Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/40678bef-8d07-4eae-a68e-675cf4cd98ca.roa
File:                     40678bef-8d07-4eae-a68e-675cf4cd98ca.roa (raw, json)
Hash identifier:          3aII1PoZZmbAa9YsbO15F7GqKuPtXc132leAguofbAE=
Subject key identifier:   1A:2C:96:CA:FB:75:51:BE:79:D1:5B:18:40:E3:63:A0:2F:A3:17:C7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       49365EEE06FA1F5F31591AE91B5870419EE29EFB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/40678bef-8d07-4eae-a68e-675cf4cd98ca.roa
Signing time:             Tue 22 Jul 2025 00:40:15 +0000
ROA not before:           Tue 22 Jul 2025 00:40:15 +0000
ROA not after:            Tue 26 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        50.18.104.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:36:5e:ee:06:fa:1f:5f:31:59:1a:e9:1b:58:70:41:9e:e2:9e:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 22 00:40:15 2025 GMT
            Not After : Aug 26 23:59:59 2025 GMT
        Subject: serialNumber=c90fb56ed4b32bcefe882b55cd579ff5e39750acfb79274689a4ef59c9158e3a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:ce:18:07:63:50:93:1a:91:59:9a:1f:d1:1e:
                    bb:75:c1:99:60:e8:32:9d:54:1a:4c:9d:d7:2d:69:
                    f6:16:1a:29:e5:4a:aa:ec:9c:ce:b1:ba:df:db:09:
                    9a:6a:b6:7c:a4:41:95:44:c0:0a:cd:5d:77:33:a5:
                    a1:7d:9c:95:23:dd:d0:3a:73:02:f8:29:d8:48:a9:
                    e2:cc:5f:0b:66:91:c3:dd:c1:54:de:d9:01:77:85:
                    49:ca:a9:a5:77:f2:ed:a6:9b:b6:5c:df:cd:f8:da:
                    87:9f:18:25:44:46:13:98:05:3f:9e:e6:36:31:38:
                    f0:7c:9e:91:b3:b5:cc:d6:7a:07:4f:92:4e:5a:82:
                    91:da:5e:97:de:63:2d:03:d6:f6:20:7f:66:35:b5:
                    c3:5e:3e:60:e9:d7:0b:60:34:34:fc:5e:f5:55:0e:
                    64:b9:59:72:a4:d2:23:da:28:2c:d0:50:77:fd:dd:
                    00:33:ad:e9:7d:f4:a8:f3:45:09:83:9e:7a:1d:b0:
                    d3:2a:c7:c3:46:1c:14:d4:e9:33:19:6f:9c:b6:e2:
                    b1:8b:2d:b3:8c:50:da:6c:f7:bd:68:19:8b:c3:bb:
                    68:9e:d1:06:0d:02:d5:0f:dd:f9:0b:49:53:db:91:
                    89:6b:3b:43:17:f3:22:03:a2:93:dd:64:73:ab:89:
                    b4:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:2C:96:CA:FB:75:51:BE:79:D1:5B:18:40:E3:63:A0:2F:A3:17:C7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/40678bef-8d07-4eae-a68e-675cf4cd98ca.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.18.104.0/21

    Signature Algorithm: sha256WithRSAEncryption
         25:11:7d:5f:ff:ab:00:d5:1f:a4:46:96:76:7a:54:91:14:c2:
         c3:30:7a:1e:ce:b0:9a:f6:09:8e:47:d7:a5:42:be:51:9f:66:
         55:35:17:ce:56:3a:5c:f4:7b:ce:3c:62:05:a9:43:94:0c:56:
         6a:1f:a2:8c:18:86:f3:06:ce:78:95:ab:89:28:b7:2a:31:51:
         76:22:20:d7:7c:9b:a9:a3:29:2c:75:5a:ef:61:61:db:cf:b6:
         81:90:d8:32:bd:43:63:5e:e3:e0:ea:58:01:7e:e2:63:4e:18:
         52:6b:e5:08:93:53:07:64:a7:b8:6d:de:ca:c8:fa:20:60:ec:
         82:52:90:bd:38:47:42:52:1d:1c:4e:cb:27:47:9f:e0:45:48:
         71:9d:41:54:c3:69:61:b5:ca:ae:5a:f3:81:13:12:59:99:b0:
         5f:f1:93:68:6b:6e:39:24:0a:0b:6e:17:c8:a6:18:88:c0:ad:
         45:71:9e:7a:71:ff:2b:b4:bd:ec:b9:4a:f4:59:43:2b:81:29:
         53:8a:29:d9:4b:a9:9d:88:75:d8:7d:58:63:e5:9e:ad:45:08:
         17:3d:a8:1b:6a:eb:20:62:ae:50:0c:64:0c:c3:88:e2:29:e2:
         79:94:fe:ef:18:2e:f8:51:f6:fd:49:ac:1e:2a:25:72:16:9a:
         e6:49:d5:90
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSTZe7gb6H18xWRrpG1hwQZ7invswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIyMDA0MDE1WhcNMjUwODI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BjOTBmYjU2ZWQ0YjMyYmNlZmU4ODJiNTVjZDU3OWZmNWUz
OTc1MGFjZmI3OTI3NDY4OWE0ZWY1OWM5MTU4ZTNhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgzhgHY1CTGpFZmh/RHrt1wZlg6DKdVBpMndctafYWGinl
SqrsnM6xut/bCZpqtnykQZVEwArNXXczpaF9nJUj3dA6cwL4KdhIqeLMXwtmkcPd
wVTe2QF3hUnKqaV38u2mm7Zc38342oefGCVERhOYBT+e5jYxOPB8npGztczWegdP
kk5agpHaXpfeYy0D1vYgf2Y1tcNePmDp1wtgNDT8XvVVDmS5WXKk0iPaKCzQUHf9
3QAzrel99KjzRQmDnnodsNMqx8NGHBTU6TMZb5y24rGLLbOMUNps971oGYvDu2ie
0QYNAtUP3fkLSVPbkYlrO0MX8yIDopPdZHOribRjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUGiyWyvt1Ub550VsYQONjoC+jF8cwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQwNjc4YmVmLThkMDctNGVhZS1hNjhlLTY3NWNmNGNkOThjYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMyEmgwDQYJKoZIhvcNAQELBQADggEBACURfV//qwDVH6RGlnZ6VJEUwsMw
eh7OsJr2CY5H16VCvlGfZlU1F85WOlz0e848YgWpQ5QMVmofoowYhvMGzniVq4ko
tyoxUXYiINd8m6mjKSx1Wu9hYdvPtoGQ2DK9Q2Ne4+DqWAF+4mNOGFJr5QiTUwdk
p7ht3srI+iBg7IJSkL04R0JSHRxOyydHn+BFSHGdQVTDaWG1yq5a84ETElmZsF/x
k2hrbjkkCgtuF8imGIjArUVxnnpx/yu0vey5SvRZQyuBKVOKKdlLqZ2Iddh9WGPl
nq1FCBc9qBtq6yBirlAMZAzDiOIp4nmU/u8YLvhR9v1JrB4qJXIWmuZJ1ZA=
-----END CERTIFICATE-----
Generated at Wed Aug 6 16:16:40 2025 by rpki-client