Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9515184d-12a2-49fb-b12f-8c4dfdddf2ad.roa
File:                     9515184d-12a2-49fb-b12f-8c4dfdddf2ad.roa (raw, json)
Hash identifier:          tRSX5UALo2DJGBV8K5/ZSZEWGHIoiqQziNKgwpzkQvY=
Subject key identifier:   2A:09:C4:41:F5:CA:CF:A8:BC:F0:23:BB:85:DB:F6:58:4A:22:BD:2A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       30CF3C6ECDC12E10B3BC9D77604DA74FB89E6C5B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9515184d-12a2-49fb-b12f-8c4dfdddf2ad.roa
Signing time:             Mon 28 Jul 2025 15:20:34 +0000
ROA not before:           Mon 28 Jul 2025 15:20:34 +0000
ROA not after:            Mon 01 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        202.174.128.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:cf:3c:6e:cd:c1:2e:10:b3:bc:9d:77:60:4d:a7:4f:b8:9e:6c:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 28 15:20:34 2025 GMT
            Not After : Sep  1 23:59:59 2025 GMT
        Subject: serialNumber=38ffa15eeae4fc449a1dbd449fb4c23c82e0ee0d6c31bd72faf8dae7cfc4b821, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:8b:91:1e:12:0d:58:09:c8:bf:47:9e:89:1f:
                    e7:c6:bc:c5:fe:8b:4e:3c:bc:69:3b:13:8c:28:2e:
                    49:82:a1:67:d5:26:80:6c:94:f8:3f:3d:bb:5c:cc:
                    15:3f:a2:d2:92:99:2f:b8:45:68:d3:fa:5e:29:e3:
                    04:ca:e7:eb:59:34:72:e1:d7:26:1e:78:76:a9:e6:
                    cb:6d:b5:20:b2:ef:d6:5c:b9:72:0d:a7:67:35:8a:
                    9c:e1:33:ba:2d:f3:58:ea:4a:b4:b8:06:c3:d9:a3:
                    d0:38:14:88:c7:fb:46:57:68:9d:6f:34:02:01:d3:
                    db:61:0c:63:15:79:03:25:2d:07:1f:d9:77:6f:40:
                    ef:a9:53:e2:cf:5b:8b:53:fb:99:e4:b7:b3:63:d4:
                    40:10:87:62:cb:6e:79:3d:de:64:92:95:f8:91:5a:
                    b9:2b:b4:f9:5e:71:b0:ae:92:0e:fe:10:2e:be:82:
                    30:b8:3a:9c:93:9f:73:b8:13:01:b0:bd:19:cd:b8:
                    d6:49:11:ba:26:18:17:27:b9:28:67:9c:44:63:24:
                    60:01:56:8a:6d:7e:4f:11:ab:2e:40:c5:22:c6:37:
                    a4:d3:8b:08:ac:82:5e:2b:ea:66:25:45:ad:bf:42:
                    b2:9b:78:f0:ee:bf:76:44:ac:32:2c:27:de:65:cb:
                    57:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:09:C4:41:F5:CA:CF:A8:BC:F0:23:BB:85:DB:F6:58:4A:22:BD:2A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9515184d-12a2-49fb-b12f-8c4dfdddf2ad.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.174.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:26:8d:58:c5:58:a9:b6:4d:12:ed:9e:2f:7a:ae:bc:59:de:
         47:dd:ed:2d:a5:f5:93:a8:a4:85:b1:65:a2:02:a5:19:cc:0c:
         41:66:b1:8d:f7:67:1f:2b:09:ff:67:4e:3e:45:6e:e0:35:70:
         4c:4a:d9:b1:4d:91:3a:78:09:b1:ab:0b:59:18:55:d3:a7:6b:
         99:50:f4:5e:3a:38:59:68:7b:28:d6:44:4e:13:53:00:41:2b:
         b9:f0:c5:52:a7:0a:8f:d6:0e:a0:5f:fb:4a:0e:e6:cb:7c:69:
         6e:6f:92:6d:77:df:4a:0a:9f:c7:4e:2c:7c:2d:0e:fc:7c:7f:
         bd:31:9e:fb:1c:1d:84:5e:95:5b:c8:f9:fd:6f:b8:29:22:77:
         ac:bb:96:fd:9d:1c:34:b7:7d:1b:8b:28:a5:4c:54:be:42:4a:
         68:62:09:fe:9c:14:f4:3a:07:7e:15:d7:00:8c:64:da:8d:cd:
         32:7e:d5:73:fa:29:98:62:ab:9f:e6:ba:41:5e:2b:1b:c5:40:
         ff:70:50:a2:03:2c:2c:d4:cf:91:50:89:35:e2:fb:37:1b:26:
         79:5d:c7:18:2c:11:8b:9e:c6:b1:1d:e7:c8:92:83:9e:6c:15:
         4a:33:80:49:06:80:cd:53:19:69:d4:1b:f4:bb:74:48:ab:bd:
         fc:bf:5a:f2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMM88bs3BLhCzvJ13YE2nT7iebFswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzI4MTUyMDM0WhcNMjUwOTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0AzOGZmYTE1ZWVhZTRmYzQ0OWExZGJkNDQ5ZmI0YzIzYzgy
ZTBlZTBkNmMzMWJkNzJmYWY4ZGFlN2NmYzRiODIxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFi5EeEg1YCci/R56JH+fGvMX+i048vGk7E4woLkmCoWfV
JoBslPg/PbtczBU/otKSmS+4RWjT+l4p4wTK5+tZNHLh1yYeeHap5stttSCy79Zc
uXINp2c1ipzhM7ot81jqSrS4BsPZo9A4FIjH+0ZXaJ1vNAIB09thDGMVeQMlLQcf
2XdvQO+pU+LPW4tT+5nkt7Nj1EAQh2LLbnk93mSSlfiRWrkrtPlecbCukg7+EC6+
gjC4OpyTn3O4EwGwvRnNuNZJEbomGBcnuShnnERjJGABVoptfk8Rqy5AxSLGN6TT
iwisgl4r6mYlRa2/QrKbePDuv3ZErDIsJ95ly1cTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUKgnEQfXKz6i88CO7hdv2WEoivSowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk1MTUxODRkLTEyYTItNDlmYi1iMTJmLThjNGRmZGRkZjJhZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADKroAwDQYJKoZIhvcNAQELBQADggEBAGYmjVjFWKm2TRLtni96rrxZ3kfd
7S2l9ZOopIWxZaICpRnMDEFmsY33Zx8rCf9nTj5FbuA1cExK2bFNkTp4CbGrC1kY
VdOna5lQ9F46OFloeyjWRE4TUwBBK7nwxVKnCo/WDqBf+0oO5st8aW5vkm1330oK
n8dOLHwtDvx8f70xnvscHYRelVvI+f1vuCkid6y7lv2dHDS3fRuLKKVMVL5CSmhi
Cf6cFPQ6B34V1wCMZNqNzTJ+1XP6KZhiq5/mukFeKxvFQP9wUKIDLCzUz5FQiTXi
+zcbJnldxxgsEYuexrEd58iSg55sFUozgEkGgM1TGWnUG/S7dEirvfy/WvI=
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:26:42 2025 by rpki-client