Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7277d16f-0113-4390-ac5d-53d14d2d13ee.roa
File:                     7277d16f-0113-4390-ac5d-53d14d2d13ee.roa (raw, json)
Hash identifier:          H/VeTRAJov5pJjbrDfb7cc3crzYhto8OIuJA5gUmM0w=
Subject key identifier:   B0:58:E1:65:22:61:31:1D:03:59:B1:03:E6:A9:75:B0:47:77:B3:B9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       FEC8F26D8A58BBD402307607A48AE935931CAC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7277d16f-0113-4390-ac5d-53d14d2d13ee.roa
Signing time:             Mon 04 Aug 2025 16:21:54 +0000
ROA not before:           Mon 04 Aug 2025 16:21:54 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        151.148.8.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            fe:c8:f2:6d:8a:58:bb:d4:02:30:76:07:a4:8a:e9:35:93:1c:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  4 16:21:54 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=0349cff6f5b984d1c181e3024b653421cfdf1a84065c36027351d6dedb450f4e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:93:31:96:f6:82:2a:86:a9:35:94:3c:2c:a5:
                    b3:bd:01:6b:0f:eb:02:18:01:75:cd:30:43:66:0e:
                    96:84:86:88:cb:0e:35:99:b5:63:08:91:bc:8a:6e:
                    94:74:80:7b:03:da:85:95:7a:5b:7f:bc:0e:dd:a0:
                    12:17:de:ae:cf:d0:6e:61:48:03:93:5d:c8:04:ba:
                    4f:8f:32:48:93:af:46:1a:19:be:7b:7b:98:e3:53:
                    b2:8f:b4:e7:6c:45:fa:9b:68:96:38:ad:45:6a:f0:
                    ae:9d:94:f5:83:78:0e:65:a2:8b:37:dd:cf:bc:c4:
                    a8:d9:4f:bf:50:04:3a:75:28:d7:6b:29:77:49:73:
                    64:09:3f:5b:b9:3c:88:4e:99:38:23:c4:63:86:3e:
                    fa:bf:74:49:ed:cf:c4:a3:d6:78:39:0d:3d:a7:97:
                    6e:3e:33:02:ae:39:78:2f:c9:a5:5f:30:15:47:bb:
                    65:9d:03:66:31:4e:bb:05:58:61:fc:55:b2:eb:a6:
                    5c:70:25:db:81:a8:bb:0d:43:6f:fb:34:46:aa:33:
                    43:10:08:c1:fb:bb:0f:73:3a:bc:68:9c:8d:53:6e:
                    5f:eb:f4:a9:20:fc:65:d0:4d:f7:05:8b:de:4a:8a:
                    6e:e3:85:c9:ff:8c:cc:54:1c:0a:98:be:88:7d:54:
                    e1:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:58:E1:65:22:61:31:1D:03:59:B1:03:E6:A9:75:B0:47:77:B3:B9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7277d16f-0113-4390-ac5d-53d14d2d13ee.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  151.148.8.0/21

    Signature Algorithm: sha256WithRSAEncryption
         99:02:f5:5c:86:72:33:dd:77:80:3c:74:0b:b8:90:9c:b0:ac:
         c1:f2:86:a8:22:1d:29:43:8f:a5:79:5e:59:a9:84:54:ad:75:
         3c:92:89:59:ff:06:38:ee:3d:0a:ff:54:3f:f1:4b:7a:df:c0:
         1f:45:a8:28:3c:e0:f3:d6:18:be:7e:c4:01:53:72:46:88:60:
         fa:d2:27:73:1e:53:ca:a2:3d:79:df:b6:a1:74:41:a6:09:8a:
         0e:da:9f:ab:84:08:52:a3:e1:46:9a:43:96:ba:1c:b5:21:84:
         c7:d2:3f:78:53:9d:62:80:18:61:14:4d:bc:b3:1d:d4:ca:05:
         0c:9b:e3:51:5a:ef:68:ba:1d:bc:0b:04:3d:23:67:03:c4:9d:
         0a:9b:66:2a:ce:fa:67:18:ec:6d:d7:4a:54:05:48:9d:6f:b8:
         ae:23:e7:06:4a:24:f0:45:f8:1c:da:ff:80:ad:8d:c1:c0:fa:
         a4:71:fe:f9:44:c6:50:6a:d8:9f:bf:69:c4:c9:15:04:68:f4:
         4f:d4:05:2d:30:de:37:52:86:be:ff:f7:c4:24:9a:b8:c7:fe:
         f4:4f:6a:f7:b0:cd:aa:2d:85:6a:6b:6c:f8:b9:61:d5:05:9e:
         f1:fc:80:c9:ec:23:50:b6:f3:67:4d:7d:74:91:a1:b6:4c:0d:
         5e:7f:81:9e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAP7I8m2KWLvUAjB2B6SK6TWTHKwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA0MTYyMTU0WhcNMjUwOTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMzQ5Y2ZmNmY1Yjk4NGQxYzE4MWUzMDI0YjY1MzQyMWNm
ZGYxYTg0MDY1YzM2MDI3MzUxZDZkZWRiNDUwZjRlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9kzGW9oIqhqk1lDwspbO9AWsP6wIYAXXNMENmDpaEhojL
DjWZtWMIkbyKbpR0gHsD2oWVelt/vA7doBIX3q7P0G5hSAOTXcgEuk+PMkiTr0Ya
Gb57e5jjU7KPtOdsRfqbaJY4rUVq8K6dlPWDeA5loos33c+8xKjZT79QBDp1KNdr
KXdJc2QJP1u5PIhOmTgjxGOGPvq/dEntz8Sj1ng5DT2nl24+MwKuOXgvyaVfMBVH
u2WdA2YxTrsFWGH8VbLrplxwJduBqLsNQ2/7NEaqM0MQCMH7uw9zOrxonI1Tbl/r
9Kkg/GXQTfcFi95Kim7jhcn/jMxUHAqYvoh9VOFTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUsFjhZSJhMR0DWbED5ql1sEd3s7kwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzcyNzdkMTZmLTAxMTMtNDM5MC1hYzVkLTUzZDE0ZDJkMTNlZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAOXlAgwDQYJKoZIhvcNAQELBQADggEBAJkC9VyGcjPdd4A8dAu4kJywrMHy
hqgiHSlDj6V5XlmphFStdTySiVn/BjjuPQr/VD/xS3rfwB9FqCg84PPWGL5+xAFT
ckaIYPrSJ3MeU8qiPXnftqF0QaYJig7an6uECFKj4UaaQ5a6HLUhhMfSP3hTnWKA
GGEUTbyzHdTKBQyb41Fa72i6HbwLBD0jZwPEnQqbZirO+mcY7G3XSlQFSJ1vuK4j
5wZKJPBF+Bza/4CtjcHA+qRx/vlExlBq2J+/acTJFQRo9E/UBS0w3jdShr7/98Qk
mrjH/vRPavewzaothWprbPi5YdUFnvH8gMnsI1C282dNfXSRobZMDV5/gZ4=
-----END CERTIFICATE-----
Generated at Tue Aug 5 17:27:49 2025 by rpki-client