Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/99e414b3-ac11-4ebb-8b76-7f49891d7779.roa
File:                     99e414b3-ac11-4ebb-8b76-7f49891d7779.roa (raw, json)
Hash identifier:          g9DsEPy8wlZmYKlSiyujWrrfuDKDN2jOn0W1w2xx/oM=
Subject key identifier:   54:3C:61:E5:F8:A2:88:F0:AE:81:A9:2E:C2:52:5A:E2:0E:A3:2A:B1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       07CBC384FCBB12E07A42BC60F6BFF30B65D8650D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/99e414b3-ac11-4ebb-8b76-7f49891d7779.roa
Signing time:             Tue 05 Aug 2025 00:00:20 +0000
ROA not before:           Tue 05 Aug 2025 00:00:20 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        157.123.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:cb:c3:84:fc:bb:12:e0:7a:42:bc:60:f6:bf:f3:0b:65:d8:65:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  5 00:00:20 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=cabfc02d8afa2c584d22c259bdea44a77bf046deed3dd50f5e8c018b667e3d30, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:6a:b2:80:00:02:9e:05:d0:63:48:6f:b0:3d:
                    32:8d:cc:66:2b:14:51:51:d9:95:66:34:ad:5b:6a:
                    94:83:e9:3d:66:1b:ac:16:98:71:8e:a8:03:ef:54:
                    a3:1d:9b:34:af:c4:70:1c:4a:c4:7f:a8:e3:57:b7:
                    de:28:53:be:33:5e:09:92:c8:32:f7:c5:36:23:47:
                    82:b5:96:c0:89:e3:54:b3:92:8f:50:fb:fa:4f:0c:
                    22:ec:4c:97:99:77:6d:1d:9e:cb:ce:31:27:d9:d2:
                    39:71:26:23:53:3a:6e:54:18:a5:66:46:1f:b9:22:
                    24:72:e9:61:06:20:3d:6c:68:ee:96:73:8d:66:4f:
                    8b:e1:b1:c1:71:14:93:6f:ef:3d:c5:a8:d3:53:b5:
                    8f:81:44:a5:94:a0:99:4f:f3:e0:11:be:08:7b:a9:
                    c5:3a:d5:1c:05:13:28:d9:50:9c:b1:77:ba:f0:33:
                    f3:f0:67:e6:0e:56:1f:6a:97:91:22:b2:92:36:c5:
                    bf:c5:6c:7f:24:85:a5:5c:e5:47:1e:2d:71:35:05:
                    63:84:df:72:79:81:76:e6:aa:3d:89:87:3a:84:95:
                    18:a7:f4:8e:40:2d:7b:48:25:32:7c:90:56:b5:f7:
                    55:2f:c9:23:6f:e1:f3:bf:17:14:0b:bc:6a:95:d1:
                    fb:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:3C:61:E5:F8:A2:88:F0:AE:81:A9:2E:C2:52:5A:E2:0E:A3:2A:B1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/99e414b3-ac11-4ebb-8b76-7f49891d7779.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.123.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         bb:a5:8d:c3:83:1f:f4:01:fe:6c:c0:8b:23:4c:7d:c3:b3:14:
         6e:5b:eb:4a:15:50:c8:08:3f:55:d9:04:21:77:07:bf:16:db:
         c2:a2:92:a4:19:be:61:4c:37:d7:13:43:93:dc:84:4c:22:ba:
         6e:d0:2c:a1:1e:a6:0b:fd:35:7d:be:9e:b7:d1:ff:a9:1f:68:
         36:1f:0f:d0:f0:cb:25:91:f9:08:3f:1b:1f:29:8f:25:55:5d:
         7c:f8:43:e4:f7:c9:94:2e:df:0c:10:b0:5b:6c:dd:b4:4c:fd:
         c3:9d:0f:88:ac:da:53:0a:b9:0c:50:1c:a0:7d:2a:dc:93:0b:
         f8:ef:49:36:13:cf:c4:1d:cc:2b:29:f4:66:dc:6a:a7:cc:3b:
         df:ed:f6:f5:93:0d:67:d6:88:86:ce:03:f2:50:86:5e:38:d2:
         a4:bf:5f:8a:f4:c2:62:ee:24:00:f7:9b:d5:de:03:e5:4c:08:
         ea:4f:00:98:98:b9:52:42:41:ad:6b:85:bf:95:05:15:7d:5a:
         15:e2:13:44:2a:47:42:9a:84:cf:54:d5:a6:9d:00:91:c5:7d:
         fa:45:9d:1a:ba:a9:cd:fa:89:5b:35:9e:7a:f1:38:34:c3:69:
         44:54:56:ac:41:4a:22:aa:21:5c:9e:10:77:a9:57:26:e7:66:
         16:e1:3c:f5
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUB8vDhPy7EuB6Qrxg9r/zC2XYZQ0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA1MDAwMDIwWhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BjYWJmYzAyZDhhZmEyYzU4NGQyMmMyNTliZGVhNDRhNzdi
ZjA0NmRlZWQzZGQ1MGY1ZThjMDE4YjY2N2UzZDMwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCWarKAAAKeBdBjSG+wPTKNzGYrFFFR2ZVmNK1bapSD6T1m
G6wWmHGOqAPvVKMdmzSvxHAcSsR/qONXt94oU74zXgmSyDL3xTYjR4K1lsCJ41Sz
ko9Q+/pPDCLsTJeZd20dnsvOMSfZ0jlxJiNTOm5UGKVmRh+5IiRy6WEGID1saO6W
c41mT4vhscFxFJNv7z3FqNNTtY+BRKWUoJlP8+ARvgh7qcU61RwFEyjZUJyxd7rw
M/PwZ+YOVh9ql5EispI2xb/FbH8khaVc5UceLXE1BWOE33J5gXbmqj2JhzqElRin
9I5ALXtIJTJ8kFa191UvySNv4fO/FxQLvGqV0ftHAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUVDxh5fiiiPCugakuwlJa4g6jKrEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk5ZTQxNGIzLWFjMTEtNGViYi04Yjc2LTdmNDk4OTFkNzc3OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCdezANBgkqhkiG9w0BAQsFAAOCAQEAu6WNw4Mf9AH+bMCLI0x9w7MUblvr
ShVQyAg/VdkEIXcHvxbbwqKSpBm+YUw31xNDk9yETCK6btAsoR6mC/01fb6et9H/
qR9oNh8P0PDLJZH5CD8bHymPJVVdfPhD5PfJlC7fDBCwW2zdtEz9w50PiKzaUwq5
DFAcoH0q3JML+O9JNhPPxB3MKyn0Ztxqp8w73+329ZMNZ9aIhs4D8lCGXjjSpL9f
ivTCYu4kAPeb1d4D5UwI6k8AmJi5UkJBrWuFv5UFFX1aFeITRCpHQpqEz1TVpp0A
kcV9+kWdGrqpzfqJWzWeevE4NMNpRFRWrEFKIqohXJ4Qd6lXJudmFuE89Q==
-----END CERTIFICATE-----
Generated at Wed Aug 6 14:08:41 2025 by rpki-client