Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/593de0b1-b07b-4d5a-8e80-eec3224dc436.roa
File:                     593de0b1-b07b-4d5a-8e80-eec3224dc436.roa (raw, json)
Hash identifier:          0yeHv2+LoBzXz3kcBTm+Vzljz41HhWCCe1Fx8b7CsNQ=
Subject key identifier:   72:98:15:45:5E:5C:55:A3:B4:FB:98:5F:AB:28:1D:CD:CA:61:DD:ED
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       12CEFA8F6D90D3FB51770EC89541589F3D3AA4FD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/593de0b1-b07b-4d5a-8e80-eec3224dc436.roa
Signing time:             Sat 26 Jul 2025 00:00:37 +0000
ROA not before:           Sat 26 Jul 2025 00:00:37 +0000
ROA not after:            Sat 30 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        114.56.128.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:ce:fa:8f:6d:90:d3:fb:51:77:0e:c8:95:41:58:9f:3d:3a:a4:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 26 00:00:37 2025 GMT
            Not After : Aug 30 23:59:59 2025 GMT
        Subject: serialNumber=420174a51e21bb302e09ee86a0af5db8f5f7c6bfd4610089577aa7f4d2db0140, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:67:08:aa:51:78:8b:bc:2f:de:0d:ad:ea:fe:
                    a3:37:d6:f9:c4:03:fc:c8:c0:fa:5d:23:ea:a4:d7:
                    3e:9b:7b:3b:31:16:78:cd:52:5d:44:ec:c9:8c:33:
                    d1:86:5c:4b:e6:ca:80:0b:d0:9b:7d:2a:6e:3e:04:
                    0a:6d:d5:e0:aa:4c:0b:39:c7:fb:80:f4:81:7f:05:
                    73:71:ea:21:58:e1:ba:a7:fa:a3:d9:1b:13:74:71:
                    76:45:f4:94:c8:ad:b6:6b:8a:62:21:01:cd:c7:42:
                    67:46:87:b2:c2:53:28:43:d0:5f:d5:2b:f6:7d:cd:
                    f9:72:a6:e8:bd:c8:e5:d9:da:cf:5d:c6:5b:74:7b:
                    1d:6b:e8:bc:f3:02:18:08:f3:af:50:45:c5:4b:8a:
                    09:79:0a:f9:fe:15:7e:a3:8c:43:52:93:6c:f4:9d:
                    1f:b1:66:46:70:8d:c3:51:22:de:8b:b2:cd:2b:a7:
                    3a:e7:17:34:ee:38:29:fa:3e:62:97:8e:7a:09:c6:
                    52:36:e1:8a:80:5a:9a:b0:26:a5:80:3d:d6:33:47:
                    ca:c4:72:bb:18:53:d7:e9:ce:d0:2a:08:00:eb:3d:
                    db:53:fd:4a:a6:4c:9a:c1:3e:e2:94:2d:a6:0c:0b:
                    72:03:3f:98:fa:06:e7:ed:57:e4:a5:b2:84:94:0d:
                    6c:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:98:15:45:5E:5C:55:A3:B4:FB:98:5F:AB:28:1D:CD:CA:61:DD:ED
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/593de0b1-b07b-4d5a-8e80-eec3224dc436.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  114.56.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:71:c8:79:06:80:6c:f9:90:e4:7c:c8:65:73:c0:72:b8:93:
         20:d2:58:c4:7b:2d:ae:bd:c2:57:19:8f:6f:a4:87:56:dd:b2:
         1e:4e:f0:21:6e:d4:a8:55:e5:e0:c7:12:62:c7:04:1e:f7:7a:
         87:98:88:9a:77:13:63:e9:c4:d0:e7:53:29:58:a5:c9:59:8f:
         51:ac:c7:73:59:5c:e9:78:e2:d2:f7:f7:29:26:23:76:e8:d0:
         d9:70:42:0b:f2:67:22:0c:9e:a0:4a:1d:0c:0d:fc:b7:de:a6:
         8a:bb:32:3b:0d:37:e9:31:49:75:ec:0e:b4:d2:01:60:d1:5a:
         17:26:c1:27:30:dc:85:18:b5:a5:52:22:26:5d:fd:84:aa:90:
         51:22:76:5e:ba:2b:0b:83:e6:e8:19:57:76:44:30:31:05:c3:
         a0:b4:9b:71:de:0f:92:86:d3:68:12:a5:08:e0:a5:c1:b5:ae:
         07:31:1d:38:f1:95:36:98:72:e1:07:0c:ee:2f:bc:cf:64:cd:
         df:46:ce:eb:95:08:85:18:4c:1d:a0:cc:cf:48:ed:de:c9:40:
         7e:45:d9:66:2f:73:a8:ae:12:9a:f8:d5:6b:f4:70:dd:0f:36:
         b1:71:09:70:b9:ea:41:7b:cb:bc:9b:8e:d6:b4:0f:19:37:41:
         6f:a3:f0:65
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEs76j22Q0/tRdw7IlUFYnz06pP0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzI2MDAwMDM3WhcNMjUwODMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A0MjAxNzRhNTFlMjFiYjMwMmUwOWVlODZhMGFmNWRiOGY1
ZjdjNmJmZDQ2MTAwODk1NzdhYTdmNGQyZGIwMTQwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCKZwiqUXiLvC/eDa3q/qM31vnEA/zIwPpdI+qk1z6bezsx
FnjNUl1E7MmMM9GGXEvmyoAL0Jt9Km4+BApt1eCqTAs5x/uA9IF/BXNx6iFY4bqn
+qPZGxN0cXZF9JTIrbZrimIhAc3HQmdGh7LCUyhD0F/VK/Z9zflypui9yOXZ2s9d
xlt0ex1r6LzzAhgI869QRcVLigl5Cvn+FX6jjENSk2z0nR+xZkZwjcNRIt6Lss0r
pzrnFzTuOCn6PmKXjnoJxlI24YqAWpqwJqWAPdYzR8rEcrsYU9fpztAqCADrPdtT
/UqmTJrBPuKULaYMC3IDP5j6BuftV+SlsoSUDWyPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUcpgVRV5cVaO0+5hfqygdzcph3e0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU5M2RlMGIxLWIwN2ItNGQ1YS04ZTgwLWVlYzMyMjRkYzQzNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAByOIAwDQYJKoZIhvcNAQELBQADggEBAEBxyHkGgGz5kOR8yGVzwHK4kyDS
WMR7La69wlcZj2+kh1bdsh5O8CFu1KhV5eDHEmLHBB73eoeYiJp3E2PpxNDnUylY
pclZj1Gsx3NZXOl44tL39ykmI3bo0NlwQgvyZyIMnqBKHQwN/Lfepoq7MjsNN+kx
SXXsDrTSAWDRWhcmwScw3IUYtaVSIiZd/YSqkFEidl66KwuD5ugZV3ZEMDEFw6C0
m3HeD5KG02gSpQjgpcG1rgcxHTjxlTaYcuEHDO4vvM9kzd9GzuuVCIUYTB2gzM9I
7d7JQH5F2WYvc6iuEpr41Wv0cN0PNrFxCXC56kF7y7ybjta0Dxk3QW+j8GU=
-----END CERTIFICATE-----
Generated at Wed Aug 6 10:14:40 2025 by rpki-client