Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/815dbd30-4974-4c77-9a27-6ac45a9fb646.roa
File:                     815dbd30-4974-4c77-9a27-6ac45a9fb646.roa (raw, json)
Hash identifier:          ontd46PfPL/3GkjEgqJatPyxeNEKJXyBt3+ClWFfp3o=
Subject key identifier:   55:52:74:C0:6C:E4:F5:0C:3C:A8:33:19:32:BD:40:69:AD:96:4A:DA
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2E080E3F26E53DD5A57C3B83B203F9CF2E1C40EE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/815dbd30-4974-4c77-9a27-6ac45a9fb646.roa
Signing time:             Fri 08 Aug 2025 00:01:57 +0000
ROA not before:           Fri 08 Aug 2025 00:01:57 +0000
ROA not after:            Fri 12 Sep 2025 23:59:59 +0000
asID:                     22394
IP address blocks:        162.208.122.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:08:0e:3f:26:e5:3d:d5:a5:7c:3b:83:b2:03:f9:cf:2e:1c:40:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  8 00:01:57 2025 GMT
            Not After : Sep 12 23:59:59 2025 GMT
        Subject: serialNumber=9d24a4cd5a9dd2f2024571fa091d700943f1b2662bc89998b5d8540a5371ac94, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:a5:e2:a9:71:03:a8:6c:f1:db:1c:9c:88:1a:
                    7a:c2:69:29:3c:61:9f:bf:8e:a0:28:31:38:f1:55:
                    1e:be:93:dc:8e:77:75:95:e6:85:cc:b1:99:4b:78:
                    e4:66:eb:52:78:45:56:1b:b7:f2:50:56:82:f5:b2:
                    00:46:88:82:96:50:1a:3d:96:b5:64:4f:a4:1b:e4:
                    82:b2:49:bc:9b:e0:fe:73:12:49:21:32:99:7b:f2:
                    fc:eb:6d:97:bd:65:f9:8f:95:28:bd:5d:e5:7a:bb:
                    a7:68:74:3f:d2:b7:62:f9:48:b4:d4:c9:8b:f7:16:
                    38:59:2f:d7:d1:c5:b6:ca:ff:8a:52:62:52:62:35:
                    ab:2b:fb:f4:d3:51:39:b2:d1:e3:39:84:b0:d6:4c:
                    5b:8e:a8:cd:e1:a1:6f:d7:b6:85:16:b6:9f:d6:91:
                    26:5d:86:b4:9e:30:9d:63:6f:d9:ce:b9:c4:5a:18:
                    25:0f:db:64:f7:e0:de:f2:94:06:77:b2:fa:b2:47:
                    e2:8b:b7:b2:61:95:38:9b:2c:86:c3:9c:d2:16:f4:
                    0c:67:47:f9:c2:d0:fd:b0:f3:2e:49:ee:36:1a:f3:
                    ff:29:b7:ae:4f:d3:9d:a4:8a:38:91:d3:5f:e7:b2:
                    bb:91:07:42:29:08:32:05:85:94:2e:6d:59:07:6b:
                    b5:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:52:74:C0:6C:E4:F5:0C:3C:A8:33:19:32:BD:40:69:AD:96:4A:DA
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/815dbd30-4974-4c77-9a27-6ac45a9fb646.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  162.208.122.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:05:f2:9e:0e:52:22:03:41:42:89:91:71:92:30:10:87:07:
         c4:43:85:b8:1e:c9:df:d6:01:57:94:ab:b1:eb:b3:79:d0:4c:
         ef:f0:8b:18:db:eb:96:fb:72:a0:d3:41:b3:eb:f8:26:12:47:
         77:dc:a7:56:b7:f3:f6:1f:78:22:44:5a:15:c7:8d:3f:3f:f3:
         ad:a0:cf:55:e6:55:38:49:1f:74:55:a8:b8:4c:1e:51:a6:a8:
         75:20:bb:7c:1f:89:b7:ce:68:89:bc:30:7e:3f:21:1b:9a:9d:
         11:76:9c:98:65:80:d1:04:11:c5:57:50:07:97:33:c0:87:e6:
         e0:b3:49:e7:b1:b8:03:fe:25:38:c2:80:04:d7:d4:b5:96:dc:
         77:4b:a0:5e:18:8c:05:60:35:8e:1d:c0:1d:2a:f8:13:d7:c1:
         c9:ac:a6:fa:e0:f6:67:5b:7d:a0:d8:7f:a8:60:7f:33:0e:50:
         9e:f9:6f:dd:fa:8f:2d:d5:75:61:67:5b:44:ce:6b:ad:03:7e:
         ae:4c:31:ba:5e:25:a0:f6:cd:b5:b0:c4:34:80:3d:32:77:5e:
         82:d7:05:2d:50:2e:a6:6f:da:5a:5f:fc:a7:7d:a4:b0:aa:71:
         1b:02:14:54:81:0a:26:bc:aa:37:67:96:82:8b:2c:5a:21:7f:
         e3:6b:3f:9f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULggOPyblPdWlfDuDsgP5zy4cQO4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA4MDAwMTU3WhcNMjUwOTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZDI0YTRjZDVhOWRkMmYyMDI0NTcxZmEwOTFkNzAwOTQz
ZjFiMjY2MmJjODk5OThiNWQ4NTQwYTUzNzFhYzk0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfpeKpcQOobPHbHJyIGnrCaSk8YZ+/jqAoMTjxVR6+k9yO
d3WV5oXMsZlLeORm61J4RVYbt/JQVoL1sgBGiIKWUBo9lrVkT6Qb5IKySbyb4P5z
EkkhMpl78vzrbZe9ZfmPlSi9XeV6u6dodD/St2L5SLTUyYv3FjhZL9fRxbbK/4pS
YlJiNasr+/TTUTmy0eM5hLDWTFuOqM3hoW/XtoUWtp/WkSZdhrSeMJ1jb9nOucRa
GCUP22T34N7ylAZ3svqyR+KLt7JhlTibLIbDnNIW9AxnR/nC0P2w8y5J7jYa8/8p
t65P052kijiR01/nsruRB0IpCDIFhZQubVkHa7URAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVVJ0wGzk9Qw8qDMZMr1Aaa2WStowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgxNWRiZDMwLTQ5NzQtNGM3Ny05YTI3LTZhYzQ1YTlmYjY0Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACi0HowDQYJKoZIhvcNAQELBQADggEBAHQF8p4OUiIDQUKJkXGSMBCHB8RD
hbgeyd/WAVeUq7Hrs3nQTO/wixjb65b7cqDTQbPr+CYSR3fcp1a38/YfeCJEWhXH
jT8/862gz1XmVThJH3RVqLhMHlGmqHUgu3wfibfOaIm8MH4/IRuanRF2nJhlgNEE
EcVXUAeXM8CH5uCzSeexuAP+JTjCgATX1LWW3HdLoF4YjAVgNY4dwB0q+BPXwcms
pvrg9mdbfaDYf6hgfzMOUJ75b936jy3VdWFnW0TOa60Dfq5MMbpeJaD2zbWwxDSA
PTJ3XoLXBS1QLqZv2lpf/Kd9pLCqcRsCFFSBCia8qjdnloKLLFohf+NrP58=
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:24:02 2025 by rpki-client