Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82f2d58e-cb6c-4400-aa23-2b45b3a0f0db.roa
File:                     82f2d58e-cb6c-4400-aa23-2b45b3a0f0db.roa (raw, json)
Hash identifier:          LIJ7Yrw4ssooTeb4npv6k2riWYYA1pAH5MW12Kk2mvo=
Subject key identifier:   0E:F8:45:99:87:30:29:1B:DE:D5:E4:7D:44:94:EE:3E:CC:A2:E3:34
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       10B2146F113FEFBDF42651745D7705558B6205C9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82f2d58e-cb6c-4400-aa23-2b45b3a0f0db.roa
Signing time:             Sat 26 Jul 2025 00:10:19 +0000
ROA not before:           Sat 26 Jul 2025 00:10:19 +0000
ROA not after:            Sat 30 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        66.149.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:b2:14:6f:11:3f:ef:bd:f4:26:51:74:5d:77:05:55:8b:62:05:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 26 00:10:19 2025 GMT
            Not After : Aug 30 23:59:59 2025 GMT
        Subject: serialNumber=4dcd0b4cf52bb27bff9b343516cb078f6a6f3c5d8335fd70a94bf7ce59180529, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:78:26:45:f5:7f:f7:14:b1:32:7e:f5:5d:f7:
                    bf:65:75:1e:b6:78:0e:43:18:eb:9e:6e:0d:a9:12:
                    36:c3:34:03:80:23:20:ce:7c:ee:19:3d:2f:02:57:
                    34:46:2c:2b:5d:9e:9c:fb:a5:62:66:70:b0:e1:d8:
                    e2:89:e8:ca:4b:db:6f:be:56:cd:39:33:46:89:99:
                    ab:62:57:0c:d2:7f:58:e0:61:58:90:d6:58:95:92:
                    d0:f6:bc:fe:c4:2b:32:93:ac:9b:3a:36:d4:9f:6f:
                    41:e7:ee:95:eb:b4:32:ec:0d:7d:05:e3:9a:91:c3:
                    98:b6:20:7f:d3:f2:51:38:e0:82:14:e4:cc:16:0a:
                    92:4f:22:b6:14:60:07:6b:d9:58:9d:14:fa:bb:dc:
                    bc:96:73:e1:63:b5:95:28:8c:54:a9:de:d1:ef:16:
                    6a:12:1e:e1:31:77:7c:14:65:dc:8a:07:88:68:d0:
                    08:94:7c:95:26:22:d1:6a:72:6a:2c:bd:7b:9d:ae:
                    65:5f:7b:9b:3b:e6:50:21:89:75:8b:8b:77:1e:c5:
                    2c:3e:ee:53:76:2e:1b:7e:7f:58:15:c2:81:9c:f1:
                    39:b1:a0:9e:00:2e:e5:75:d7:f0:3c:84:69:68:38:
                    5d:25:64:ed:1b:57:87:6c:e6:41:bf:e6:f7:3e:58:
                    ab:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:F8:45:99:87:30:29:1B:DE:D5:E4:7D:44:94:EE:3E:CC:A2:E3:34
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82f2d58e-cb6c-4400-aa23-2b45b3a0f0db.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.149.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         9b:2b:89:7e:1b:00:70:d0:ca:48:18:4d:e5:fa:ca:01:3b:0d:
         d9:c2:ed:71:f2:af:75:fd:f8:08:89:13:d6:dc:5f:36:a7:6a:
         4a:11:0a:84:4f:13:10:46:b2:55:fa:f9:65:5f:88:3e:37:8d:
         81:61:32:13:8a:7c:a9:5b:45:fc:39:d1:95:c7:29:1e:f1:ef:
         e3:9c:d9:43:1d:54:83:65:0e:86:cb:f0:7c:5d:63:9b:06:dd:
         d6:f2:7b:67:8f:33:5b:f2:96:96:ef:9e:ca:f9:d3:f2:d1:e2:
         6e:fb:48:0d:55:22:8f:59:25:e0:98:76:9a:11:7e:53:99:75:
         16:41:09:3e:d8:08:79:76:9f:c9:a8:38:42:13:a6:e5:4a:28:
         ea:bd:a6:a6:69:2f:44:cb:42:ac:07:bb:56:01:47:35:c5:b3:
         da:12:44:e1:f7:84:fb:b2:ee:a2:30:e5:77:78:b3:08:0b:83:
         6c:1b:04:fc:67:57:9f:c8:a0:56:14:50:c4:5b:56:9c:8a:0e:
         0b:09:71:45:54:aa:7c:f3:67:ad:54:d3:a7:e5:60:75:c3:87:
         60:27:b4:4c:d5:07:40:e2:03:0f:d0:f4:97:58:65:1e:2f:76:
         51:c0:6f:fc:c4:37:89:18:85:83:ed:39:33:ab:7a:88:46:4c:
         aa:fd:6a:14
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUELIUbxE/7730JlF0XXcFVYtiBckwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzI2MDAxMDE5WhcNMjUwODMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZGNkMGI0Y2Y1MmJiMjdiZmY5YjM0MzUxNmNiMDc4ZjZh
NmYzYzVkODMzNWZkNzBhOTRiZjdjZTU5MTgwNTI5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLeCZF9X/3FLEyfvVd979ldR62eA5DGOuebg2pEjbDNAOA
IyDOfO4ZPS8CVzRGLCtdnpz7pWJmcLDh2OKJ6MpL22++Vs05M0aJmatiVwzSf1jg
YViQ1liVktD2vP7EKzKTrJs6NtSfb0Hn7pXrtDLsDX0F45qRw5i2IH/T8lE44IIU
5MwWCpJPIrYUYAdr2VidFPq73LyWc+FjtZUojFSp3tHvFmoSHuExd3wUZdyKB4ho
0AiUfJUmItFqcmosvXudrmVfe5s75lAhiXWLi3cexSw+7lN2Lht+f1gVwoGc8Tmx
oJ4ALuV11/A8hGloOF0lZO0bV4ds5kG/5vc+WKu3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUDvhFmYcwKRve1eR9RJTuPsyi4zQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgyZjJkNThlLWNiNmMtNDQwMC1hYTIzLTJiNDViM2EwZjBkYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBClTANBgkqhkiG9w0BAQsFAAOCAQEAmyuJfhsAcNDKSBhN5frKATsN2cLt
cfKvdf34CIkT1txfNqdqShEKhE8TEEayVfr5ZV+IPjeNgWEyE4p8qVtF/DnRlccp
HvHv45zZQx1Ug2UOhsvwfF1jmwbd1vJ7Z48zW/KWlu+eyvnT8tHibvtIDVUij1kl
4Jh2mhF+U5l1FkEJPtgIeXafyag4QhOm5Uoo6r2mpmkvRMtCrAe7VgFHNcWz2hJE
4feE+7LuojDld3izCAuDbBsE/GdXn8igVhRQxFtWnIoOCwlxRVSqfPNnrVTTp+Vg
dcOHYCe0TNUHQOIDD9D0l1hlHi92UcBv/MQ3iRiFg+05M6t6iEZMqv1qFA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:26:06 2025 by rpki-client