Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/68c69534-e366-48e6-b04a-56bd3a94dba6.roa
File:                     68c69534-e366-48e6-b04a-56bd3a94dba6.roa (raw, json)
Hash identifier:          jOlARH75KfvLjUR48f/R2CP/vTqPNW1EM1G5hQijWgs=
Subject key identifier:   53:00:F9:2D:F7:18:3D:F2:DE:F5:9C:AC:57:82:C7:42:91:0D:A5:7E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7F9669914018843167EE1941AC15527179E6F1A1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/68c69534-e366-48e6-b04a-56bd3a94dba6.roa
Signing time:             Mon 04 Aug 2025 17:41:02 +0000
ROA not before:           Mon 04 Aug 2025 17:41:02 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.146.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:96:69:91:40:18:84:31:67:ee:19:41:ac:15:52:71:79:e6:f1:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  4 17:41:02 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=fc0a8268d87e424ba01c0a75c28b4ca3b664e8e6892a4f4a688c6faa5f5cf9c4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:e5:a2:84:a7:e4:f1:e8:55:b2:32:e3:ba:cb:
                    9b:94:52:53:69:b3:f7:23:d7:33:f6:89:f1:80:80:
                    c7:98:ff:cf:43:d4:0b:0f:33:5c:32:e0:7b:17:de:
                    04:cd:7a:b4:8e:6e:7e:ae:a8:b4:94:d7:17:35:65:
                    63:4c:7d:d3:95:e9:8c:9e:8e:84:d8:43:f9:ec:de:
                    72:de:ef:60:bd:6a:32:bd:ad:6f:5b:6c:3d:a9:09:
                    3b:e1:22:46:dc:0f:68:b7:0c:a5:2d:4c:53:c6:57:
                    1a:a9:66:f2:53:53:12:70:80:51:c5:4b:2b:85:03:
                    3b:fb:a9:6b:90:43:91:b1:56:cf:10:0b:5f:d5:64:
                    8c:85:1d:ae:7d:ce:f2:d4:50:48:cf:3d:0c:c4:50:
                    99:29:e4:6f:1d:6f:0f:81:57:be:b2:8a:58:00:e6:
                    07:9b:36:e9:03:b2:41:e0:76:61:8f:bf:98:2d:87:
                    43:12:cd:9c:7b:3b:67:75:97:fe:3a:ba:6d:42:08:
                    e4:81:9d:05:d3:ff:de:5a:60:e5:eb:f2:ce:46:87:
                    29:07:3f:84:79:41:ca:4f:d9:1e:40:22:97:4b:b7:
                    c7:ad:39:77:73:58:d7:33:de:b4:2f:d2:57:ee:4c:
                    96:10:17:2a:60:54:7b:ae:09:cd:f2:58:f5:58:77:
                    6e:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:00:F9:2D:F7:18:3D:F2:DE:F5:9C:AC:57:82:C7:42:91:0D:A5:7E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/68c69534-e366-48e6-b04a-56bd3a94dba6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.146.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         79:d5:63:91:9f:ec:75:58:f2:2c:2c:7d:34:7c:c2:b4:73:aa:
         ae:4c:2e:35:a6:72:90:de:ed:3b:a2:1f:06:1c:f3:44:88:fa:
         b4:2d:05:b0:c5:d6:20:fd:e5:fc:57:46:ad:74:0e:bc:5b:62:
         fb:09:c5:4c:79:db:2d:8c:68:b3:3e:b6:a4:7d:8b:71:d5:ef:
         99:4d:eb:93:0d:20:44:b2:e7:8f:ff:96:1f:a6:5b:05:4e:81:
         30:f4:0a:96:1e:0b:e8:b8:bf:62:44:58:15:2d:67:0b:ef:2b:
         84:bf:30:f8:f4:ae:62:54:57:d8:72:a7:2e:e4:01:38:27:ed:
         85:68:2f:b4:95:de:ec:ef:76:b9:ac:31:0d:ff:98:50:b6:fe:
         9f:ba:0a:c8:30:e9:1e:8e:83:28:fa:01:b0:46:c7:80:f4:86:
         3b:f7:03:30:e1:95:ce:25:02:67:85:1c:eb:14:5d:ec:86:89:
         13:e3:f9:58:63:66:db:52:07:59:73:70:a2:e8:13:e8:4a:54:
         68:0c:98:36:8f:ab:d9:d7:22:d9:12:d3:0a:f0:b8:49:ff:1d:
         4d:2f:76:52:5e:8e:22:2f:1f:7a:52:b6:98:ba:72:da:e1:00:
         fa:03:60:89:3c:8c:7c:7e:e6:bf:1e:06:91:f1:ba:a5:21:0f:
         eb:4a:61:6e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUf5ZpkUAYhDFn7hlBrBVScXnm8aEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA0MTc0MTAyWhcNMjUwOTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BmYzBhODI2OGQ4N2U0MjRiYTAxYzBhNzVjMjhiNGNhM2I2
NjRlOGU2ODkyYTRmNGE2ODhjNmZhYTVmNWNmOWM0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDV5aKEp+Tx6FWyMuO6y5uUUlNps/cj1zP2ifGAgMeY/89D
1AsPM1wy4HsX3gTNerSObn6uqLSU1xc1ZWNMfdOV6YyejoTYQ/ns3nLe72C9ajK9
rW9bbD2pCTvhIkbcD2i3DKUtTFPGVxqpZvJTUxJwgFHFSyuFAzv7qWuQQ5GxVs8Q
C1/VZIyFHa59zvLUUEjPPQzEUJkp5G8dbw+BV76yilgA5gebNukDskHgdmGPv5gt
h0MSzZx7O2d1l/46um1CCOSBnQXT/95aYOXr8s5GhykHP4R5QcpP2R5AIpdLt8et
OXdzWNcz3rQv0lfuTJYQFypgVHuuCc3yWPVYd25rAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUUwD5LfcYPfLe9ZysV4LHQpENpX4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY4YzY5NTM0LWUzNjYtNDhlNi1iMDRhLTU2YmQzYTk0ZGJhNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4kjANBgkqhkiG9w0BAQsFAAOCAQEAedVjkZ/sdVjyLCx9NHzCtHOqrkwu
NaZykN7tO6IfBhzzRIj6tC0FsMXWIP3l/FdGrXQOvFti+wnFTHnbLYxosz62pH2L
cdXvmU3rkw0gRLLnj/+WH6ZbBU6BMPQKlh4L6Li/YkRYFS1nC+8rhL8w+PSuYlRX
2HKnLuQBOCfthWgvtJXe7O92uawxDf+YULb+n7oKyDDpHo6DKPoBsEbHgPSGO/cD
MOGVziUCZ4Uc6xRd7IaJE+P5WGNm21IHWXNwougT6EpUaAyYNo+r2dci2RLTCvC4
Sf8dTS92Ul6OIi8felK2mLpy2uEA+gNgiTyMfH7mvx4GkfG6pSEP60phbg==
-----END CERTIFICATE-----
Generated at Wed Aug 6 05:18:56 2025 by rpki-client