Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a00a5225-7aba-45f5-ab16-fd62fe46ec1a.roa
File:                     a00a5225-7aba-45f5-ab16-fd62fe46ec1a.roa (raw, json)
Hash identifier:          yYt0ck62Cjkpx6fm3nRR5djnZRkr/otlwtKA0txxJZc=
Subject key identifier:   F8:93:8C:30:19:B3:F2:07:0C:DF:FC:45:90:47:2E:2D:CC:DD:A3:60
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1B366BC32C2D6B3C23440BD5CD906F645CD72C48
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a00a5225-7aba-45f5-ab16-fd62fe46ec1a.roa
Signing time:             Tue 05 Aug 2025 19:08:24 +0000
ROA not before:           Tue 05 Aug 2025 19:08:24 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        16.53.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:36:6b:c3:2c:2d:6b:3c:23:44:0b:d5:cd:90:6f:64:5c:d7:2c:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  5 19:08:24 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=6fe57ee72cae3cf45b9b9de852ff3691416aac7eaa83785b4b6aad23559b78ff, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:89:7f:13:62:45:2f:48:01:79:93:46:d6:b2:
                    b4:77:c2:fa:76:3f:0f:db:cc:74:8a:f0:8d:57:a0:
                    a4:24:a2:d7:c8:9a:ea:cd:08:a2:aa:fa:b1:fa:28:
                    cd:e1:03:a2:d3:4c:46:57:8d:db:fa:8e:e9:12:18:
                    c5:07:c4:98:37:58:b5:d9:21:b6:3e:c2:b1:9a:22:
                    d9:30:d3:64:e4:6b:bc:be:9b:13:82:a7:8c:86:33:
                    93:07:2f:3b:93:e1:b7:c5:8c:df:e2:aa:30:2c:b9:
                    2b:db:04:53:99:e3:f1:66:f7:5a:ed:5d:6f:bc:94:
                    89:1e:ae:44:93:20:d0:93:34:68:03:6a:9d:e2:68:
                    cc:9a:19:c9:65:23:4d:9b:79:f5:27:74:3a:49:e9:
                    c2:e6:93:1d:aa:d8:cd:8a:58:3b:18:60:42:29:0b:
                    22:34:d6:52:f6:44:c6:9d:cd:c3:4e:93:08:dc:fc:
                    57:0a:45:d5:43:67:6f:42:e4:d1:ab:45:d5:30:36:
                    57:8f:a2:62:96:53:8c:e7:17:b2:21:48:9a:22:06:
                    0a:c7:49:a2:68:60:6d:f0:40:55:3f:02:f3:22:b9:
                    21:9a:74:8f:6f:fd:c3:b1:c5:31:d0:80:3b:d9:b5:
                    33:ae:81:8a:cc:f6:98:dc:6f:1a:ce:07:e8:f3:5a:
                    15:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:93:8C:30:19:B3:F2:07:0C:DF:FC:45:90:47:2E:2D:CC:DD:A3:60
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a00a5225-7aba-45f5-ab16-fd62fe46ec1a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.53.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         8a:05:a9:da:bc:7b:8f:ab:e2:4c:f7:73:05:81:59:64:bb:3b:
         c2:c1:0a:20:fd:b4:b7:bd:4d:72:33:13:91:7c:1d:e7:82:5a:
         15:f3:62:cd:7e:8c:40:69:1b:c9:8c:34:5c:52:c9:9d:d1:39:
         e9:e6:18:ff:e4:70:3b:f4:89:31:c4:b4:d5:2e:f8:46:db:04:
         2e:27:9f:42:7f:e3:f2:b6:1b:76:4c:d6:5b:23:0d:9a:20:fa:
         71:c3:84:1c:89:1e:2b:b0:fe:ac:1d:41:bb:3c:2b:51:f4:2c:
         42:5b:e7:c3:8d:7e:79:2a:55:fe:3f:32:00:b4:32:18:1c:d9:
         8a:ae:a9:fc:d9:2d:19:c2:5a:d3:fb:09:05:0b:b6:5f:84:41:
         1c:37:a5:4e:44:5d:74:b0:9a:d3:dd:40:78:93:9b:f1:43:62:
         6a:1a:6d:ed:84:65:4c:1d:dc:ac:f3:7b:09:61:a8:43:6f:20:
         c3:d5:f2:62:1c:99:7d:a3:d9:80:66:1b:e5:f0:78:40:03:e7:
         35:af:b7:2d:de:33:3e:98:10:34:ac:19:43:e4:92:98:8e:75:
         43:ee:44:6b:f2:f9:08:43:38:72:08:f9:6d:1f:00:7a:49:6d:
         31:ed:73:13:10:b2:f2:a6:86:f8:af:a5:15:51:23:0a:9a:68:
         68:12:40:84
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUGzZrwywtazwjRAvVzZBvZFzXLEgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA1MTkwODI0WhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A2ZmU1N2VlNzJjYWUzY2Y0NWI5YjlkZTg1MmZmMzY5MTQx
NmFhYzdlYWE4Mzc4NWI0YjZhYWQyMzU1OWI3OGZmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDZiX8TYkUvSAF5k0bWsrR3wvp2Pw/bzHSK8I1XoKQkotfI
murNCKKq+rH6KM3hA6LTTEZXjdv6jukSGMUHxJg3WLXZIbY+wrGaItkw02Tka7y+
mxOCp4yGM5MHLzuT4bfFjN/iqjAsuSvbBFOZ4/Fm91rtXW+8lIkerkSTINCTNGgD
ap3iaMyaGcllI02befUndDpJ6cLmkx2q2M2KWDsYYEIpCyI01lL2RMadzcNOkwjc
/FcKRdVDZ29C5NGrRdUwNlePomKWU4znF7IhSJoiBgrHSaJoYG3wQFU/AvMiuSGa
dI9v/cOxxTHQgDvZtTOugYrM9pjcbxrOB+jzWhVBAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU+JOMMBmz8gcM3/xFkEcuLczdo2AwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2EwMGE1MjI1LTdhYmEtNDVmNS1hYjE2LWZkNjJmZTQ2ZWMxYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQNTANBgkqhkiG9w0BAQsFAAOCAQEAigWp2rx7j6viTPdzBYFZZLs7wsEK
IP20t71NcjMTkXwd54JaFfNizX6MQGkbyYw0XFLJndE56eYY/+RwO/SJMcS01S74
RtsELiefQn/j8rYbdkzWWyMNmiD6ccOEHIkeK7D+rB1BuzwrUfQsQlvnw41+eSpV
/j8yALQyGBzZiq6p/NktGcJa0/sJBQu2X4RBHDelTkRddLCa091AeJOb8UNiahpt
7YRlTB3crPN7CWGoQ28gw9XyYhyZfaPZgGYb5fB4QAPnNa+3Ld4zPpgQNKwZQ+SS
mI51Q+5Ea/L5CEM4cgj5bR8AekltMe1zExCy8qaG+K+lFVEjCppoaBJAhA==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:24:01 2025 by rpki-client