Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/87f1ee11-665b-4a13-9a9b-e7c35fe88493.roa
File:                     87f1ee11-665b-4a13-9a9b-e7c35fe88493.roa (raw, json)
Hash identifier:          BvsRvIpUpxPqlXXcvUsGbCKBz2jKLmQjcHc57brEBI8=
Subject key identifier:   B9:F2:6D:14:80:C3:D3:88:FD:D0:9C:54:B9:30:15:8A:4D:20:26:FC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6A8DAE6BC23CFEF24E508C929D66DC95D97EBEF9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/87f1ee11-665b-4a13-9a9b-e7c35fe88493.roa
Signing time:             Wed 06 Aug 2025 00:10:51 +0000
ROA not before:           Wed 06 Aug 2025 00:10:51 +0000
ROA not after:            Wed 10 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        136.18.160.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:8d:ae:6b:c2:3c:fe:f2:4e:50:8c:92:9d:66:dc:95:d9:7e:be:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  6 00:10:51 2025 GMT
            Not After : Sep 10 23:59:59 2025 GMT
        Subject: serialNumber=bcf0e6ddea68c067c062edb72c0665861a48c2cba682aea94367f33a541060a6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:03:12:30:ea:4a:01:42:08:df:2a:59:dd:ca:
                    cd:be:3b:13:d1:ec:81:fc:e5:22:b3:d1:de:2c:0b:
                    d5:b9:5a:47:0f:1e:31:9c:48:02:31:71:2f:22:db:
                    67:34:3a:e8:e3:6f:c0:de:7e:68:62:39:cf:2a:f7:
                    cb:da:38:6a:ef:fe:70:eb:a8:11:4c:68:95:5a:b3:
                    16:0a:d5:20:a2:5e:f7:be:33:e0:d4:1c:6c:50:71:
                    52:c5:a9:6f:e9:e7:1b:d8:36:4f:59:50:91:e1:27:
                    8e:0c:bd:1e:ae:f8:19:2a:77:7c:19:8d:4e:b1:52:
                    6d:91:29:ed:89:80:92:d1:8e:ac:78:c4:87:2e:8e:
                    04:68:9d:23:53:20:08:bc:85:21:64:38:f5:4f:80:
                    2c:ab:51:34:a8:8b:08:b2:e4:1f:97:83:11:34:95:
                    6c:a6:2a:ca:3a:a0:e4:8c:64:2b:3c:8d:f3:47:60:
                    5e:0b:9e:bd:ca:48:bc:0b:9a:9a:d9:78:16:a9:1d:
                    86:a1:41:bf:6f:54:82:9f:ba:45:5b:d7:f9:4e:a0:
                    3b:23:b6:f6:1e:91:f4:e2:af:75:fd:b7:1f:65:32:
                    87:22:3a:ed:dd:44:53:9c:5e:ee:e5:56:83:be:bd:
                    b1:b5:cc:84:35:2e:09:39:76:b7:4d:a6:f1:d6:c0:
                    4f:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:F2:6D:14:80:C3:D3:88:FD:D0:9C:54:B9:30:15:8A:4D:20:26:FC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/87f1ee11-665b-4a13-9a9b-e7c35fe88493.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.18.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:60:d4:38:dc:f0:4b:e5:e7:45:ad:40:1b:29:fc:8b:66:b4:
         f0:f4:06:c1:0d:28:05:d7:0e:85:fc:9c:ad:b2:e9:25:3c:27:
         fb:d0:2c:96:27:0d:6f:24:c0:71:bd:4f:1b:ba:d4:a2:41:96:
         09:79:f8:e2:27:6e:0a:e0:68:20:77:2f:31:0c:f7:bd:d1:dd:
         9e:a5:6e:67:51:c7:ff:a9:1d:01:e2:dc:5d:08:87:ee:f5:44:
         fd:50:19:f4:8f:cb:ce:ad:00:3c:30:65:a8:bd:22:fb:ed:de:
         4e:a0:90:89:1f:4a:f3:04:b8:f8:db:32:f2:8d:e6:ec:a2:71:
         af:98:10:5c:f8:85:e4:29:bb:87:9e:37:95:cc:b1:45:44:6a:
         a1:6a:05:db:48:fb:79:43:e2:d4:0a:8d:7a:43:72:62:f8:68:
         c8:18:8d:3d:30:c9:ec:7f:12:ac:86:95:f9:b0:ce:94:3b:9b:
         04:4c:aa:c2:56:11:df:31:55:40:56:ee:35:a6:45:35:3a:29:
         46:49:c4:7b:4f:35:cb:24:f7:fd:5f:92:1a:03:93:54:47:3f:
         37:95:b5:e0:b7:16:73:bc:75:b2:51:e9:6a:03:09:3f:de:d2:
         48:8c:7c:05:94:a1:77:fc:4b:86:25:21:d9:a1:55:04:e3:19:
         8a:a4:42:95
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUao2ua8I8/vJOUIySnWbcldl+vvkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA2MDAxMDUxWhcNMjUwOTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiY2YwZTZkZGVhNjhjMDY3YzA2MmVkYjcyYzA2NjU4NjFh
NDhjMmNiYTY4MmFlYTk0MzY3ZjMzYTU0MTA2MGE2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCPAxIw6koBQgjfKlndys2+OxPR7IH85SKz0d4sC9W5WkcP
HjGcSAIxcS8i22c0Oujjb8DefmhiOc8q98vaOGrv/nDrqBFMaJVasxYK1SCiXve+
M+DUHGxQcVLFqW/p5xvYNk9ZUJHhJ44MvR6u+Bkqd3wZjU6xUm2RKe2JgJLRjqx4
xIcujgRonSNTIAi8hSFkOPVPgCyrUTSoiwiy5B+XgxE0lWymKso6oOSMZCs8jfNH
YF4Lnr3KSLwLmprZeBapHYahQb9vVIKfukVb1/lOoDsjtvYekfTir3X9tx9lMoci
Ou3dRFOcXu7lVoO+vbG1zIQ1Lgk5drdNpvHWwE+nAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUufJtFIDD04j90JxUuTAVik0gJvwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg3ZjFlZTExLTY2NWItNGExMy05YTliLWU3YzM1ZmU4ODQ5My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACIEqAwDQYJKoZIhvcNAQELBQADggEBAChg1Djc8Evl50WtQBsp/ItmtPD0
BsENKAXXDoX8nK2y6SU8J/vQLJYnDW8kwHG9Txu61KJBlgl5+OInbgrgaCB3LzEM
973R3Z6lbmdRx/+pHQHi3F0Ih+71RP1QGfSPy86tADwwZai9Ivvt3k6gkIkfSvME
uPjbMvKN5uyica+YEFz4heQpu4eeN5XMsUVEaqFqBdtI+3lD4tQKjXpDcmL4aMgY
jT0wyex/EqyGlfmwzpQ7mwRMqsJWEd8xVUBW7jWmRTU6KUZJxHtPNcsk9/1fkhoD
k1RHPzeVteC3FnO8dbJR6WoDCT/e0kiMfAWUoXf8S4YlIdmhVQTjGYqkQpU=
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:04:59 2025 by rpki-client