Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a42a738c-9b5f-415d-a4cc-d638a82f8193.roa
File:                     a42a738c-9b5f-415d-a4cc-d638a82f8193.roa (raw, json)
Hash identifier:          cClMsWwWKnrWqJSvSrS+i7S32X5qsVVLvk5m8j/xqhE=
Subject key identifier:   4A:57:96:67:81:AB:60:CB:CB:AC:96:1C:FB:19:F8:B6:5A:15:6C:61
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4D13B23CC4B7F5F52FFC3BDEC5009CE614B5E9F9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a42a738c-9b5f-415d-a4cc-d638a82f8193.roa
Signing time:             Fri 25 Jul 2025 00:21:15 +0000
ROA not before:           Fri 25 Jul 2025 00:21:15 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.150.122.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:13:b2:3c:c4:b7:f5:f5:2f:fc:3b:de:c5:00:9c:e6:14:b5:e9:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 25 00:21:15 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=4b51776ffb8fff5170802bb6fca4462bce458b1906167af8362f60392939f007, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:43:27:02:39:8f:d2:8d:ca:78:92:1e:64:5d:
                    b4:b5:53:51:ca:9c:8e:35:3d:57:75:3d:ec:7f:f1:
                    e8:ec:86:51:be:8e:92:36:07:52:46:9a:46:7e:49:
                    b9:05:5e:99:0d:24:bf:36:a3:5f:b9:c9:1d:45:d5:
                    17:1d:eb:42:87:76:de:29:92:4c:6c:c1:d2:79:0c:
                    d7:22:1a:47:6d:c8:4c:a8:cf:9f:7f:17:c1:77:91:
                    bb:fd:8c:aa:91:59:a3:4d:06:d7:cd:09:20:bc:0e:
                    d6:95:44:17:c2:07:e1:bb:e9:de:2b:b2:94:e7:89:
                    e9:a2:3e:26:2a:e8:95:77:18:2f:ca:61:e1:e8:d5:
                    d3:19:89:e3:51:c0:c4:67:84:00:ca:21:91:b2:2c:
                    c0:d8:d1:62:eb:74:09:db:d8:bb:75:0d:62:94:73:
                    f8:e3:3d:ca:bb:df:6a:65:c3:67:86:d1:b8:da:74:
                    2b:45:86:8f:64:0a:ad:86:1f:6e:13:b2:da:b8:56:
                    2e:67:5d:d1:61:74:91:6f:52:ec:29:a1:76:35:29:
                    9d:13:80:69:3b:83:28:02:31:06:2f:d5:5a:a6:df:
                    42:1a:09:12:3c:70:7c:11:34:f1:22:b4:a5:1a:50:
                    4f:1a:5b:be:de:4e:0c:04:cc:fd:63:25:ef:98:04:
                    24:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:57:96:67:81:AB:60:CB:CB:AC:96:1C:FB:19:F8:B6:5A:15:6C:61
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a42a738c-9b5f-415d-a4cc-d638a82f8193.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.150.122.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:66:11:b7:55:25:13:71:5b:ef:0a:67:ab:a6:1c:b0:fa:98:
         6c:bc:9f:95:39:dc:38:3c:76:fb:08:03:f5:0f:2e:7a:32:d9:
         b2:0f:87:81:5d:1d:29:dd:80:48:16:54:0d:51:7b:19:c4:2a:
         b5:1e:08:99:57:e0:17:a3:55:94:d3:22:e7:6e:31:31:22:22:
         5b:64:19:d7:7d:4a:f2:eb:04:21:17:77:f3:3d:8f:8d:17:7f:
         2a:39:96:cf:3d:5f:67:a3:e6:72:cf:e4:e9:cc:ee:86:2b:72:
         c2:b4:d0:40:ec:55:e6:51:7e:43:21:d3:fe:55:f1:50:8e:59:
         2e:6c:cd:eb:44:1e:6d:5a:2f:8e:86:ff:4d:28:36:66:99:81:
         60:b1:ca:1b:fc:d6:6c:c2:cb:5b:02:70:9e:b1:4a:75:4d:b0:
         d4:68:d5:a0:f1:8f:d7:dc:7c:d8:d5:1e:0f:42:a1:c7:3a:7f:
         cb:7c:d3:1f:5b:7e:83:0f:c2:58:2b:b6:44:64:6c:c5:57:c3:
         2c:4d:69:35:11:e9:72:d5:21:ea:65:d2:fc:95:72:ff:9a:e2:
         11:f6:0d:90:1e:57:18:5e:df:87:6b:50:bd:64:60:d7:39:a7:
         58:2a:f1:3f:12:14:32:78:10:1f:bd:0d:bf:ea:f4:c2:55:f2:
         42:fa:7a:56
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTROyPMS39fUv/DvexQCc5hS16fkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzI1MDAyMTE1WhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A0YjUxNzc2ZmZiOGZmZjUxNzA4MDJiYjZmY2E0NDYyYmNl
NDU4YjE5MDYxNjdhZjgzNjJmNjAzOTI5MzlmMDA3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsQycCOY/Sjcp4kh5kXbS1U1HKnI41PVd1Pex/8ejshlG+
jpI2B1JGmkZ+SbkFXpkNJL82o1+5yR1F1Rcd60KHdt4pkkxswdJ5DNciGkdtyEyo
z59/F8F3kbv9jKqRWaNNBtfNCSC8DtaVRBfCB+G76d4rspTniemiPiYq6JV3GC/K
YeHo1dMZieNRwMRnhADKIZGyLMDY0WLrdAnb2Lt1DWKUc/jjPcq732plw2eG0bja
dCtFho9kCq2GH24Tstq4Vi5nXdFhdJFvUuwpoXY1KZ0TgGk7gygCMQYv1Vqm30Ia
CRI8cHwRNPEitKUaUE8aW77eTgwEzP1jJe+YBCTvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUSleWZ4GrYMvLrJYc+xn4tloVbGEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E0MmE3MzhjLTliNWYtNDE1ZC1hNGNjLWQ2MzhhODJmODE5My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjlnowDQYJKoZIhvcNAQELBQADggEBACFmEbdVJRNxW+8KZ6umHLD6mGy8
n5U53Dg8dvsIA/UPLnoy2bIPh4FdHSndgEgWVA1RexnEKrUeCJlX4BejVZTTIudu
MTEiIltkGdd9SvLrBCEXd/M9j40Xfyo5ls89X2ej5nLP5OnM7oYrcsK00EDsVeZR
fkMh0/5V8VCOWS5szetEHm1aL46G/00oNmaZgWCxyhv81mzCy1sCcJ6xSnVNsNRo
1aDxj9fcfNjVHg9Cocc6f8t80x9bfoMPwlgrtkRkbMVXwyxNaTUR6XLVIepl0vyV
cv+a4hH2DZAeVxhe34drUL1kYNc5p1gq8T8SFDJ4EB+9Db/q9MJV8kL6elY=
-----END CERTIFICATE-----
Generated at Tue Aug 5 08:17:04 2025 by rpki-client