Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/42e80cfb-6694-44ed-8b7d-4f7bcc286fe7.roa
File:                     42e80cfb-6694-44ed-8b7d-4f7bcc286fe7.roa (raw, json)
Hash identifier:          h7TKF3bj1L4P/KMDDOSg7BcExyWyWBHklAkulcH2Bh8=
Subject key identifier:   98:F6:A5:04:11:D8:3F:B0:E1:0D:50:78:30:8A:47:D6:3E:E3:6B:9E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       122B81B1BC984C07E86814E3045C961EA1A9DC24
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/42e80cfb-6694-44ed-8b7d-4f7bcc286fe7.roa
Signing time:             Wed 06 Aug 2025 12:55:46 +0000
ROA not before:           Wed 06 Aug 2025 12:55:46 +0000
ROA not after:            Wed 10 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        56.187.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:2b:81:b1:bc:98:4c:07:e8:68:14:e3:04:5c:96:1e:a1:a9:dc:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  6 12:55:46 2025 GMT
            Not After : Sep 10 23:59:59 2025 GMT
        Subject: serialNumber=1849f88b3e05f2c1735b7b63a86cc7aefc42f2142eb8ac4d8f95557fa198306b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:d2:c9:e2:f1:2a:52:6f:62:bd:58:de:a9:c6:
                    d7:c1:1b:c8:b7:ec:46:de:af:a1:84:8e:b3:48:e4:
                    b5:50:1c:15:c1:26:05:65:fa:54:42:4f:33:a2:c8:
                    d8:15:a9:20:74:90:6e:6b:9c:37:c3:b4:c7:dd:9c:
                    db:bb:db:7d:b4:57:d2:6e:ed:2d:df:cb:94:ac:ac:
                    72:91:d0:c0:76:32:5e:6f:ed:26:74:bd:40:6a:68:
                    86:34:8a:03:f2:2f:bc:a2:f3:e9:af:7c:6e:86:5f:
                    92:e3:16:aa:a6:fd:2f:df:65:3f:37:7b:f9:87:9a:
                    d7:64:17:a4:f1:e2:2b:3a:54:af:5c:61:e8:4b:71:
                    69:d6:40:39:a0:0b:23:a9:e5:10:2f:a7:33:41:68:
                    16:fd:52:6c:56:1a:6d:61:31:ef:f6:05:ff:2d:85:
                    84:2b:0e:8b:ae:b2:ec:06:45:72:c3:26:61:75:4c:
                    52:5d:b8:c4:07:aa:49:23:ad:ed:9b:fc:d2:21:ae:
                    9a:9c:1e:da:2a:f5:cd:ae:ac:d2:34:fd:97:ac:9a:
                    90:59:00:41:00:41:f1:70:53:b5:bd:53:e5:43:83:
                    6c:e8:fa:be:0a:89:05:45:3c:4e:2a:d5:a0:25:da:
                    3c:17:cf:a7:23:4a:c0:d2:4e:11:55:bd:b7:38:0d:
                    0c:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:F6:A5:04:11:D8:3F:B0:E1:0D:50:78:30:8A:47:D6:3E:E3:6B:9E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/42e80cfb-6694-44ed-8b7d-4f7bcc286fe7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.187.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         5c:5d:32:90:7e:b8:ef:78:3a:0b:a5:92:d6:6d:82:de:09:07:
         cd:ef:52:b6:ae:45:67:d5:a9:1f:d4:7d:ad:ec:7f:46:6c:cf:
         9b:b2:40:18:86:97:fb:c2:ab:be:85:be:ad:c6:52:a8:1c:38:
         04:c3:ae:22:da:f4:43:61:45:04:e7:a4:5a:12:d6:0b:33:cd:
         9a:b5:18:ea:63:89:2b:78:b6:b5:6a:35:34:47:b8:73:ea:0c:
         b9:85:8d:48:d0:13:e6:91:91:6a:c7:fe:04:d4:0e:ba:97:a3:
         d0:a2:f1:ee:23:c9:90:cf:15:a4:75:a0:96:d7:fe:62:ca:9d:
         84:07:45:c0:ff:79:2b:eb:cd:e4:7d:d6:21:7f:dc:45:34:f2:
         78:4e:ca:4c:9f:72:98:71:5d:cb:6a:90:32:78:82:43:f7:07:
         0c:ba:08:27:a9:4c:e4:77:3c:ed:7e:e8:6d:7d:f6:6f:8c:32:
         74:4c:f2:8d:34:4c:e0:dd:5a:44:13:ce:4a:82:4c:2a:3c:15:
         ad:7a:6f:22:f0:bd:36:81:df:b8:2e:9e:6f:03:71:83:05:9c:
         29:cc:fc:51:fd:ea:26:7d:9e:aa:68:81:66:db:d9:06:b3:6a:
         66:58:28:f2:a1:39:ab:7b:51:a3:9a:0a:f7:fd:de:b2:bd:8b:
         71:75:fa:d1
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUEiuBsbyYTAfoaBTjBFyWHqGp3CQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA2MTI1NTQ2WhcNMjUwOTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AxODQ5Zjg4YjNlMDVmMmMxNzM1YjdiNjNhODZjYzdhZWZj
NDJmMjE0MmViOGFjNGQ4Zjk1NTU3ZmExOTgzMDZiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC10sni8SpSb2K9WN6pxtfBG8i37Eber6GEjrNI5LVQHBXB
JgVl+lRCTzOiyNgVqSB0kG5rnDfDtMfdnNu72320V9Ju7S3fy5SsrHKR0MB2Ml5v
7SZ0vUBqaIY0igPyL7yi8+mvfG6GX5LjFqqm/S/fZT83e/mHmtdkF6Tx4is6VK9c
YehLcWnWQDmgCyOp5RAvpzNBaBb9UmxWGm1hMe/2Bf8thYQrDouusuwGRXLDJmF1
TFJduMQHqkkjre2b/NIhrpqcHtoq9c2urNI0/ZesmpBZAEEAQfFwU7W9U+VDg2zo
+r4KiQVFPE4q1aAl2jwXz6cjSsDSThFVvbc4DQx5AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUmPalBBHYP7DhDVB4MIpH1j7ja54wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQyZTgwY2ZiLTY2OTQtNDRlZC04YjdkLTRmN2JjYzI4NmZlNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4uzANBgkqhkiG9w0BAQsFAAOCAQEAXF0ykH6473g6C6WS1m2C3gkHze9S
tq5FZ9WpH9R9rex/RmzPm7JAGIaX+8KrvoW+rcZSqBw4BMOuItr0Q2FFBOekWhLW
CzPNmrUY6mOJK3i2tWo1NEe4c+oMuYWNSNAT5pGRasf+BNQOupej0KLx7iPJkM8V
pHWgltf+YsqdhAdFwP95K+vN5H3WIX/cRTTyeE7KTJ9ymHFdy2qQMniCQ/cHDLoI
J6lM5Hc87X7obX32b4wydEzyjTRM4N1aRBPOSoJMKjwVrXpvIvC9NoHfuC6ebwNx
gwWcKcz8Uf3qJn2eqmiBZtvZBrNqZlgo8qE5q3tRo5oK9/3esr2LcXX60Q==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:22:54 2025 by rpki-client