64:68:31:7e:48:17:ce:f1:d0:6c:94:
         13:4a:33:d1:91:19:1d:ae:ae:59:e4:49:c2:d3:72:c6:96:18:
         28:6a:7c:9f
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJjfNxD8i9ylsYcSOsr4WvQ88F2wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA1MDAzMDI1WhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NzVkMzY2ZjJjNGJjNWJiZTQ0MDUwMzVmZjA2NTU4ZjFl
MTE3NzFlODIxZTlkMGVlNTkzMTEyY2RlOGQ0ZTBhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCj1fb6I6KnfOgRCWOhDPe5Co9VvuuRwFERSR/qzHBtETcL
fu9qiNXRuqJTt8ZUzJYrLIEsBbEZCakIW4nDpuQStk8IW1ORbWsXkez2f3ePhgdp
UTLI4i+NUI9xNEga7wTx3QPjJuXsXhGSHiR2SBR55OEEAq2RrIy5ZW+wYq86/6K+
aMZD083XArH0s/4CFsJUiYbjKXfO36BGnmZab6L7jkN4eSO49ks/G/Gil7m1n5e6
y6nvT7Xx5uhorexXTesNi6fNy2Yqb8vMH/tjTvhwOYqQXIrEQXucUM+IoFAELQOs
zj5u7WXm6i1LX7flFeTU6w/z7QMXLLeQYDi5j9OdAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUjYuEF7kGDDKteeRk78uoYJdpTpkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE5ZTUxNGZjLTg0YjMtNGUxOC1hMzZjLTg0YmE2MWQ4NDI3My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA40TANBgkqhkiG9w0BAQsFAAOCAQEAS/+0eSdXc25uj7RAMPzP5WDf0XpU
T9I0jQFxDXaC0p5tv5ODZLvmfbeRlOQIEPPLAFuaqGCQjYo8sVSz6gd9VoZ0HLnu
IfuwaVeqPARCbeIRRLmM4IPPBSwF5AZUZuU4c9MiHcjVGf1IcQxCmx0edxOp3/YW
9WSRU56QOM2lEKEhhD4io98zK/2dKenUxSjU1x2f99tZTYXNy9j9nT/PxQ5vNBor
qHQqTWuw5L+2nKCc06tdvMoVfjCZiIBWoOqQ4T/G4nhkwuqljhjc+jiu+h/oeBrI
VWAFWf306Y3BZmRoMX5IF87x0GyUE0oz0ZEZHa6uWeRJwtNyxpYYKGp8nw==
-----END CERTIFICATE-----
Generated at Tue Aug 5 17:27:30 2025 by rpki-client