Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2966c35f-19a0-48e0-a0af-c1840ddaa93a.roa
File:                     2966c35f-19a0-48e0-a0af-c1840ddaa93a.roa (raw, json)
Hash identifier:          VSHYrmFDryT5xbvZ9Wd5tIbcsXr9UXOtczOIKjZe37c=
Subject key identifier:   1B:B9:7A:26:1A:EB:60:C9:7E:EB:E0:57:D2:87:7B:AC:05:BE:1F:19
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7B5B54F44A7C902A3C403C5873A4A1204D4C490F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2966c35f-19a0-48e0-a0af-c1840ddaa93a.roa
Signing time:             Wed 06 Aug 2025 14:26:31 +0000
ROA not before:           Wed 06 Aug 2025 14:26:31 +0000
ROA not after:            Wed 10 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        99.200.0.0/13 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:5b:54:f4:4a:7c:90:2a:3c:40:3c:58:73:a4:a1:20:4d:4c:49:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  6 14:26:31 2025 GMT
            Not After : Sep 10 23:59:59 2025 GMT
        Subject: serialNumber=14037e5a8940ec6bffe8ba177a863250c2c1bfddef0a09380fba0d63e8efe437, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:9f:db:10:cd:3d:04:b2:81:ba:f3:aa:9f:6a:
                    65:ac:a2:6e:15:56:50:b4:f3:40:87:de:57:c7:2b:
                    c8:15:fc:05:99:bd:a6:c7:95:1b:32:6e:e3:7f:61:
                    ec:ae:7e:7e:69:34:05:ba:65:24:e6:5b:c2:90:d1:
                    b7:cb:13:c6:d7:f5:13:53:d4:d6:fe:3b:72:09:e2:
                    12:38:64:50:15:3f:3c:e1:7c:4a:b8:52:54:1c:cb:
                    c5:5e:1e:01:b0:83:b7:b5:52:7d:bd:03:c9:bd:26:
                    44:73:42:5c:98:38:d3:5c:fe:a1:bf:b2:48:d6:78:
                    d6:1d:9e:ef:eb:3c:22:cf:99:b1:37:fb:52:d0:3c:
                    49:bc:66:8a:60:13:72:44:aa:28:da:cd:71:54:ec:
                    52:1c:a3:02:2f:e8:d8:b5:be:f1:63:be:a3:32:68:
                    45:10:15:18:ab:fb:8f:0c:b1:94:da:a3:ba:49:7a:
                    54:90:f7:b7:29:26:f3:88:8d:80:3e:a4:63:01:37:
                    0c:1b:28:60:47:63:d3:90:8e:5f:6c:4e:e3:1d:bb:
                    07:3d:b3:82:7b:62:ad:e2:1e:d5:de:52:f2:cd:63:
                    6a:fe:64:d1:08:80:5a:a7:30:35:74:1f:46:af:24:
                    64:22:bf:f9:fb:2e:64:73:3b:61:cd:55:58:a9:8d:
                    41:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:B9:7A:26:1A:EB:60:C9:7E:EB:E0:57:D2:87:7B:AC:05:BE:1F:19
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2966c35f-19a0-48e0-a0af-c1840ddaa93a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.200.0.0/13

    Signature Algorithm: sha256WithRSAEncryption
         30:03:82:e6:d9:31:e2:93:f2:d4:11:e5:ae:4d:96:a1:0e:9d:
         fe:9e:00:c7:71:48:b7:9c:ac:90:10:2e:be:0c:6c:be:7e:e7:
         61:6f:74:e8:56:e4:95:b1:d4:87:d1:d6:e1:21:bf:46:48:b3:
         f9:52:4f:31:a7:de:67:77:73:0c:ac:b0:e7:60:db:e6:61:5f:
         99:8f:58:1a:02:a3:57:83:64:3d:e6:9c:b1:15:34:36:af:0c:
         b5:c0:43:17:4f:c6:53:6e:4d:77:fa:e2:73:df:56:36:41:a0:
         9e:51:07:12:e5:93:a6:4d:1c:ad:2a:e6:c5:55:ac:a7:28:03:
         77:75:fa:7b:ad:49:b2:83:30:7b:7f:9e:8d:c0:98:74:af:7b:
         3e:ba:e6:2a:41:cf:a0:bc:e8:85:67:e4:72:5f:17:00:d8:d7:
         0d:51:b3:8c:0f:7f:e1:94:d0:68:67:8c:6b:f0:e7:28:0f:3c:
         db:be:be:2b:c2:50:80:34:16:28:26:00:0a:36:56:94:4d:28:
         18:67:f9:72:96:8e:d3:d6:c9:a2:32:c9:a8:ff:d9:86:f6:75:
         31:0c:cd:53:67:bf:06:6e:ab:f1:1b:df:18:b4:5c:78:5e:2f:
         5a:6c:09:de:03:29:e1:8c:24:bb:e6:dc:26:b7:fb:2f:bf:46:
         67:66:54:e0
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUe1tU9Ep8kCo8QDxYc6ShIE1MSQ8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA2MTQyNjMxWhcNMjUwOTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AxNDAzN2U1YTg5NDBlYzZiZmZlOGJhMTc3YTg2MzI1MGMy
YzFiZmRkZWYwYTA5MzgwZmJhMGQ2M2U4ZWZlNDM3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD5n9sQzT0EsoG686qfamWsom4VVlC080CH3lfHK8gV/AWZ
vabHlRsybuN/Yeyufn5pNAW6ZSTmW8KQ0bfLE8bX9RNT1Nb+O3IJ4hI4ZFAVPzzh
fEq4UlQcy8VeHgGwg7e1Un29A8m9JkRzQlyYONNc/qG/skjWeNYdnu/rPCLPmbE3
+1LQPEm8ZopgE3JEqijazXFU7FIcowIv6Ni1vvFjvqMyaEUQFRir+48MsZTao7pJ
elSQ97cpJvOIjYA+pGMBNwwbKGBHY9OQjl9sTuMduwc9s4J7Yq3iHtXeUvLNY2r+
ZNEIgFqnMDV0H0avJGQiv/n7LmRzO2HNVVipjUGzAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUG7l6JhrrYMl+6+BX0od7rAW+HxkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI5NjZjMzVmLTE5YTAtNDhlMC1hMGFmLWMxODQwZGRhYTkzYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwNjyDANBgkqhkiG9w0BAQsFAAOCAQEAMAOC5tkx4pPy1BHlrk2WoQ6d/p4A
x3FIt5yskBAuvgxsvn7nYW906FbklbHUh9HW4SG/Rkiz+VJPMafeZ3dzDKyw52Db
5mFfmY9YGgKjV4NkPeacsRU0Nq8MtcBDF0/GU25Nd/ric99WNkGgnlEHEuWTpk0c
rSrmxVWspygDd3X6e61JsoMwe3+ejcCYdK97PrrmKkHPoLzohWfkcl8XANjXDVGz
jA9/4ZTQaGeMa/DnKA88276+K8JQgDQWKCYACjZWlE0oGGf5cpaO09bJojLJqP/Z
hvZ1MQzNU2e/Bm6r8RvfGLRceF4vWmwJ3gMp4Ywku+bcJrf7L79GZ2ZU4A==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:23:36 2025 by rpki-client