Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6d915e11-1ecf-426d-a2ad-f4d722628680.roa
File:                     6d915e11-1ecf-426d-a2ad-f4d722628680.roa (raw, json)
Hash identifier:          qFh6TpMiOWu61dGbtYCkPHZJ3JW4UEcV2TLHGQbMFNA=
Subject key identifier:   93:46:B1:8B:54:2E:07:08:B5:32:26:0F:6D:28:9F:91:1D:2B:4B:88
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1BC705886A0EAC9988FB6CEF111BE3858E7EBB62
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6d915e11-1ecf-426d-a2ad-f4d722628680.roa
Signing time:             Fri 01 Aug 2025 15:00:13 +0000
ROA not before:           Fri 01 Aug 2025 15:00:13 +0000
ROA not after:            Fri 05 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.192.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 08 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:c7:05:88:6a:0e:ac:99:88:fb:6c:ef:11:1b:e3:85:8e:7e:bb:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  1 15:00:13 2025 GMT
            Not After : Sep  5 23:59:59 2025 GMT
        Subject: serialNumber=90cbd6868bf0fd78deb26a1b2412e1a38e508fbec98fade327578908c986f21b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:74:03:6e:ec:97:5a:d6:61:fe:c3:89:e1:ac:
                    05:29:bf:b7:ea:e7:c6:4a:f6:4f:91:29:86:17:6f:
                    f0:ea:cb:89:76:f6:1c:7b:c6:0b:69:98:1d:6e:78:
                    22:c0:4e:26:cb:6d:90:80:5d:73:12:af:b9:4f:fd:
                    84:9d:3e:8d:f0:ea:cb:26:d5:11:b0:35:ca:62:22:
                    c3:ad:d1:96:0b:1e:61:2a:fb:9c:e5:0b:0d:23:f5:
                    29:c5:22:80:68:23:c6:13:b9:0c:90:ef:5a:ac:24:
                    49:f5:52:ab:7e:5c:7a:da:35:46:95:ad:b8:d2:7b:
                    8d:23:c0:fa:78:b1:c5:30:00:41:a0:76:9d:be:d3:
                    55:8f:2d:b8:20:35:03:88:fd:a2:bb:c1:b3:94:57:
                    71:0f:ad:27:71:a7:fe:da:c6:1f:55:de:29:9e:ee:
                    c1:db:0d:06:e5:9e:ca:35:6d:92:9b:a4:e7:c4:95:
                    cd:94:5b:63:7b:fd:48:d6:b6:c2:10:10:fe:f8:16:
                    6f:05:fe:72:4e:ec:a8:de:ec:73:29:27:7e:2c:b5:
                    b0:fc:79:b1:ab:24:3c:74:a2:a5:a7:13:c4:5c:ca:
                    c4:d3:f5:df:65:9e:49:f6:33:4b:b6:e0:5f:9a:a4:
                    3b:df:05:ef:36:34:6a:9c:55:24:b3:91:88:c1:79:
                    43:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:46:B1:8B:54:2E:07:08:B5:32:26:0F:6D:28:9F:91:1D:2B:4B:88
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6d915e11-1ecf-426d-a2ad-f4d722628680.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.192.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         5b:04:38:6d:45:27:a9:db:69:8f:89:19:76:5d:7f:d7:7a:6b:
         7c:41:22:b2:d4:be:61:78:66:74:c4:0b:c1:3f:5e:5d:09:f5:
         2f:14:72:68:d3:86:03:f7:00:df:26:85:e0:d2:c5:e8:c5:46:
         7a:2a:e7:ec:f5:9a:41:a6:75:3b:d3:82:b2:cf:10:7b:27:c9:
         92:0c:79:d9:87:c0:4a:2a:4a:08:57:98:8f:8a:32:0b:b7:21:
         f9:75:7e:eb:01:43:69:ed:b0:8d:4e:5e:c4:27:09:8b:df:59:
         1a:dd:8e:c2:42:97:0e:7b:57:79:e0:9b:30:35:c2:93:f9:ff:
         f5:84:67:57:2d:b3:2e:93:4d:cd:a3:55:d8:43:e8:20:9a:a4:
         38:74:39:10:7a:5d:a2:dd:ad:e9:ff:73:e9:7a:8b:f5:6a:a1:
         2f:aa:e7:8c:bb:06:b2:17:df:df:e3:a1:b9:d6:e2:83:df:9f:
         2c:7c:38:85:30:0b:89:98:db:ef:01:36:25:20:4b:f6:cb:8a:
         01:d2:79:2a:fd:6a:ec:af:ec:cb:06:90:85:96:58:a6:1a:df:
         a1:5b:c5:ca:0c:42:77:77:f1:5e:56:33:c3:0f:7b:d0:dc:ba:
         02:18:c4:7d:46:98:c1:47:ff:92:55:16:86:a8:57:b3:dc:93:
         84:94:00:32
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUG8cFiGoOrJmI+2zvERvjhY5+u2IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODAxMTUwMDEzWhcNMjUwOTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5MGNiZDY4NjhiZjBmZDc4ZGViMjZhMWIyNDEyZTFhMzhl
NTA4ZmJlYzk4ZmFkZTMyNzU3ODkwOGM5ODZmMjFiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDcdANu7Jda1mH+w4nhrAUpv7fq58ZK9k+RKYYXb/Dqy4l2
9hx7xgtpmB1ueCLATibLbZCAXXMSr7lP/YSdPo3w6ssm1RGwNcpiIsOt0ZYLHmEq
+5zlCw0j9SnFIoBoI8YTuQyQ71qsJEn1Uqt+XHraNUaVrbjSe40jwPp4scUwAEGg
dp2+01WPLbggNQOI/aK7wbOUV3EPrSdxp/7axh9V3ime7sHbDQblnso1bZKbpOfE
lc2UW2N7/UjWtsIQEP74Fm8F/nJO7Kje7HMpJ34stbD8ebGrJDx0oqWnE8RcysTT
9d9lnkn2M0u24F+apDvfBe82NGqcVSSzkYjBeUPvAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUk0axi1QuBwi1MiYPbSifkR0rS4gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZkOTE1ZTExLTFlY2YtNDI2ZC1hMmFkLWY0ZDcyMjYyODY4MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwANwDANBgkqhkiG9w0BAQsFAAOCAQEAWwQ4bUUnqdtpj4kZdl1/13prfEEi
stS+YXhmdMQLwT9eXQn1LxRyaNOGA/cA3yaF4NLF6MVGeirn7PWaQaZ1O9OCss8Q
eyfJkgx52YfASipKCFeYj4oyC7ch+XV+6wFDae2wjU5exCcJi99ZGt2OwkKXDntX
eeCbMDXCk/n/9YRnVy2zLpNNzaNV2EPoIJqkOHQ5EHpdot2t6f9z6XqL9WqhL6rn
jLsGshff3+Ohudbig9+fLHw4hTALiZjb7wE2JSBL9suKAdJ5Kv1q7K/sywaQhZZY
phrfoVvFygxCd3fxXlYzww970Ny6AhjEfUaYwUf/klUWhqhXs9yThJQAMg==
-----END CERTIFICATE-----
Generated at Thu Aug 7 04:28:18 2025 by rpki-client