Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9efa147a-8234-4801-a8dd-96fc19dc752f.roa
File:                     9efa147a-8234-4801-a8dd-96fc19dc752f.roa (raw, json)
Hash identifier:          FM2yxnJ3UCnVjHFaNCgyn2Dus+I/SdZFeXVhAYYrjAc=
Subject key identifier:   FA:49:1C:39:75:4B:C1:86:5D:E9:C3:F5:0C:9F:C6:44:FD:14:E0:95
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       323F07EEF6781E29A76B026080CDBC07FC0E0F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9efa147a-8234-4801-a8dd-96fc19dc752f.roa
Signing time:             Mon 04 Aug 2025 16:30:21 +0000
ROA not before:           Mon 04 Aug 2025 16:30:21 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        119.13.11.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 09 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:3f:07:ee:f6:78:1e:29:a7:6b:02:60:80:cd:bc:07:fc:0e:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  4 16:30:21 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=a75701852a0b8b3c98a4da821a66ef15d589ef2a57476d1996364ce610c51181, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:5f:13:fe:57:7e:ce:6b:aa:f8:1c:3e:f8:52:
                    be:5a:90:90:57:95:8a:2c:5a:87:f5:da:c7:bb:5b:
                    aa:a6:33:3a:1f:85:70:7a:ef:c4:56:cf:c1:34:0f:
                    98:2a:51:9a:68:b5:18:93:d6:5f:e3:3e:00:ec:8a:
                    88:9d:56:ce:dd:03:0f:ea:cf:4d:d0:0d:d9:0b:6a:
                    96:36:65:af:a7:29:24:fc:fd:c9:2a:c3:2d:38:0e:
                    95:fa:0a:b2:63:08:61:65:83:0f:4f:d7:19:57:06:
                    1e:09:a9:a2:8d:34:74:96:2d:c3:ca:a3:96:b9:b1:
                    ac:04:97:18:38:ba:2b:88:85:c5:17:28:5c:ba:60:
                    e2:4e:b7:7b:f0:b4:17:20:2c:4a:2d:32:fa:d3:af:
                    7a:ad:74:ef:f2:64:12:ab:a8:da:10:2c:2c:21:f7:
                    e2:1e:96:65:8b:49:8d:c9:31:51:1f:93:66:bf:0c:
                    13:3c:70:36:ed:6f:a5:00:3b:1d:fe:59:b1:ac:2f:
                    af:8c:5e:fb:09:7e:cc:c2:08:50:bf:19:8c:13:cb:
                    89:9b:0c:6c:40:3f:a4:09:b5:f4:41:d1:e0:83:59:
                    a1:0f:a7:4e:6e:27:03:95:27:18:0d:8b:b2:e8:37:
                    a9:c9:0e:5b:6e:cf:d0:e4:2d:28:37:1a:f5:fb:b6:
                    ef:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:49:1C:39:75:4B:C1:86:5D:E9:C3:F5:0C:9F:C6:44:FD:14:E0:95
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9efa147a-8234-4801-a8dd-96fc19dc752f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  119.13.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:dc:bf:71:ea:0b:fc:ea:4a:f7:3c:5b:91:bc:47:10:01:5d:
         b4:e8:f1:aa:7e:a7:15:79:f8:62:c5:2e:77:f7:1c:61:90:6e:
         cd:be:6c:79:1a:a5:09:d6:82:d7:95:bc:e4:c1:77:b6:b2:7d:
         57:e8:5b:86:62:e8:d6:76:f2:02:ee:c8:c4:2f:20:52:6c:88:
         dd:ea:6f:d1:c5:53:19:3a:9c:42:ac:6b:7b:a4:ad:d6:e4:ed:
         a1:7d:49:12:ed:cf:4b:5d:cf:fc:28:63:c7:b9:d5:52:e7:5f:
         37:4f:f7:20:07:ad:d5:c7:01:bc:4e:87:b2:6b:1b:82:85:3d:
         76:9f:1e:e3:4c:c9:9f:05:09:d3:a6:f2:13:0b:63:9c:6a:57:
         5b:f0:a5:ab:8a:8d:f5:6d:ae:d2:2d:5c:d2:a7:92:27:00:4b:
         d0:dc:d7:b2:ff:b7:8d:e1:44:03:5d:7b:1f:76:f5:31:df:d6:
         04:61:c5:f4:93:43:04:66:ca:8a:41:de:d2:c9:ef:13:fe:64:
         8e:59:3a:82:7b:4e:d4:66:31:72:47:64:98:f5:47:8f:b5:6d:
         e7:20:5c:52:c9:37:9b:d6:5c:32:44:32:04:58:88:bd:65:f2:
         f3:22:74:66:0a:e6:7b:e1:6b:15:5c:d4:c3:9c:06:2b:d7:cb:
         83:8b:52:c8
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITMj8H7vZ4HimnawJggM28B/wODzANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz
NzEwN2RiZThjYjcxZDBhNzAeFw0yNTA4MDQxNjMwMjFaFw0yNTA5MDgyMzU5NTla
MHoxSTBHBgNVBAUTQGE3NTcwMTg1MmEwYjhiM2M5OGE0ZGE4MjFhNjZlZjE1ZDU4
OWVmMmE1NzQ3NmQxOTk2MzY0Y2U2MTBjNTExODExLTArBgNVBAMTJGIyNWM5NzBm
LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL9fE/5Xfs5rqvgcPvhSvlqQkFeViixah/Xax7tbqqYzOh+F
cHrvxFbPwTQPmCpRmmi1GJPWX+M+AOyKiJ1Wzt0DD+rPTdAN2QtqljZlr6cpJPz9
ySrDLTgOlfoKsmMIYWWDD0/XGVcGHgmpoo00dJYtw8qjlrmxrASXGDi6K4iFxRco
XLpg4k63e/C0FyAsSi0y+tOveq107/JkEquo2hAsLCH34h6WZYtJjckxUR+TZr8M
EzxwNu1vpQA7Hf5Zsawvr4xe+wl+zMIIUL8ZjBPLiZsMbEA/pAm19EHR4INZoQ+n
Tm4nA5UnGA2Lsug3qckOW27P0OQtKDca9fu277kCAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBT6SRw5dUvBhl3pw/UMn8ZE/RTglTAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd
vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk
YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx
OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy
NWMwNDI5NDIvOWVmYTE0N2EtODIzNC00ODAxLWE4ZGQtOTZmYzE5ZGM3NTJmLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt
MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAHcNCzANBgkqhkiG9w0BAQsFAAOCAQEAG9y/ceoL/OpK9zxbkbxHEAFdtOjx
qn6nFXn4YsUud/ccYZBuzb5seRqlCdaC15W85MF3trJ9V+hbhmLo1nbyAu7IxC8g
UmyI3epv0cVTGTqcQqxre6St1uTtoX1JEu3PS13P/Chjx7nVUudfN0/3IAet1ccB
vE6HsmsbgoU9dp8e40zJnwUJ06byEwtjnGpXW/Clq4qN9W2u0i1c0qeSJwBL0NzX
sv+3jeFEA117H3b1Md/WBGHF9JNDBGbKikHe0snvE/5kjlk6gntO1GYxckdkmPVH
j7Vt5yBcUsk3m9ZcMkQyBFiIvWXy8yJ0Zgrme+FrFVzUw5wGK9fLg4tSyA==
-----END CERTIFICATE-----
Generated at Fri Aug 8 13:01:25 2025 by rpki-client