Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9e4c0c1e-a4b0-46fc-b3b7-324622602ccd.roa
File:                     9e4c0c1e-a4b0-46fc-b3b7-324622602ccd.roa (raw, json)
Hash identifier:          +1VoEDsFrCYp9w3g6DrWvByq2giK2aqI9AzgV3oTmgY=
Subject key identifier:   88:BE:AE:2D:06:A8:E2:9B:83:FA:4C:CD:49:2C:6A:A7:9E:6D:4C:78
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       30E0E6B0AC2CA66EF8F19E565DA7314771810219
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9e4c0c1e-a4b0-46fc-b3b7-324622602ccd.roa
Signing time:             Tue 22 Jul 2025 00:11:04 +0000
ROA not before:           Tue 22 Jul 2025 00:11:04 +0000
ROA not after:            Tue 26 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.146.40.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:e0:e6:b0:ac:2c:a6:6e:f8:f1:9e:56:5d:a7:31:47:71:81:02:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 22 00:11:04 2025 GMT
            Not After : Aug 26 23:59:59 2025 GMT
        Subject: serialNumber=15a499d92df8e6afeffd2402af46a26fbb13cf04f3330ec478ff5ea253fdb77e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:4c:58:f9:86:2a:3d:5f:0f:db:e7:ea:61:fe:
                    4b:26:90:b6:dc:d9:fe:a7:7e:57:f9:f8:37:19:95:
                    72:8c:8d:1b:da:86:41:a9:0f:09:99:a5:36:9e:e8:
                    4a:32:33:cd:83:f3:5a:8d:4e:da:c1:36:0a:a1:11:
                    74:20:65:5c:b4:81:b8:e0:91:11:af:c2:50:fa:e6:
                    c5:52:78:5c:d6:41:43:1f:f0:56:a8:a7:6b:f8:9d:
                    2d:f5:c0:fe:90:14:e5:ec:8b:b2:bd:36:c4:96:c8:
                    7d:cf:e8:9b:e8:19:02:53:f6:c4:5c:50:3e:07:e8:
                    b1:02:b1:65:99:ce:6c:1a:d9:93:39:09:86:67:f9:
                    18:6d:a6:4b:aa:b0:ad:c4:e7:b8:15:b6:19:17:57:
                    63:b6:94:68:0c:c3:d1:9e:23:98:d6:fc:d3:a1:cd:
                    60:2f:de:83:86:02:f4:25:70:bc:ad:b8:14:0a:86:
                    ff:ee:92:cd:b1:29:23:6a:59:95:74:b3:8d:0d:c3:
                    56:90:33:1d:23:05:34:d0:0d:15:01:66:03:75:b3:
                    4e:52:d2:4e:78:55:4d:85:73:40:ec:ca:03:bd:1a:
                    7a:c8:27:8b:34:ae:f2:3f:8e:d0:b9:22:30:d1:23:
                    73:24:83:7a:25:0b:72:15:42:84:2c:b4:9d:c3:29:
                    74:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:BE:AE:2D:06:A8:E2:9B:83:FA:4C:CD:49:2C:6A:A7:9E:6D:4C:78
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9e4c0c1e-a4b0-46fc-b3b7-324622602ccd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.146.40.0/21

    Signature Algorithm: sha256WithRSAEncryption
         29:fb:fa:f4:3c:09:1d:c2:c0:d0:16:f4:8e:eb:6e:1d:5f:07:
         b3:74:bf:58:bb:57:b3:bb:ee:7a:3f:af:ce:87:ec:c6:7d:2d:
         13:6d:10:83:03:86:ef:d0:6d:a4:c8:28:dd:2b:90:13:b3:ed:
         9b:07:2b:66:a8:4a:b9:99:c4:21:57:b6:02:87:91:48:2b:da:
         03:2e:78:c1:04:75:2c:4a:ff:bd:08:99:f0:e2:ed:89:b3:58:
         9d:51:d2:d8:d6:eb:68:61:83:21:6e:bf:f1:3f:24:01:87:77:
         a8:43:63:c9:91:d6:a4:32:42:57:17:b9:20:fa:5e:3c:cd:27:
         93:d5:77:8e:dd:4e:09:7b:0c:0d:bd:f9:39:b6:71:db:a5:94:
         38:74:e7:55:c4:8e:9d:db:eb:48:67:9e:88:60:52:c9:0c:e3:
         64:1b:ba:f0:0b:54:61:61:1c:85:8c:b2:bd:a4:9b:90:d2:18:
         3d:43:76:53:90:20:04:1b:11:3a:b3:da:48:28:50:02:13:bb:
         e7:35:bf:67:b0:b8:7d:97:ec:ad:56:3a:b9:aa:cb:91:2c:7c:
         1b:30:9e:30:fb:49:24:8f:91:75:b6:14:dd:5e:71:8f:43:36:
         d7:cb:49:ea:b2:66:55:da:1d:ac:60:9f:d5:5a:33:65:e0:bb:
         02:1d:53:ba
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMODmsKwspm748Z5WXacxR3GBAhkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIyMDAxMTA0WhcNMjUwODI2MjM1OTU5
WjB6MUkwRwYDVQQFE0AxNWE0OTlkOTJkZjhlNmFmZWZmZDI0MDJhZjQ2YTI2ZmJi
MTNjZjA0ZjMzMzBlYzQ3OGZmNWVhMjUzZmRiNzdlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQChTFj5hio9Xw/b5+ph/ksmkLbc2f6nflf5+DcZlXKMjRva
hkGpDwmZpTae6EoyM82D81qNTtrBNgqhEXQgZVy0gbjgkRGvwlD65sVSeFzWQUMf
8Faop2v4nS31wP6QFOXsi7K9NsSWyH3P6JvoGQJT9sRcUD4H6LECsWWZzmwa2ZM5
CYZn+RhtpkuqsK3E57gVthkXV2O2lGgMw9GeI5jW/NOhzWAv3oOGAvQlcLytuBQK
hv/uks2xKSNqWZV0s40Nw1aQMx0jBTTQDRUBZgN1s05S0k54VU2Fc0DsygO9GnrI
J4s0rvI/jtC5IjDRI3Mkg3olC3IVQoQstJ3DKXTRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUiL6uLQao4puD+kzNSSxqp55tTHgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzllNGMwYzFlLWE0YjAtNDZmYy1iM2I3LTMyNDYyMjYwMmNjZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMNkigwDQYJKoZIhvcNAQELBQADggEBACn7+vQ8CR3CwNAW9I7rbh1fB7N0
v1i7V7O77no/r86H7MZ9LRNtEIMDhu/QbaTIKN0rkBOz7ZsHK2aoSrmZxCFXtgKH
kUgr2gMueMEEdSxK/70ImfDi7YmzWJ1R0tjW62hhgyFuv/E/JAGHd6hDY8mR1qQy
QlcXuSD6XjzNJ5PVd47dTgl7DA29+Tm2cdullDh051XEjp3b60hnnohgUskM42Qb
uvALVGFhHIWMsr2km5DSGD1DdlOQIAQbETqz2kgoUAITu+c1v2ewuH2X7K1WOrmq
y5EsfBswnjD7SSSPkXW2FN1ecY9DNtfLSeqyZlXaHaxgn9VaM2XguwIdU7o=
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:26:13 2025 by rpki-client