Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6dee5376-32e7-4adf-a1a0-57aedac04f93.roa
File:                     6dee5376-32e7-4adf-a1a0-57aedac04f93.roa (raw, json)
Hash identifier:          9NgK7GxGOid7Qr/L//VszKm391yMx81jgdq9TcxQYOw=
Subject key identifier:   7E:FA:5C:67:DE:1A:87:D3:07:AC:C6:F4:C0:4D:EF:C2:FC:74:56:DB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2BE41A1D3B5BB278C59BB3926AC9EEC180B556EC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6dee5376-32e7-4adf-a1a0-57aedac04f93.roa
Signing time:             Fri 01 Aug 2025 15:21:47 +0000
ROA not before:           Fri 01 Aug 2025 15:21:47 +0000
ROA not after:            Fri 05 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        216.252.144.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:e4:1a:1d:3b:5b:b2:78:c5:9b:b3:92:6a:c9:ee:c1:80:b5:56:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  1 15:21:47 2025 GMT
            Not After : Sep  5 23:59:59 2025 GMT
        Subject: serialNumber=902ccdd0f39708bce9e44777328ac847ab91481ec30ced5a15ee785a9767129c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:1f:9f:89:fe:69:ae:08:fa:dd:b3:25:ec:5e:
                    03:be:5b:f5:d9:38:90:3d:7b:b1:67:53:46:fd:29:
                    5f:2c:42:3e:02:65:51:27:1e:ef:91:5f:e6:28:ef:
                    64:60:ac:e4:23:86:87:95:47:eb:d0:02:ba:34:af:
                    4c:cb:d8:cd:5a:a2:ac:7c:4e:35:96:5e:67:28:ec:
                    ea:3e:a9:62:b5:98:e6:a1:7d:4b:a0:d6:47:bc:b3:
                    d2:37:d0:1b:84:ad:f9:2e:3e:4e:c0:f2:b0:13:82:
                    fb:8d:a9:9c:6d:aa:93:8e:c7:90:6e:2b:8d:78:25:
                    cf:d1:1c:54:25:bc:8c:a4:7c:2c:16:a6:f8:07:cb:
                    b9:b1:13:32:1f:83:31:0a:1b:f4:99:7d:12:06:cb:
                    91:f4:b6:fb:cb:64:ef:36:42:13:89:32:81:97:aa:
                    45:c7:ae:60:86:25:0a:14:83:10:e0:8b:7f:c6:d3:
                    9e:bc:f2:92:d6:87:d5:1b:77:fd:27:53:03:5a:57:
                    2c:37:e9:cf:f6:26:1c:3a:11:c9:2b:0b:c9:3b:9a:
                    e2:af:5c:6c:49:6e:f0:09:82:b1:26:1b:f7:16:85:
                    35:14:e6:4e:6e:4c:40:18:8c:13:e2:e7:c3:2d:86:
                    cd:25:d7:24:fb:11:9d:0c:e9:71:b5:1e:b8:f7:06:
                    c2:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:FA:5C:67:DE:1A:87:D3:07:AC:C6:F4:C0:4D:EF:C2:FC:74:56:DB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6dee5376-32e7-4adf-a1a0-57aedac04f93.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.252.144.0/21

    Signature Algorithm: sha256WithRSAEncryption
         a1:d2:ac:09:04:1a:8a:bf:84:55:e3:57:8c:c9:cd:56:9c:e2:
         09:7e:66:6f:91:ca:8a:9d:fb:36:8a:bb:10:55:b4:c0:1b:2e:
         47:85:af:5f:4d:77:46:3d:e8:56:36:d8:77:e3:01:24:0b:2d:
         9a:36:82:ac:52:5c:6e:ac:c8:a7:b0:23:96:7d:34:fc:0c:27:
         db:d2:f0:ea:47:8d:69:42:4f:80:07:36:de:4f:29:d7:a9:89:
         14:28:92:5b:7c:03:c2:a4:27:cd:5b:d6:1a:95:d4:00:ba:36:
         d6:2c:f7:bd:8e:86:4d:a2:6e:81:36:86:cb:af:31:b0:1d:1f:
         78:01:7b:91:0b:12:38:e1:49:bb:d7:78:60:70:a4:53:a9:60:
         87:3d:c1:66:27:09:e7:8f:ba:28:20:27:11:63:55:0b:d9:8c:
         fa:fe:8c:7a:05:95:2e:72:ab:14:ef:fa:0a:f3:de:20:ed:5e:
         3b:2b:32:d9:77:1d:a9:cd:3b:ad:d4:c2:68:87:60:02:de:ca:
         cb:86:e2:70:88:45:80:c1:3e:00:18:29:35:21:52:d6:40:bf:
         ff:8a:33:4a:ce:b1:c2:7a:1a:e7:44:1f:45:70:78:97:ec:23:
         bb:1a:d8:ff:f4:10:10:55:d6:7c:99:05:c5:07:ea:2c:d5:48:
         af:2e:5c:a4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUK+QaHTtbsnjFm7OSasnuwYC1VuwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODAxMTUyMTQ3WhcNMjUwOTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5MDJjY2RkMGYzOTcwOGJjZTllNDQ3NzczMjhhYzg0N2Fi
OTE0ODFlYzMwY2VkNWExNWVlNzg1YTk3NjcxMjljMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4H5+J/mmuCPrdsyXsXgO+W/XZOJA9e7FnU0b9KV8sQj4C
ZVEnHu+RX+Yo72RgrOQjhoeVR+vQAro0r0zL2M1aoqx8TjWWXmco7Oo+qWK1mOah
fUug1ke8s9I30BuErfkuPk7A8rATgvuNqZxtqpOOx5BuK414Jc/RHFQlvIykfCwW
pvgHy7mxEzIfgzEKG/SZfRIGy5H0tvvLZO82QhOJMoGXqkXHrmCGJQoUgxDgi3/G
05688pLWh9Ubd/0nUwNaVyw36c/2Jhw6EckrC8k7muKvXGxJbvAJgrEmG/cWhTUU
5k5uTEAYjBPi58Mths0l1yT7EZ0M6XG1Hrj3BsJpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfvpcZ94ah9MHrMb0wE3vwvx0VtswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZkZWU1Mzc2LTMyZTctNGFkZi1hMWEwLTU3YWVkYWMwNGY5My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAPY/JAwDQYJKoZIhvcNAQELBQADggEBAKHSrAkEGoq/hFXjV4zJzVac4gl+
Zm+Ryoqd+zaKuxBVtMAbLkeFr19Nd0Y96FY22HfjASQLLZo2gqxSXG6syKewI5Z9
NPwMJ9vS8OpHjWlCT4AHNt5PKdepiRQoklt8A8KkJ81b1hqV1AC6NtYs972Ohk2i
boE2hsuvMbAdH3gBe5ELEjjhSbvXeGBwpFOpYIc9wWYnCeePuiggJxFjVQvZjPr+
jHoFlS5yqxTv+grz3iDtXjsrMtl3HanNO63UwmiHYALeysuG4nCIRYDBPgAYKTUh
UtZAv/+KM0rOscJ6GudEH0VweJfsI7sa2P/0EBBV1nyZBcUH6izVSK8uXKQ=
-----END CERTIFICATE-----
Generated at Tue Aug 5 17:27:50 2025 by rpki-client