Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6f9e4c99-1745-41a5-a36b-cdd7f466d60a.roa
File:                     6f9e4c99-1745-41a5-a36b-cdd7f466d60a.roa (raw, json)
Hash identifier:          qPP/KIIhOg9bHjGh7/kdbljmPTgLegJbZS5Wx23irS8=
Subject key identifier:   3F:F6:9F:3A:65:FF:15:63:12:13:0F:F1:6D:92:85:57:89:7C:07:60
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       522F80701AA25923238594349AF8A15F2690EA21
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6f9e4c99-1745-41a5-a36b-cdd7f466d60a.roa
Signing time:             Tue 05 Aug 2025 00:01:20 +0000
ROA not before:           Tue 05 Aug 2025 00:01:20 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        136.8.0.0/15 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:2f:80:70:1a:a2:59:23:23:85:94:34:9a:f8:a1:5f:26:90:ea:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  5 00:01:20 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=8e6c6eb61707cfc9af0269771f17425496775f2a3e971f25635f9d0980f46daa, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:65:66:e0:51:1a:61:04:b2:0a:23:e7:53:be:
                    fb:36:a0:c1:8b:a9:d2:b4:40:29:82:33:00:ae:7e:
                    ad:8d:54:18:1a:d1:9c:08:ef:53:e8:cf:95:9c:e2:
                    17:f0:90:88:96:1f:ad:ed:3d:54:ef:7b:40:76:53:
                    dc:c3:bf:a2:71:4d:9e:c3:9e:4a:fc:07:c1:18:ef:
                    9e:aa:d1:84:73:43:86:2e:c4:d9:f3:35:07:1e:8e:
                    5f:40:75:7c:38:01:2b:91:aa:dc:9d:b3:e3:90:d8:
                    fd:c4:85:98:02:b4:8a:e7:e9:8c:b8:98:16:4e:61:
                    8a:f0:2e:ec:37:0a:c1:34:c6:06:cd:94:33:4b:10:
                    93:df:ca:33:21:af:de:93:86:20:71:db:e8:07:f1:
                    51:4d:27:a5:da:1c:17:bd:f3:04:67:7b:d5:17:4c:
                    41:70:13:6d:2d:0c:e2:de:2f:46:b1:bd:f9:96:9f:
                    4d:0e:7f:21:73:68:18:0d:11:3f:8b:02:28:01:0f:
                    f2:f9:43:fe:65:dd:66:f7:73:4b:81:e0:09:f6:b4:
                    ca:6c:95:48:0f:df:2d:6e:c3:87:a1:97:e0:d1:2b:
                    54:6d:ae:b6:35:22:72:f6:45:89:81:be:a8:d8:12:
                    c3:2d:a6:bd:69:83:d4:8a:b1:ee:a4:7e:56:ba:62:
                    09:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:F6:9F:3A:65:FF:15:63:12:13:0F:F1:6D:92:85:57:89:7C:07:60
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6f9e4c99-1745-41a5-a36b-cdd7f466d60a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.8.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         13:1b:0c:f0:66:ff:34:00:41:bd:ed:77:04:aa:1e:ca:8e:20:
         2c:99:10:e0:74:69:92:38:42:c3:5f:9c:7b:4f:f0:77:e1:61:
         5e:20:60:bc:07:74:a0:36:28:0f:57:1e:43:c1:b4:9a:ca:ae:
         54:74:71:7a:2f:86:c0:a7:95:6a:5e:09:0b:76:79:40:d0:b5:
         41:77:0b:bf:dc:b5:4f:f6:8b:1c:f1:ef:85:97:8f:fe:24:c2:
         78:37:63:16:17:1e:3a:3e:58:ff:00:ce:66:06:ef:af:3d:f1:
         6f:9e:56:60:e4:75:26:24:bc:32:c5:20:9e:f6:81:e7:c5:86:
         21:85:6d:35:b0:6b:6d:15:07:4d:28:01:fd:d7:15:24:cb:c7:
         82:ae:f5:c5:a5:99:b2:6a:45:91:f7:48:fa:8a:57:31:d5:23:
         ef:45:f8:37:1d:82:e4:f9:67:97:ee:4d:c1:cc:47:47:94:cc:
         18:27:30:14:a7:12:18:a3:07:94:93:0f:00:1f:ad:bd:d7:93:
         6f:8f:3b:fe:bb:19:ef:0c:f4:36:b6:de:76:16:7b:69:5c:a0:
         e7:66:d5:67:86:80:71:55:9a:51:e2:11:7a:5d:f3:c4:e2:aa:
         dd:07:b2:f6:2b:d8:63:ad:f8:9a:b6:ec:27:f0:60:96:01:34:
         c7:cc:8e:c9
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUUi+AcBqiWSMjhZQ0mvihXyaQ6iEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA1MDAwMTIwWhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZTZjNmViNjE3MDdjZmM5YWYwMjY5NzcxZjE3NDI1NDk2
Nzc1ZjJhM2U5NzFmMjU2MzVmOWQwOTgwZjQ2ZGFhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWZWbgURphBLIKI+dTvvs2oMGLqdK0QCmCMwCufq2NVBga
0ZwI71Poz5Wc4hfwkIiWH63tPVTve0B2U9zDv6JxTZ7Dnkr8B8EY756q0YRzQ4Yu
xNnzNQcejl9AdXw4ASuRqtyds+OQ2P3EhZgCtIrn6Yy4mBZOYYrwLuw3CsE0xgbN
lDNLEJPfyjMhr96ThiBx2+gH8VFNJ6XaHBe98wRne9UXTEFwE20tDOLeL0axvfmW
n00OfyFzaBgNET+LAigBD/L5Q/5l3Wb3c0uB4An2tMpslUgP3y1uw4ehl+DRK1Rt
rrY1InL2RYmBvqjYEsMtpr1pg9SKse6kfla6YglRAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUP/afOmX/FWMSEw/xbZKFV4l8B2AwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZmOWU0Yzk5LTE3NDUtNDFhNS1hMzZiLWNkZDdmNDY2ZDYwYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwGICDANBgkqhkiG9w0BAQsFAAOCAQEAExsM8Gb/NABBve13BKoeyo4gLJkQ
4HRpkjhCw1+ce0/wd+FhXiBgvAd0oDYoD1ceQ8G0msquVHRxei+GwKeVal4JC3Z5
QNC1QXcLv9y1T/aLHPHvhZeP/iTCeDdjFhceOj5Y/wDOZgbvrz3xb55WYOR1JiS8
MsUgnvaB58WGIYVtNbBrbRUHTSgB/dcVJMvHgq71xaWZsmpFkfdI+opXMdUj70X4
Nx2C5Plnl+5NwcxHR5TMGCcwFKcSGKMHlJMPAB+tvdeTb487/rsZ7wz0NrbedhZ7
aVyg52bVZ4aAcVWaUeIRel3zxOKq3Qey9ivYY634mrbsJ/BglgE0x8yOyQ==
-----END CERTIFICATE-----
Generated at Tue Aug 5 16:42:48 2025 by rpki-client