Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3b3ba061-2eb3-49e9-8751-a3a3b0281d6f.roa
File:                     3b3ba061-2eb3-49e9-8751-a3a3b0281d6f.roa (raw, json)
Hash identifier:          ObAVa/SDpvYxru0L7qe4PhVBQ953hafxijQjUSMbAts=
Subject key identifier:   2C:DC:92:3D:CF:0D:41:4D:CF:BD:9E:DE:23:FE:41:7E:E1:71:AA:8B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       156E6648EDDD24B492CFC55204F3DEBC8502A1F4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3b3ba061-2eb3-49e9-8751-a3a3b0281d6f.roa
Signing time:             Sat 02 Aug 2025 00:51:52 +0000
ROA not before:           Sat 02 Aug 2025 00:51:52 +0000
ROA not after:            Sat 06 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        204.236.208.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:6e:66:48:ed:dd:24:b4:92:cf:c5:52:04:f3:de:bc:85:02:a1:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  2 00:51:52 2025 GMT
            Not After : Sep  6 23:59:59 2025 GMT
        Subject: serialNumber=1d4003f8ae96b63f04770a9ddd0cb7a671e084cd1c4f11de802f59b2833e6543, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:07:ae:c5:88:87:50:eb:6a:83:50:ea:85:9a:
                    8d:d1:f0:32:c3:62:d0:14:c2:e5:62:95:6d:1a:99:
                    a7:d9:52:96:67:f8:da:db:97:cf:80:33:50:0b:c4:
                    5d:f4:cb:39:e3:77:55:35:b9:ea:dc:eb:46:e9:c0:
                    97:9f:1a:bb:88:ab:2d:35:fa:a8:78:11:29:e5:88:
                    6f:44:fd:b5:ad:d1:1c:0d:17:df:ff:d1:93:91:fd:
                    e9:22:b8:95:c0:47:bd:f3:3c:c8:72:f3:79:4f:f0:
                    76:b3:a0:4e:81:2b:5f:e5:18:7b:e3:b6:61:c6:ae:
                    e1:be:31:29:33:53:6d:21:82:a6:6f:0e:2d:9b:b0:
                    6a:93:01:b5:ab:4f:cb:66:13:f9:5b:1f:e7:fe:3d:
                    18:8d:01:2f:2a:f8:f0:0a:3f:d0:b0:73:ea:9a:e0:
                    4a:0a:52:9b:dd:ec:67:9c:07:e8:6f:ca:ab:f9:ac:
                    c6:0c:87:df:4a:ed:4f:bd:26:41:90:50:48:84:34:
                    ce:8d:a5:bb:52:45:23:ff:b2:8b:2f:ec:3d:84:89:
                    e9:59:7e:b5:1f:1b:5e:00:5a:8a:51:e0:04:63:57:
                    45:9f:48:2f:7a:d0:96:1c:0e:4d:8f:bb:8e:d3:1f:
                    a8:09:1c:f0:bc:63:20:41:b7:d0:af:19:2a:25:5f:
                    21:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:DC:92:3D:CF:0D:41:4D:CF:BD:9E:DE:23:FE:41:7E:E1:71:AA:8B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3b3ba061-2eb3-49e9-8751-a3a3b0281d6f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.236.208.0/21

    Signature Algorithm: sha256WithRSAEncryption
         14:22:46:41:1d:fa:10:28:e5:32:c2:99:c5:33:91:02:1c:d7:
         99:1e:9c:9e:f8:15:af:ca:96:cf:a8:e3:0a:7d:61:85:69:a4:
         c8:6a:68:07:83:07:c8:e1:13:3a:f7:78:b7:20:47:f5:54:ce:
         94:8d:fa:b1:1a:67:ae:61:65:e9:39:a0:c3:92:b6:58:75:f5:
         8d:4f:68:41:dc:87:29:16:dc:db:10:1e:94:77:99:b2:e8:66:
         ad:df:f8:40:8a:4f:92:59:e1:24:31:03:0b:f6:7b:2a:56:c1:
         9c:3f:19:33:90:27:42:82:9e:60:c2:5f:b5:b4:a1:89:ef:5f:
         24:69:5c:d3:79:9f:76:03:6a:36:95:e0:28:d7:f4:2e:c4:e7:
         aa:3a:d2:f7:99:18:03:f3:d6:26:ae:5f:33:48:94:4c:37:57:
         c2:98:c2:38:48:20:72:9c:2f:7e:08:65:1e:2c:6e:6e:ba:f0:
         8f:d5:51:e4:8e:f3:40:ca:1d:3a:99:33:d7:1a:cf:67:53:1d:
         7f:9d:cd:70:db:b6:3e:b9:fc:bd:4e:07:a7:64:c4:0b:63:1d:
         43:67:4d:c5:db:cf:3a:3d:76:e3:a6:8f:a4:85:82:7d:4b:0f:
         a3:bd:d6:22:a9:a0:20:9b:7c:e4:3e:2c:29:b4:c3:12:17:57:
         46:a7:75:39
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFW5mSO3dJLSSz8VSBPPevIUCofQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODAyMDA1MTUyWhcNMjUwOTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0AxZDQwMDNmOGFlOTZiNjNmMDQ3NzBhOWRkZDBjYjdhNjcx
ZTA4NGNkMWM0ZjExZGU4MDJmNTliMjgzM2U2NTQzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLB67FiIdQ62qDUOqFmo3R8DLDYtAUwuVilW0amafZUpZn
+Nrbl8+AM1ALxF30yznjd1U1uerc60bpwJefGruIqy01+qh4ESnliG9E/bWt0RwN
F9//0ZOR/ekiuJXAR73zPMhy83lP8HazoE6BK1/lGHvjtmHGruG+MSkzU20hgqZv
Di2bsGqTAbWrT8tmE/lbH+f+PRiNAS8q+PAKP9Cwc+qa4EoKUpvd7GecB+hvyqv5
rMYMh99K7U+9JkGQUEiENM6NpbtSRSP/sosv7D2EielZfrUfG14AWopR4ARjV0Wf
SC960JYcDk2Pu47TH6gJHPC8YyBBt9CvGSolXyFdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQULNySPc8NQU3PvZ7eI/5BfuFxqoswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNiM2JhMDYxLTJlYjMtNDllOS04NzUxLWEzYTNiMDI4MWQ2Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAPM7NAwDQYJKoZIhvcNAQELBQADggEBABQiRkEd+hAo5TLCmcUzkQIc15ke
nJ74Fa/Kls+o4wp9YYVppMhqaAeDB8jhEzr3eLcgR/VUzpSN+rEaZ65hZek5oMOS
tlh19Y1PaEHchykW3NsQHpR3mbLoZq3f+ECKT5JZ4SQxAwv2eypWwZw/GTOQJ0KC
nmDCX7W0oYnvXyRpXNN5n3YDajaV4CjX9C7E56o60veZGAPz1iauXzNIlEw3V8KY
wjhIIHKcL34IZR4sbm668I/VUeSO80DKHTqZM9caz2dTHX+dzXDbtj65/L1OB6dk
xAtjHUNnTcXbzzo9duOmj6SFgn1LD6O91iKpoCCbfOQ+LCm0wxIXV0andTk=
-----END CERTIFICATE-----
Generated at Wed Aug 6 05:30:26 2025 by rpki-client