Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/329407c6-ade2-4e81-8e88-4118393e7f6a.roa
File:                     329407c6-ade2-4e81-8e88-4118393e7f6a.roa (raw, json)
Hash identifier:          2os7XozxKwdiDgwiwpVfVMP1CPullEjPL2LJu5/H6Uw=
Subject key identifier:   E6:CB:1B:88:0F:E8:77:E0:09:B5:D9:FE:03:90:E0:42:D2:7C:B3:BE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       26CBCE4A0526B5F34756C5D6FCC198E71240C349
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/329407c6-ade2-4e81-8e88-4118393e7f6a.roa
Signing time:             Mon 28 Jul 2025 15:30:23 +0000
ROA not before:           Mon 28 Jul 2025 15:30:23 +0000
ROA not after:            Mon 01 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        209.109.64.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:cb:ce:4a:05:26:b5:f3:47:56:c5:d6:fc:c1:98:e7:12:40:c3:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 28 15:30:23 2025 GMT
            Not After : Sep  1 23:59:59 2025 GMT
        Subject: serialNumber=8d21898c4fe2c9b01cc4f5b50209a96eebf056bb745d454637838411858b23e7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:2d:b3:b3:59:3e:7c:86:ad:c8:e6:8f:b3:e1:
                    f6:c1:88:78:f2:2c:72:08:96:ec:70:5d:dc:1b:10:
                    52:fb:16:52:e7:f5:2e:d8:ae:15:f7:a3:8e:dc:49:
                    8d:6e:6f:b2:de:72:34:2d:0f:3f:20:3e:db:af:34:
                    1f:30:af:0d:cd:76:0f:21:14:0f:6f:51:37:95:ee:
                    08:aa:dc:dc:e4:ec:f2:6d:52:1c:68:26:e8:7a:28:
                    34:bb:26:3a:81:39:43:3f:cb:72:27:db:58:b2:4b:
                    4c:70:97:6c:a9:b5:6c:e3:ea:13:8b:c4:a6:e8:2a:
                    56:bf:37:00:18:10:65:8a:9d:00:9e:33:b5:02:be:
                    ac:26:84:a8:b9:23:40:80:c5:57:2c:01:92:6b:81:
                    e2:32:b0:20:ce:9b:bb:55:38:d3:53:4c:e8:ee:01:
                    26:19:f8:d5:b5:af:56:04:cd:27:66:66:b7:68:62:
                    17:73:af:b4:4d:df:49:83:09:52:e4:74:ca:67:0f:
                    9e:dc:96:29:bd:2a:4c:44:42:8e:28:53:2c:b5:3f:
                    cd:a9:82:63:84:c6:5e:63:50:fb:f4:93:e8:74:85:
                    86:5d:63:ba:c0:28:8b:31:51:ba:68:56:69:4b:33:
                    c0:25:2a:d9:b4:fd:f9:93:ab:af:01:47:8b:35:eb:
                    e6:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:CB:1B:88:0F:E8:77:E0:09:B5:D9:FE:03:90:E0:42:D2:7C:B3:BE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/329407c6-ade2-4e81-8e88-4118393e7f6a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  209.109.64.0/19

    Signature Algorithm: sha256WithRSAEncryption
         0c:d3:02:2d:bf:4b:c8:ba:61:71:a2:c0:45:25:2a:fd:00:f9:
         06:15:ec:f0:29:06:6f:dd:6b:61:34:9a:12:cb:5e:c1:15:6c:
         8d:d3:9e:58:83:47:1e:ad:2c:fc:81:66:fa:03:f4:48:0a:e6:
         51:12:74:17:e1:31:20:2a:ac:59:30:48:5c:41:47:4c:f4:78:
         6b:0b:01:aa:c6:c6:34:be:d8:e4:c3:66:e1:e6:a2:6c:f3:f5:
         ca:c9:10:be:43:78:48:ff:97:35:28:7f:5a:ea:bb:64:18:aa:
         65:66:bb:67:2f:fb:a3:e6:79:41:00:a5:85:9a:ff:e6:33:9e:
         fc:1b:58:0a:fa:c6:b7:9b:c7:b0:a8:79:03:4e:23:c8:02:65:
         03:f0:5e:54:80:da:42:b3:29:0d:b3:7b:cb:e0:a1:a9:64:01:
         6b:d7:81:5a:19:8e:4b:71:29:2f:fc:0b:87:93:e7:53:48:72:
         70:c5:0d:6e:bd:2a:d9:49:03:03:dc:66:ac:de:3a:90:78:9a:
         a0:29:96:00:cb:33:4e:1d:8d:73:f0:55:9b:f2:3c:f3:59:53:
         94:80:d6:33:9a:65:38:61:6e:e8:f9:f6:c0:c5:96:32:bb:3b:
         f1:a8:17:2e:75:86:8f:12:f7:f6:f4:98:dd:95:06:76:6c:47:
         ad:8e:e1:66
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJsvOSgUmtfNHVsXW/MGY5xJAw0kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzI4MTUzMDIzWhcNMjUwOTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZDIxODk4YzRmZTJjOWIwMWNjNGY1YjUwMjA5YTk2ZWVi
ZjA1NmJiNzQ1ZDQ1NDYzNzgzODQxMTg1OGIyM2U3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrLbOzWT58hq3I5o+z4fbBiHjyLHIIluxwXdwbEFL7FlLn
9S7YrhX3o47cSY1ub7LecjQtDz8gPtuvNB8wrw3Ndg8hFA9vUTeV7giq3Nzk7PJt
UhxoJuh6KDS7JjqBOUM/y3In21iyS0xwl2yptWzj6hOLxKboKla/NwAYEGWKnQCe
M7UCvqwmhKi5I0CAxVcsAZJrgeIysCDOm7tVONNTTOjuASYZ+NW1r1YEzSdmZrdo
Yhdzr7RN30mDCVLkdMpnD57clim9KkxEQo4oUyy1P82pgmOExl5jUPv0k+h0hYZd
Y7rAKIsxUbpoVmlLM8AlKtm0/fmTq68BR4s16+aNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5ssbiA/od+AJtdn+A5DgQtJ8s74wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMyOTQwN2M2LWFkZTItNGU4MS04ZTg4LTQxMTgzOTNlN2Y2YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXRbUAwDQYJKoZIhvcNAQELBQADggEBAAzTAi2/S8i6YXGiwEUlKv0A+QYV
7PApBm/da2E0mhLLXsEVbI3TnliDRx6tLPyBZvoD9EgK5lESdBfhMSAqrFkwSFxB
R0z0eGsLAarGxjS+2OTDZuHmomzz9crJEL5DeEj/lzUof1rqu2QYqmVmu2cv+6Pm
eUEApYWa/+YznvwbWAr6xrebx7CoeQNOI8gCZQPwXlSA2kKzKQ2ze8vgoalkAWvX
gVoZjktxKS/8C4eT51NIcnDFDW69KtlJAwPcZqzeOpB4mqAplgDLM04djXPwVZvy
PPNZU5SA1jOaZThhbuj59sDFljK7O/GoFy51ho8S9/b0mN2VBnZsR62O4WY=
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:42:46 2025 by rpki-client