Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5e7587b9-c93b-416e-8a96-b14448cc1bc1.roa
File:                     5e7587b9-c93b-416e-8a96-b14448cc1bc1.roa (raw, json)
Hash identifier:          nSayC5TzTBJpgHp616WsALvDb/00YImR6k4r8xY/Iz8=
Subject key identifier:   A7:3F:8E:9D:50:8F:F9:B7:67:94:BE:C1:E8:B6:4F:5E:8D:AE:E9:BB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4ECA9540D90AE6AEDFD6C7C77CBBD41093AC0E90
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5e7587b9-c93b-416e-8a96-b14448cc1bc1.roa
Signing time:             Fri 18 Jul 2025 00:01:05 +0000
ROA not before:           Fri 18 Jul 2025 00:01:05 +0000
ROA not after:            Fri 22 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        162.213.232.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:ca:95:40:d9:0a:e6:ae:df:d6:c7:c7:7c:bb:d4:10:93:ac:0e:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 18 00:01:05 2025 GMT
            Not After : Aug 22 23:59:59 2025 GMT
        Subject: serialNumber=9a9cc10b24b3196999c90e8e51524495f73ebec22cd0cd005213fb008db65314, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:3f:bb:2d:65:26:9b:da:f9:2a:fb:8e:24:87:
                    a2:2f:20:9b:76:b1:59:44:59:48:5c:fe:da:2b:6e:
                    a3:15:31:63:c7:e4:2f:9f:90:48:a9:67:9c:df:61:
                    68:f1:f8:77:a4:23:a2:49:f2:85:f7:3c:da:85:90:
                    5e:a4:33:b0:7f:49:4b:22:91:94:0b:6b:15:b0:93:
                    d1:40:33:88:76:73:b0:20:c0:5f:08:c2:09:66:35:
                    fc:68:0b:ab:ea:12:dd:7a:68:44:65:07:aa:d5:1e:
                    e3:64:e7:79:64:cd:18:4a:c6:8d:68:45:c5:af:4e:
                    c6:4a:f6:be:7b:e1:4e:b1:42:06:8d:ae:c6:02:65:
                    27:c6:61:b7:12:09:1f:1a:4b:49:78:db:4e:bc:ae:
                    63:cc:e6:bd:fa:24:ee:77:ee:a2:3e:37:6b:0d:ed:
                    ac:5c:2e:46:51:0d:9c:54:52:84:43:28:8e:ed:be:
                    66:cc:40:29:39:07:40:96:be:33:d6:80:16:f1:3d:
                    74:69:36:ec:29:52:96:82:71:1d:55:2d:48:57:8b:
                    5f:27:1b:a7:db:eb:5f:ec:d8:de:db:d3:93:49:a2:
                    62:53:a4:76:cc:f4:7a:e3:9b:5a:a6:ab:af:12:14:
                    fa:71:12:a9:f0:9e:f2:8d:d0:fc:1a:30:d3:ff:2e:
                    28:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:3F:8E:9D:50:8F:F9:B7:67:94:BE:C1:E8:B6:4F:5E:8D:AE:E9:BB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5e7587b9-c93b-416e-8a96-b14448cc1bc1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  162.213.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:0c:c9:4f:43:f4:5e:e7:ea:a7:8f:61:91:25:48:69:9f:80:
         5c:db:31:2e:14:65:d7:f6:94:dc:8b:30:5c:b4:32:2e:7a:05:
         0e:b2:06:f7:b0:d3:5c:1c:62:c5:48:e2:dd:e5:ad:20:a9:c3:
         88:6d:7f:f9:4e:6d:fb:4c:f5:1f:cb:74:33:14:f0:56:15:f2:
         dc:04:df:77:4e:16:02:64:c1:68:45:57:89:46:6d:0f:7f:1e:
         b4:d4:5d:82:43:3a:38:29:1e:42:b9:d1:cf:ac:dc:11:a6:2b:
         cf:de:f4:84:c0:81:aa:c3:78:e3:c4:39:5b:c0:c8:92:51:b7:
         3f:6e:d5:12:0a:30:7f:3f:c8:ec:d6:df:f2:31:f4:28:03:0a:
         9e:64:12:c5:78:ad:6c:37:8a:be:63:cd:90:b3:40:b6:5c:26:
         67:b4:91:3b:08:5d:0a:fd:fa:12:be:a4:88:24:aa:50:37:b0:
         70:7f:c5:99:23:bc:6e:75:ab:4b:81:63:49:b8:69:97:f8:88:
         71:22:6c:5b:ad:5b:b8:43:a3:1e:4c:71:c0:5e:5a:b5:42:48:
         9b:94:cc:03:9f:a8:7f:13:42:02:a7:19:77:84:93:ed:92:02:
         b1:2f:40:54:c7:aa:82:fe:54:39:40:d0:e2:e9:f8:e9:e9:fc:
         66:f7:fb:85
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTsqVQNkK5q7f1sfHfLvUEJOsDpAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE4MDAwMTA1WhcNMjUwODIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5YTljYzEwYjI0YjMxOTY5OTljOTBlOGU1MTUyNDQ5NWY3
M2ViZWMyMmNkMGNkMDA1MjEzZmIwMDhkYjY1MzE0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4P7stZSab2vkq+44kh6IvIJt2sVlEWUhc/torbqMVMWPH
5C+fkEipZ5zfYWjx+HekI6JJ8oX3PNqFkF6kM7B/SUsikZQLaxWwk9FAM4h2c7Ag
wF8IwglmNfxoC6vqEt16aERlB6rVHuNk53lkzRhKxo1oRcWvTsZK9r574U6xQgaN
rsYCZSfGYbcSCR8aS0l42068rmPM5r36JO537qI+N2sN7axcLkZRDZxUUoRDKI7t
vmbMQCk5B0CWvjPWgBbxPXRpNuwpUpaCcR1VLUhXi18nG6fb61/s2N7b05NJomJT
pHbM9Hrjm1qmq68SFPpxEqnwnvKN0PwaMNP/LiglAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUpz+OnVCP+bdnlL7B6LZPXo2u6bswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVlNzU4N2I5LWM5M2ItNDE2ZS04YTk2LWIxNDQ0OGNjMWJjMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACi1egwDQYJKoZIhvcNAQELBQADggEBAJMMyU9D9F7n6qePYZElSGmfgFzb
MS4UZdf2lNyLMFy0Mi56BQ6yBvew01wcYsVI4t3lrSCpw4htf/lObftM9R/LdDMU
8FYV8twE33dOFgJkwWhFV4lGbQ9/HrTUXYJDOjgpHkK50c+s3BGmK8/e9ITAgarD
eOPEOVvAyJJRtz9u1RIKMH8/yOzW3/Ix9CgDCp5kEsV4rWw3ir5jzZCzQLZcJme0
kTsIXQr9+hK+pIgkqlA3sHB/xZkjvG51q0uBY0m4aZf4iHEibFutW7hDox5MccBe
WrVCSJuUzAOfqH8TQgKnGXeEk+2SArEvQFTHqoL+VDlA0OLp+Onp/Gb3+4U=
-----END CERTIFICATE-----
Generated at Wed Aug 6 14:13:15 2025 by rpki-client