Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9ebdabc7-1d2f-400b-87b6-425f71b87f6c.roa
File:                     9ebdabc7-1d2f-400b-87b6-425f71b87f6c.roa (raw, json)
Hash identifier:          MchFpauS4m8qGdd/DtqGrilHS6YcBHI7lqE2LW6FhRU=
Subject key identifier:   7D:92:13:03:68:A3:FE:A4:42:62:64:8F:A9:D3:F0:F0:30:44:B3:F1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4FEE9522D198068365EC8FCD16E50F8AD15D0C94
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9ebdabc7-1d2f-400b-87b6-425f71b87f6c.roa
Signing time:             Tue 05 Aug 2025 00:41:47 +0000
ROA not before:           Tue 05 Aug 2025 00:41:47 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        69.0.200.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:ee:95:22:d1:98:06:83:65:ec:8f:cd:16:e5:0f:8a:d1:5d:0c:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  5 00:41:47 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=9da10b19a29ba330558b760d4472c34d44d8ad797aa83c14e19b182b0b8fbeb6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:5e:99:f5:df:9d:4f:75:51:f3:83:47:ae:05:
                    41:6a:02:f9:9a:6a:d8:ec:35:7f:3b:77:4b:9d:54:
                    f7:0a:75:07:50:72:e4:56:a7:0d:01:ce:33:28:4f:
                    20:b1:80:e6:25:fc:26:74:0f:bf:51:8c:70:61:dd:
                    f7:62:21:5b:f5:3b:56:2e:be:0c:a1:cd:a5:1b:79:
                    30:f9:61:d0:56:91:8c:e2:d6:eb:d9:20:c8:c8:77:
                    4b:ea:36:13:87:96:0f:35:42:18:cb:28:7f:dc:a7:
                    9d:a7:55:d8:22:55:10:ae:8e:2c:4c:e0:35:62:d9:
                    54:04:b2:99:8d:23:a0:3d:10:34:db:9c:47:c4:f4:
                    d0:94:8c:33:51:c6:bd:14:5a:8f:4a:63:4b:65:75:
                    42:7d:1d:90:6c:4a:d2:b9:24:51:fe:3a:67:df:f1:
                    13:cc:eb:22:03:70:b5:a6:48:2a:d2:d4:89:47:e4:
                    c5:24:48:1d:c3:51:6a:59:31:ee:43:57:e6:69:5b:
                    fb:1f:56:d3:40:8f:1c:f5:ec:2d:ea:fa:46:48:af:
                    49:64:19:f2:c9:d3:82:5c:2b:4f:46:03:db:44:43:
                    d8:ab:6c:3a:d7:cd:54:17:1d:52:4a:81:e4:19:17:
                    27:3e:e5:81:2e:6d:43:e2:ff:e1:be:68:1a:41:72:
                    02:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:92:13:03:68:A3:FE:A4:42:62:64:8F:A9:D3:F0:F0:30:44:B3:F1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9ebdabc7-1d2f-400b-87b6-425f71b87f6c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  69.0.200.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0b:1a:be:0d:2a:81:d3:df:18:f3:f3:ee:e5:56:d8:06:f4:af:
         9d:b3:3a:bc:4b:ba:a5:50:e2:85:7e:83:f1:be:b0:c4:b5:0a:
         a2:df:7a:99:37:8b:33:38:39:6f:09:da:08:c9:fb:b9:b9:7d:
         77:02:34:3e:57:87:be:15:0f:c8:74:4c:b5:99:2e:79:c1:92:
         c5:e2:4b:63:aa:0d:84:f1:90:e4:d0:df:dc:0c:3e:17:c0:40:
         4b:87:43:15:4d:08:ec:c1:00:41:b6:f8:cd:39:ec:74:d9:0a:
         db:69:fc:35:93:5b:91:92:94:08:02:ad:5e:ec:94:f5:09:2f:
         06:aa:a4:6b:43:03:68:32:25:4a:f7:1a:85:65:02:2b:2c:c7:
         d0:c0:98:6e:d3:24:0d:2e:87:5f:69:02:7d:7f:f6:0a:ea:f6:
         2f:69:0d:ad:72:a5:f6:36:4e:23:b5:0a:6f:58:0f:85:db:6a:
         4b:a1:91:97:54:8a:9f:59:85:44:02:ce:86:f0:25:1a:8c:fd:
         48:38:76:e4:1e:80:0b:08:e5:e7:2d:92:ce:fa:d0:ef:33:db:
         50:42:5f:7c:38:f0:90:e6:78:78:75:3c:32:6c:0d:44:36:68:
         18:a6:ba:e7:d9:9e:f8:ee:6f:da:0b:d4:b1:2f:91:c2:24:35:
         48:21:e5:d2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUT+6VItGYBoNl7I/NFuUPitFdDJQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA1MDA0MTQ3WhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZGExMGIxOWEyOWJhMzMwNTU4Yjc2MGQ0NDcyYzM0ZDQ0
ZDhhZDc5N2FhODNjMTRlMTliMTgyYjBiOGZiZWI2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOXpn1351PdVHzg0euBUFqAvmaatjsNX87d0udVPcKdQdQ
cuRWpw0BzjMoTyCxgOYl/CZ0D79RjHBh3fdiIVv1O1YuvgyhzaUbeTD5YdBWkYzi
1uvZIMjId0vqNhOHlg81QhjLKH/cp52nVdgiVRCujixM4DVi2VQEspmNI6A9EDTb
nEfE9NCUjDNRxr0UWo9KY0tldUJ9HZBsStK5JFH+Omff8RPM6yIDcLWmSCrS1IlH
5MUkSB3DUWpZMe5DV+ZpW/sfVtNAjxz17C3q+kZIr0lkGfLJ04JcK09GA9tEQ9ir
bDrXzVQXHVJKgeQZFyc+5YEubUPi/+G+aBpBcgK3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfZITA2ij/qRCYmSPqdPw8DBEs/EwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzllYmRhYmM3LTFkMmYtNDAwYi04N2I2LTQyNWY3MWI4N2Y2Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFFAMgwDQYJKoZIhvcNAQELBQADggEBAAsavg0qgdPfGPPz7uVW2Ab0r52z
OrxLuqVQ4oV+g/G+sMS1CqLfepk3izM4OW8J2gjJ+7m5fXcCND5Xh74VD8h0TLWZ
LnnBksXiS2OqDYTxkOTQ39wMPhfAQEuHQxVNCOzBAEG2+M057HTZCttp/DWTW5GS
lAgCrV7slPUJLwaqpGtDA2gyJUr3GoVlAissx9DAmG7TJA0uh19pAn1/9grq9i9p
Da1ypfY2TiO1Cm9YD4XbakuhkZdUip9ZhUQCzobwJRqM/Ug4duQegAsI5ectks76
0O8z21BCX3w48JDmeHh1PDJsDUQ2aBimuufZnvjub9oL1LEvkcIkNUgh5dI=
-----END CERTIFICATE-----
Generated at Tue Aug 5 17:27:41 2025 by rpki-client