Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/39dca287-26d4-4bbc-a590-f5bf14971de6.roa
File:                     39dca287-26d4-4bbc-a590-f5bf14971de6.roa (raw, json)
Hash identifier:          Qy44Fr+hqRQfmTu7iNUK5IECdmFzkgU1HZXwUjVcG5M=
Subject key identifier:   7F:2F:AE:F8:BD:F4:D9:B7:5F:25:02:C6:DE:54:D0:18:36:53:E3:54
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       02AF60A0CD55CB1FC65F9BC28F37C4A1A36530D3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/39dca287-26d4-4bbc-a590-f5bf14971de6.roa
Signing time:             Mon 04 Aug 2025 16:00:20 +0000
ROA not before:           Mon 04 Aug 2025 16:00:20 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.187.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:af:60:a0:cd:55:cb:1f:c6:5f:9b:c2:8f:37:c4:a1:a3:65:30:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  4 16:00:20 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=95b78586e02c02fa9ba72f3f764724725f01a4b11b7f3d3039a168d710b35cc7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:42:e4:9c:19:05:43:ca:9e:59:d8:46:06:ae:
                    4c:3b:fc:7c:d8:c4:ab:d2:78:d1:b0:5a:ac:1f:c5:
                    4b:35:8c:5b:78:8b:64:ff:2d:07:0e:16:b5:74:75:
                    66:13:44:87:7d:16:00:e2:60:b5:b7:25:88:ea:aa:
                    1c:cb:ab:bf:f2:33:86:b7:80:8d:a3:d3:aa:b9:ef:
                    12:30:b1:9a:9c:a5:62:49:db:6c:ec:74:f9:42:8d:
                    1d:91:4a:d7:93:cd:8f:e7:fb:97:7a:58:1f:cd:03:
                    4c:20:43:74:0b:02:f2:57:92:1a:c9:dc:cf:e5:53:
                    e7:02:48:73:33:cc:05:35:83:2d:3c:34:4a:20:45:
                    00:b6:52:5c:07:29:2f:f3:74:35:11:a4:36:f3:36:
                    50:c2:90:76:76:b5:1b:4d:4d:e2:4d:da:d8:df:43:
                    e2:75:39:e0:87:2b:81:ba:0d:f1:70:43:d7:cf:78:
                    04:66:7d:82:58:a8:6a:4c:9a:d7:29:d1:62:cd:69:
                    a7:b1:6a:6e:3c:65:ac:46:a0:f7:23:72:30:9f:2e:
                    4e:02:9a:83:8f:c2:56:e3:19:31:b2:0c:99:09:31:
                    b7:de:89:6d:46:f4:5d:5b:6d:7c:60:33:1d:a9:a1:
                    3b:e7:ec:06:40:e7:09:31:9a:25:ae:a5:b8:ff:e7:
                    f7:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:2F:AE:F8:BD:F4:D9:B7:5F:25:02:C6:DE:54:D0:18:36:53:E3:54
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/39dca287-26d4-4bbc-a590-f5bf14971de6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.187.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         89:93:e1:07:98:91:c4:59:a4:01:6c:35:aa:6e:1d:9e:94:36:
         97:04:19:67:6a:d8:19:3f:7f:73:52:c0:09:18:29:f9:28:6a:
         9b:04:c4:0f:45:b7:00:26:ff:7c:d6:b5:3a:56:3c:89:a9:e7:
         aa:84:51:86:43:74:04:71:ab:6b:ed:c2:5f:99:1d:85:fd:4b:
         0a:d0:34:27:56:72:e3:b7:1e:d5:3f:b2:8e:9f:db:95:4e:87:
         87:25:fc:54:f1:2a:6a:de:9c:44:01:be:90:2d:7d:62:20:54:
         27:6f:c4:92:1b:d3:e0:85:bb:8e:11:1f:69:f6:6b:b6:57:3e:
         84:e3:f2:4a:f2:6e:fc:65:4f:26:50:53:ee:58:fa:ec:3e:64:
         18:31:69:46:ae:cd:c5:6d:16:8d:2c:b2:04:ca:b9:c3:a8:7b:
         08:39:66:1d:12:de:63:c8:cd:0a:b2:4b:59:93:f6:85:82:35:
         51:a6:22:95:17:73:8d:5f:81:c2:73:a2:7c:97:39:79:52:67:
         48:94:4e:a1:a5:53:b5:d5:d9:a1:e4:f1:f5:1f:57:65:ce:e6:
         95:f5:1b:bf:90:0d:84:27:d2:d0:c1:71:c2:16:61:57:6b:12:
         3b:f2:27:a4:5f:b7:6a:f3:d5:61:55:a9:cd:2d:0d:9b:6d:2a:
         f1:02:66:be
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUAq9goM1Vyx/GX5vCjzfEoaNlMNMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA0MTYwMDIwWhcNMjUwOTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A5NWI3ODU4NmUwMmMwMmZhOWJhNzJmM2Y3NjQ3MjQ3MjVm
MDFhNGIxMWI3ZjNkMzAzOWExNjhkNzEwYjM1Y2M3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDrQuScGQVDyp5Z2EYGrkw7/HzYxKvSeNGwWqwfxUs1jFt4
i2T/LQcOFrV0dWYTRId9FgDiYLW3JYjqqhzLq7/yM4a3gI2j06q57xIwsZqcpWJJ
22zsdPlCjR2RSteTzY/n+5d6WB/NA0wgQ3QLAvJXkhrJ3M/lU+cCSHMzzAU1gy08
NEogRQC2UlwHKS/zdDURpDbzNlDCkHZ2tRtNTeJN2tjfQ+J1OeCHK4G6DfFwQ9fP
eARmfYJYqGpMmtcp0WLNaaexam48ZaxGoPcjcjCfLk4CmoOPwlbjGTGyDJkJMbfe
iW1G9F1bbXxgMx2poTvn7AZA5wkxmiWupbj/5/cxAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUfy+u+L302bdfJQLG3lTQGDZT41QwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM5ZGNhMjg3LTI2ZDQtNGJiYy1hNTkwLWY1YmYxNDk3MWRlNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQuzANBgkqhkiG9w0BAQsFAAOCAQEAiZPhB5iRxFmkAWw1qm4dnpQ2lwQZ
Z2rYGT9/c1LACRgp+ShqmwTED0W3ACb/fNa1OlY8iannqoRRhkN0BHGra+3CX5kd
hf1LCtA0J1Zy47ce1T+yjp/blU6HhyX8VPEqat6cRAG+kC19YiBUJ2/EkhvT4IW7
jhEfafZrtlc+hOPySvJu/GVPJlBT7lj67D5kGDFpRq7NxW0WjSyyBMq5w6h7CDlm
HRLeY8jNCrJLWZP2hYI1UaYilRdzjV+BwnOifJc5eVJnSJROoaVTtdXZoeTx9R9X
Zc7mlfUbv5ANhCfS0MFxwhZhV2sSO/InpF+3avPVYVWpzS0Nm20q8QJmvg==
-----END CERTIFICATE-----
Generated at Wed Aug 6 14:07:45 2025 by rpki-client