Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6558a003-59a6-43fd-8846-6caecf9288bc.roa
File:                     6558a003-59a6-43fd-8846-6caecf9288bc.roa (raw, json)
Hash identifier:          e8K8DUqDO9DuIiZHgpveHiMC5qbx5p4jcEgV24G3uPk=
Subject key identifier:   83:90:DD:80:FD:7A:CC:0C:EF:95:5C:91:28:C5:AB:8D:D3:B4:70:51
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2E9F3AE9CE1ED99CC218384D52E7F4BE059D0683
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6558a003-59a6-43fd-8846-6caecf9288bc.roa
Signing time:             Fri 01 Aug 2025 15:10:18 +0000
ROA not before:           Fri 01 Aug 2025 15:10:18 +0000
ROA not after:            Fri 05 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        159.137.128.0/17 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 11 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:9f:3a:e9:ce:1e:d9:9c:c2:18:38:4d:52:e7:f4:be:05:9d:06:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  1 15:10:18 2025 GMT
            Not After : Sep  5 23:59:59 2025 GMT
        Subject: serialNumber=98386bd0e432f4442eb6a0cd17c3b3b2e72b58a512b6bf91964d77d1878ba54d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:b0:aa:aa:95:8e:a4:6a:28:bb:6d:f1:a2:ef:
                    e5:c8:7f:7a:f2:8f:35:50:02:08:eb:51:1f:f3:2f:
                    71:ae:e2:2a:4a:71:e2:ed:f4:b6:c0:80:79:a4:55:
                    1e:e6:a2:4b:8e:90:e0:cd:20:a5:0c:ed:ba:0d:bd:
                    07:df:e4:83:9f:ab:ee:d5:b2:41:34:67:6d:b2:67:
                    80:80:49:30:91:b4:2b:8b:7d:c1:62:fc:28:85:59:
                    d6:51:f2:cc:04:55:c8:e0:b8:98:a4:b7:2c:72:e8:
                    de:db:96:cd:1c:90:3e:19:0f:f5:ec:77:e3:84:5f:
                    2c:e1:3f:a3:1e:c3:e0:b0:3a:7a:4d:a7:68:d2:df:
                    5f:6d:73:96:7a:ed:f9:f8:87:71:6f:09:aa:26:6d:
                    0d:ec:7d:20:59:6d:fc:9d:36:31:b2:cd:d7:f3:39:
                    d0:26:3d:4d:5d:46:9a:c9:a1:64:d0:a3:c8:b4:e5:
                    9a:a9:4a:11:5e:e0:19:d1:ce:f2:0a:4d:41:c2:5d:
                    91:c7:f4:c6:f2:36:ba:88:7e:da:12:7a:a0:64:28:
                    75:69:32:ec:df:29:03:b3:ea:97:67:42:57:4a:53:
                    02:80:4c:1c:77:03:53:e7:87:14:40:f3:3f:bc:55:
                    8c:fa:4f:f8:9d:19:9a:24:b8:04:92:43:26:4f:b7:
                    8e:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:90:DD:80:FD:7A:CC:0C:EF:95:5C:91:28:C5:AB:8D:D3:B4:70:51
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6558a003-59a6-43fd-8846-6caecf9288bc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  159.137.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         bd:c2:0c:ef:e5:bf:c5:25:af:a4:8c:68:77:5e:94:cf:7a:9f:
         06:9b:58:ea:2a:8d:b0:35:10:88:04:23:01:bd:23:f6:0b:95:
         99:46:d0:f4:01:22:91:28:ab:ac:be:d9:96:07:da:07:25:32:
         0c:4f:bc:06:e2:92:2d:2e:d7:26:a5:79:dc:30:f2:be:d5:9e:
         fd:97:d2:ac:65:ef:22:c3:38:d7:bd:31:d6:d6:52:cd:e3:3f:
         af:a0:04:b6:19:35:47:f3:6d:15:42:e3:3f:da:81:3c:2a:a1:
         14:9b:cb:54:32:e3:e5:01:b2:9c:6f:22:90:1e:15:ea:27:ff:
         7a:fd:7e:e6:21:a6:4f:76:7e:30:52:00:a6:36:50:c8:25:c8:
         3c:24:8a:e4:42:03:7e:a4:b6:cd:59:4b:01:02:97:91:5f:dd:
         59:ac:85:d7:2d:96:7e:06:d0:3f:17:6e:78:d4:ef:03:99:b7:
         5a:62:5a:de:05:c3:29:34:1c:72:17:ba:48:b3:ef:e0:1a:2a:
         c3:46:d6:cf:ed:26:5e:eb:88:f6:94:85:4a:97:7e:9f:39:10:
         ef:8e:ab:23:8c:25:72:3a:7e:90:ae:42:60:64:00:ae:21:8a:
         7c:01:61:e5:94:15:0c:9a:c6:b4:dd:61:c6:c8:6c:f5:a8:3f:
         bc:d4:22:b0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULp866c4e2ZzCGDhNUuf0vgWdBoMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODAxMTUxMDE4WhcNMjUwOTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ODM4NmJkMGU0MzJmNDQ0MmViNmEwY2QxN2MzYjNiMmU3
MmI1OGE1MTJiNmJmOTE5NjRkNzdkMTg3OGJhNTRkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCQsKqqlY6kaii7bfGi7+XIf3ryjzVQAgjrUR/zL3Gu4ipK
ceLt9LbAgHmkVR7mokuOkODNIKUM7boNvQff5IOfq+7VskE0Z22yZ4CASTCRtCuL
fcFi/CiFWdZR8swEVcjguJiktyxy6N7bls0ckD4ZD/Xsd+OEXyzhP6Mew+CwOnpN
p2jS319tc5Z67fn4h3FvCaombQ3sfSBZbfydNjGyzdfzOdAmPU1dRprJoWTQo8i0
5ZqpShFe4BnRzvIKTUHCXZHH9MbyNrqIftoSeqBkKHVpMuzfKQOz6pdnQldKUwKA
TBx3A1PnhxRA8z+8VYz6T/idGZokuASSQyZPt47rAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUg5DdgP16zAzvlVyRKMWrjdO0cFEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY1NThhMDAzLTU5YTYtNDNmZC04ODQ2LTZjYWVjZjkyODhiYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAefiYAwDQYJKoZIhvcNAQELBQADggEBAL3CDO/lv8Ulr6SMaHdelM96nwab
WOoqjbA1EIgEIwG9I/YLlZlG0PQBIpEoq6y+2ZYH2gclMgxPvAbiki0u1yaledww
8r7Vnv2X0qxl7yLDONe9MdbWUs3jP6+gBLYZNUfzbRVC4z/agTwqoRSby1Qy4+UB
spxvIpAeFeon/3r9fuYhpk92fjBSAKY2UMglyDwkiuRCA36kts1ZSwECl5Ff3Vms
hdctln4G0D8XbnjU7wOZt1piWt4Fwyk0HHIXukiz7+AaKsNG1s/tJl7riPaUhUqX
fp85EO+OqyOMJXI6fpCuQmBkAK4hinwBYeWUFQyaxrTdYcbIbPWoP7zUIrA=
-----END CERTIFICATE-----
Generated at Sat Aug 9 23:10:12 2025 by rpki-client