Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65b2ca30-4204-45d1-b5e7-a65a4f605125.roa
File:                     65b2ca30-4204-45d1-b5e7-a65a4f605125.roa (raw, json)
Hash identifier:          eS59kaq33SOyoqpsHykSF0bBg5/PN+kSysnkGFH+UgA=
Subject key identifier:   82:1C:E8:99:F2:BB:8D:27:AB:8D:E8:26:30:A2:43:CF:F8:2E:DA:FC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2A5DED57DFFAF3DBAD5C962A8D473E0C48422329
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65b2ca30-4204-45d1-b5e7-a65a4f605125.roa
Signing time:             Tue 22 Jul 2025 00:11:29 +0000
ROA not before:           Tue 22 Jul 2025 00:11:29 +0000
ROA not after:            Tue 26 Aug 2025 23:59:59 +0000
asID:                     22394
IP address blocks:        139.56.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:5d:ed:57:df:fa:f3:db:ad:5c:96:2a:8d:47:3e:0c:48:42:23:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 22 00:11:29 2025 GMT
            Not After : Aug 26 23:59:59 2025 GMT
        Subject: serialNumber=c84d8199d32865dd7393e65d2481901c10a48f7f195cbcf1f48f04abbd489290, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:8a:5a:17:05:02:b7:06:79:53:ad:c1:b3:79:
                    b5:aa:cd:04:9e:ee:92:c0:10:1d:85:56:42:f6:ab:
                    9f:39:4d:68:f3:82:ca:31:98:bb:35:41:33:01:5e:
                    25:49:03:ca:9f:71:18:0e:f6:ce:28:e7:d9:14:b4:
                    a6:15:f4:dc:12:6a:fb:15:8b:e2:38:a2:c0:2b:93:
                    5a:b1:21:58:22:0c:e4:55:12:37:5b:61:6f:45:0f:
                    91:0c:e3:25:50:c3:f7:4d:f7:9d:2e:a0:89:08:9b:
                    d3:b0:2a:f6:5f:19:4a:47:39:5f:dd:fb:17:49:8c:
                    3e:4f:94:50:39:1c:2f:21:2d:c3:4f:ef:f5:1a:7d:
                    f7:32:d6:14:e7:e0:60:23:51:1f:69:c1:9f:90:fd:
                    6d:3d:c3:47:ed:db:ae:d1:02:bb:98:31:05:ea:3b:
                    54:37:33:05:11:91:88:df:52:cc:b5:8c:65:50:15:
                    28:8a:11:c1:f2:80:6f:e0:9e:d2:0a:8c:21:97:c0:
                    05:7a:a5:d1:ff:9b:1d:94:fa:b8:3d:80:42:6f:1a:
                    4b:51:c2:c2:bc:93:f9:1f:c5:df:ef:7e:55:30:bd:
                    7a:92:c9:74:40:f1:10:16:e5:22:fa:ff:8a:4c:ef:
                    ce:eb:c9:a1:37:e0:e8:bc:12:13:8a:27:72:a7:cb:
                    d0:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:1C:E8:99:F2:BB:8D:27:AB:8D:E8:26:30:A2:43:CF:F8:2E:DA:FC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65b2ca30-4204-45d1-b5e7-a65a4f605125.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.56.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         07:41:8e:89:59:69:6c:4f:e0:ef:75:12:e1:1c:82:5f:b2:16:
         c4:3f:4c:d0:5c:57:89:44:a8:ec:f8:bb:17:37:4b:c9:ef:03:
         ae:eb:d8:42:92:3a:5d:14:74:3d:77:f5:b2:e7:27:b7:01:49:
         49:3a:09:8c:99:4c:b7:c8:27:b4:b1:6f:59:a9:7c:b9:98:30:
         b6:91:ec:54:17:25:73:de:6b:5d:b4:eb:c8:e8:b3:40:55:61:
         32:38:a5:8c:61:d0:0d:93:cd:04:22:71:8b:d6:75:71:fe:97:
         5f:54:ce:e1:1e:3a:66:86:1e:bb:9e:02:9b:3d:f7:46:a7:8b:
         c0:fe:53:f9:8e:0c:9f:1b:99:f3:9e:a9:6a:69:9a:3c:75:32:
         be:d7:93:db:90:e0:81:f0:13:23:e9:18:d7:eb:60:dc:ef:7c:
         1d:27:f0:ff:32:d1:c4:48:cf:c8:d6:8d:a0:ee:38:bd:8f:86:
         48:6e:28:a0:db:2e:75:bb:d8:50:4c:1f:d3:8d:ec:5e:7c:59:
         d0:8b:37:fb:67:0f:47:7f:bf:26:24:13:ba:2f:46:60:65:7d:
         32:e9:2c:2c:70:f0:7d:d7:39:7e:38:92:5e:d9:37:9c:80:32:
         f0:fd:fd:bf:6e:1a:0d:44:da:70:fc:32:3c:b9:80:e1:6f:18:
         8d:11:99:82
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUKl3tV9/689utXJYqjUc+DEhCIykwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIyMDAxMTI5WhcNMjUwODI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BjODRkODE5OWQzMjg2NWRkNzM5M2U2NWQyNDgxOTAxYzEw
YTQ4ZjdmMTk1Y2JjZjFmNDhmMDRhYmJkNDg5MjkwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCciloXBQK3BnlTrcGzebWqzQSe7pLAEB2FVkL2q585TWjz
gsoxmLs1QTMBXiVJA8qfcRgO9s4o59kUtKYV9NwSavsVi+I4osArk1qxIVgiDORV
EjdbYW9FD5EM4yVQw/dN950uoIkIm9OwKvZfGUpHOV/d+xdJjD5PlFA5HC8hLcNP
7/Uaffcy1hTn4GAjUR9pwZ+Q/W09w0ft267RAruYMQXqO1Q3MwURkYjfUsy1jGVQ
FSiKEcHygG/gntIKjCGXwAV6pdH/mx2U+rg9gEJvGktRwsK8k/kfxd/vflUwvXqS
yXRA8RAW5SL6/4pM787ryaE34Oi8EhOKJ3Kny9DnAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUghzomfK7jSerjegmMKJDz/gu2vwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY1YjJjYTMwLTQyMDQtNDVkMS1iNWU3LWE2NWE0ZjYwNTEyNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCLODANBgkqhkiG9w0BAQsFAAOCAQEAB0GOiVlpbE/g73US4RyCX7IWxD9M
0FxXiUSo7Pi7FzdLye8DruvYQpI6XRR0PXf1sucntwFJSToJjJlMt8gntLFvWal8
uZgwtpHsVBclc95rXbTryOizQFVhMjiljGHQDZPNBCJxi9Z1cf6XX1TO4R46ZoYe
u54Cmz33RqeLwP5T+Y4MnxuZ856pammaPHUyvteT25DggfATI+kY1+tg3O98HSfw
/zLRxEjPyNaNoO44vY+GSG4ooNsudbvYUEwf043sXnxZ0Is3+2cPR3+/JiQTui9G
YGV9MuksLHDwfdc5fjiSXtk3nIAy8P39v24aDUTacPwyPLmA4W8YjRGZgg==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:23:47 2025 by rpki-client