Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/225a370b-b7ff-4d29-8cc6-b57287923a22.roa
File:                     225a370b-b7ff-4d29-8cc6-b57287923a22.roa (raw, json)
Hash identifier:          6k0ptuanoDZyekAeYD9B+AWCv4jAfQt1ZBYeYERq8qg=
Subject key identifier:   95:79:60:5D:AE:6F:F4:76:9F:6E:07:7F:E6:43:2B:38:CC:B4:73:B4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1A8B86BD8519F9B0F57ADC6F72FCCE792A792628
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/225a370b-b7ff-4d29-8cc6-b57287923a22.roa
Signing time:             Wed 11 Jun 2025 00:00:50 +0000
ROA not before:           Wed 11 Jun 2025 00:00:50 +0000
ROA not after:            Wed 16 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        1.178.4.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 16 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:8b:86:bd:85:19:f9:b0:f5:7a:dc:6f:72:fc:ce:79:2a:79:26:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 11 00:00:50 2025 GMT
            Not After : Jul 16 23:59:59 2025 GMT
        Subject: serialNumber=dcde8d8562ce4277e9b8af07bdbf7afc0a1b8b60871f5b931f8e39dfd1909679, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:b8:87:43:bc:83:a3:d0:d4:f5:59:f5:ed:e9:
                    5b:e2:14:de:cf:f8:79:27:d4:68:47:f3:04:d9:d6:
                    f3:49:11:fe:2c:5b:a9:8c:f2:16:9b:1b:e9:54:e4:
                    c2:3b:8b:a9:e4:0f:33:ef:d4:c1:5f:b5:ee:0b:15:
                    ea:86:ec:40:6d:ce:dd:88:f9:8d:60:99:f2:d5:fb:
                    5e:9d:59:6b:12:36:7d:69:3e:cd:36:ac:dd:ea:42:
                    3d:6a:72:00:56:5c:e1:cc:4b:0f:2e:b6:bb:3b:eb:
                    ab:36:54:d8:41:e2:09:eb:66:c4:95:9e:13:b2:4e:
                    a5:dd:7f:be:01:67:0c:30:21:23:f4:47:94:df:47:
                    46:cf:93:b9:dd:e7:8e:12:c8:b2:48:07:89:26:7e:
                    1d:e0:92:5f:15:2a:fe:b2:7c:14:de:ad:2b:7c:6b:
                    70:93:3e:9b:e8:74:79:14:44:d7:bf:23:d9:16:6a:
                    b0:29:aa:b6:a3:95:2e:f5:be:69:52:73:73:44:69:
                    df:61:0a:77:3a:49:b7:e6:f4:90:5c:f3:e6:6e:d1:
                    83:2b:cf:ab:b1:a5:b8:bd:f2:a9:0f:b1:65:4e:90:
                    cc:45:a5:77:df:ff:77:a1:ce:0b:a2:af:60:7a:e6:
                    0b:2c:74:97:7a:21:7c:42:df:5d:5d:17:b1:9c:c3:
                    14:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:79:60:5D:AE:6F:F4:76:9F:6E:07:7F:E6:43:2B:38:CC:B4:73:B4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/225a370b-b7ff-4d29-8cc6-b57287923a22.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.178.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a8:32:e3:17:b1:df:11:25:80:e9:8d:37:cd:f1:24:ad:89:18:
         c9:c8:e5:74:48:e2:62:fc:36:7c:35:56:b1:56:ac:85:30:45:
         e7:f0:69:59:9e:df:b9:f3:cd:bd:85:1e:50:c1:2c:66:7d:7a:
         a5:93:52:7c:55:77:dd:95:a9:db:15:cb:65:2f:6e:70:e3:dc:
         fb:83:17:fa:c7:6c:bc:0a:72:c3:97:ab:b5:5c:3e:f1:8a:3c:
         e3:72:83:4c:e4:ee:51:1a:44:87:7b:3e:88:8e:a4:b2:82:df:
         dd:b1:63:b1:56:b8:f1:3e:80:d1:c0:7d:50:a2:0a:34:9b:04:
         35:50:6d:88:7c:67:67:6f:58:f0:e8:50:01:02:58:8a:ae:0f:
         a3:50:84:06:66:f0:c3:02:dc:eb:b4:6d:f7:df:59:cb:af:f2:
         12:e3:8e:3a:8e:7f:6c:13:f3:45:4b:e3:f5:2b:3a:8b:dd:94:
         b8:37:58:ff:cb:f9:9b:ca:a8:38:27:69:cc:cf:da:d3:53:91:
         d3:af:fa:82:74:bd:9c:a8:36:37:cd:9b:7a:8c:6a:e2:00:25:
         5a:c0:94:e4:50:69:f6:98:0e:67:f0:00:4d:69:46:90:92:f4:
         b2:30:95:07:9b:61:6e:89:65:aa:9e:c0:41:77:d9:57:8c:98:
         f2:8b:3e:9a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGouGvYUZ+bD1etxvcvzOeSp5JigwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjExMDAwMDUwWhcNMjUwNzE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BkY2RlOGQ4NTYyY2U0Mjc3ZTliOGFmMDdiZGJmN2FmYzBh
MWI4YjYwODcxZjViOTMxZjhlMzlkZmQxOTA5Njc5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5uIdDvIOj0NT1WfXt6VviFN7P+Hkn1GhH8wTZ1vNJEf4s
W6mM8habG+lU5MI7i6nkDzPv1MFfte4LFeqG7EBtzt2I+Y1gmfLV+16dWWsSNn1p
Ps02rN3qQj1qcgBWXOHMSw8utrs766s2VNhB4gnrZsSVnhOyTqXdf74BZwwwISP0
R5TfR0bPk7nd544SyLJIB4kmfh3gkl8VKv6yfBTerSt8a3CTPpvodHkURNe/I9kW
arApqrajlS71vmlSc3NEad9hCnc6Sbfm9JBc8+Zu0YMrz6uxpbi98qkPsWVOkMxF
pXff/3ehzguir2B65gssdJd6IXxC311dF7GcwxQlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUlXlgXa5v9Hafbgd/5kMrOMy0c7QwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIyNWEzNzBiLWI3ZmYtNGQyOS04Y2M2LWI1NzI4NzkyM2EyMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIBsgQwDQYJKoZIhvcNAQELBQADggEBAKgy4xex3xElgOmNN83xJK2JGMnI
5XRI4mL8Nnw1VrFWrIUwRefwaVme37nzzb2FHlDBLGZ9eqWTUnxVd92VqdsVy2Uv
bnDj3PuDF/rHbLwKcsOXq7VcPvGKPONyg0zk7lEaRId7PoiOpLKC392xY7FWuPE+
gNHAfVCiCjSbBDVQbYh8Z2dvWPDoUAECWIquD6NQhAZm8MMC3Ou0bfffWcuv8hLj
jjqOf2wT80VL4/UrOovdlLg3WP/L+ZvKqDgnaczP2tNTkdOv+oJ0vZyoNjfNm3qM
auIAJVrAlORQafaYDmfwAE1pRpCS9LIwlQebYW6JZaqewEF32VeMmPKLPpo=
-----END CERTIFICATE-----
Generated at Sat Jun 14 18:55:48 2025 by rpki-client