Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/217379e1-3f0b-43c9-b963-bb79bf38c07b.roa
File:                     217379e1-3f0b-43c9-b963-bb79bf38c07b.roa (raw, json)
Hash identifier:          d6Up5qWhXX/irqFqJwhlB2jgqbARiet8XvsNDQGYHwA=
Subject key identifier:   E3:77:4C:72:1B:3B:4B:CB:72:F4:09:93:BF:E5:AE:67:8A:A1:0B:68
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       446192C1108BD35681FAB4AE313E667FF2A3EC32
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/217379e1-3f0b-43c9-b963-bb79bf38c07b.roa
Signing time:             Tue 05 Aug 2025 00:00:24 +0000
ROA not before:           Tue 05 Aug 2025 00:00:24 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.125.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:61:92:c1:10:8b:d3:56:81:fa:b4:ae:31:3e:66:7f:f2:a3:ec:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  5 00:00:24 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=b607c37361207f2df6550aba70572b880dc75568039fb8bbc95b80a6d3a50e63, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:51:fb:70:32:69:97:cc:0c:a8:6f:8c:d3:61:
                    81:14:58:35:f1:ee:3e:1e:f6:78:64:b8:fe:50:ba:
                    dd:ca:93:0c:a2:21:5d:b5:4d:49:3e:31:22:f3:cc:
                    ea:01:c1:8b:c4:19:99:4f:f2:e1:51:59:0c:03:c9:
                    e6:31:31:64:f4:66:64:b6:29:52:95:fb:43:a8:f9:
                    b2:59:13:f0:4f:f8:f0:e8:b5:7f:2e:93:52:34:46:
                    b4:55:75:59:25:fc:16:16:7d:41:f6:55:d0:6d:ce:
                    cc:a2:73:fe:96:5e:99:6f:cb:ac:45:81:52:f0:37:
                    26:cd:f7:78:3b:ca:a5:5a:dd:e6:09:03:fb:e0:d7:
                    3a:1d:8a:db:a6:6b:14:0d:54:7f:cd:45:3c:fd:06:
                    1c:1e:2d:07:c3:8d:41:5c:88:8a:7c:93:67:b7:1b:
                    2f:d4:32:c9:95:54:74:2d:9c:41:f9:db:e9:f3:4e:
                    1f:37:77:28:28:aa:e8:3a:37:06:49:32:96:7b:26:
                    ad:2f:f5:c3:54:c4:7c:5e:52:e9:3e:a4:90:61:a3:
                    cf:84:c9:60:2c:15:f8:d5:fb:7a:29:34:68:a6:f4:
                    06:5b:cc:a5:dd:2d:83:65:d6:69:6c:9e:1b:c8:a5:
                    9b:ac:c7:f9:4e:2d:0c:ef:bb:d0:5f:20:23:70:68:
                    dc:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:77:4C:72:1B:3B:4B:CB:72:F4:09:93:BF:E5:AE:67:8A:A1:0B:68
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/217379e1-3f0b-43c9-b963-bb79bf38c07b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.125.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         cd:6b:52:dc:d5:0e:b2:a3:b5:50:a6:13:52:b7:ea:b3:52:da:
         58:c9:f6:de:bf:0d:b9:4e:1b:48:41:c8:69:b6:23:42:d9:1d:
         4d:4b:cc:83:a3:fc:ed:24:7f:49:30:fd:de:88:4e:0e:84:70:
         93:5c:d3:47:56:fe:8d:54:b0:1e:06:ec:a7:e1:3f:6e:d7:f1:
         e6:c1:3b:26:89:ca:53:47:93:67:03:4d:54:70:cd:5b:09:a8:
         c8:11:83:f5:8b:d5:45:8e:bc:2d:35:61:b3:c6:48:95:6e:10:
         29:21:21:19:f6:63:52:0c:49:73:53:52:77:b0:4d:66:b1:b7:
         84:43:b6:b0:31:94:2d:98:c2:8c:e4:1e:f3:58:40:8e:24:aa:
         e6:a5:a1:3a:2e:54:74:b4:d9:e1:81:99:1f:86:fb:52:ae:3c:
         9d:38:e9:00:9c:34:74:a3:81:48:b6:3d:97:61:d1:d2:15:da:
         59:50:0c:ee:3c:f6:4e:ba:d2:31:be:2a:db:23:2e:44:b2:d6:
         36:b8:47:c9:27:b7:6c:aa:da:69:f1:b0:9a:a4:2d:ed:20:0a:
         c1:6d:52:1b:8d:37:ee:45:b2:4f:39:b0:ec:30:09:8b:39:f2:
         b7:ee:09:fd:ee:6e:87:be:50:f2:ba:f1:89:6e:7d:45:bd:cb:
         9c:91:c1:e3
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIURGGSwRCL01aB+rSuMT5mf/Kj7DIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA1MDAwMDI0WhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNjA3YzM3MzYxMjA3ZjJkZjY1NTBhYmE3MDU3MmI4ODBk
Yzc1NTY4MDM5ZmI4YmJjOTViODBhNmQzYTUwZTYzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFUftwMmmXzAyob4zTYYEUWDXx7j4e9nhkuP5Qut3Kkwyi
IV21TUk+MSLzzOoBwYvEGZlP8uFRWQwDyeYxMWT0ZmS2KVKV+0Oo+bJZE/BP+PDo
tX8uk1I0RrRVdVkl/BYWfUH2VdBtzsyic/6WXplvy6xFgVLwNybN93g7yqVa3eYJ
A/vg1zoditumaxQNVH/NRTz9BhweLQfDjUFciIp8k2e3Gy/UMsmVVHQtnEH52+nz
Th83dygoqug6NwZJMpZ7Jq0v9cNUxHxeUuk+pJBho8+EyWAsFfjV+3opNGim9AZb
zKXdLYNl1mlsnhvIpZusx/lOLQzvu9BfICNwaNxTAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU43dMchs7S8ty9AmTv+WuZ4qhC2gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIxNzM3OWUxLTNmMGItNDNjOS1iOTYzLWJiNzliZjM4YzA3Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQfTANBgkqhkiG9w0BAQsFAAOCAQEAzWtS3NUOsqO1UKYTUrfqs1LaWMn2
3r8NuU4bSEHIabYjQtkdTUvMg6P87SR/STD93ohODoRwk1zTR1b+jVSwHgbsp+E/
btfx5sE7JonKU0eTZwNNVHDNWwmoyBGD9YvVRY68LTVhs8ZIlW4QKSEhGfZjUgxJ
c1NSd7BNZrG3hEO2sDGULZjCjOQe81hAjiSq5qWhOi5UdLTZ4YGZH4b7Uq48nTjp
AJw0dKOBSLY9l2HR0hXaWVAM7jz2TrrSMb4q2yMuRLLWNrhHySe3bKraafGwmqQt
7SAKwW1SG4037kWyTzmw7DAJiznyt+4J/e5uh75Q8rrxiW59Rb3LnJHB4w==
-----END CERTIFICATE-----
Generated at Wed Aug 6 13:05:48 2025 by rpki-client