Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a5459b61-4765-4284-9582-9c6c304ff03b.roa
File:                     a5459b61-4765-4284-9582-9c6c304ff03b.roa (raw, json)
Hash identifier:          8JEN8aeFlNSvP6rbFBOGkUfgJBYII0cEHW6AUxKOZh0=
Subject key identifier:   3B:8F:1E:8A:76:9A:EE:8F:1E:83:72:FF:B4:B1:4D:28:84:CE:8D:7A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5064813DD444E11227220E12DF60E0EA31C8DD14
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a5459b61-4765-4284-9582-9c6c304ff03b.roa
Signing time:             Mon 04 Aug 2025 17:30:33 +0000
ROA not before:           Mon 04 Aug 2025 17:30:33 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        5.179.96.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 11 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:64:81:3d:d4:44:e1:12:27:22:0e:12:df:60:e0:ea:31:c8:dd:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  4 17:30:33 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=efc611c23995bda6679352ecc11ccd2f11b3ffdbe7b6bc14d9dbda0c91c897e8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:ed:15:ac:25:f4:93:cf:0f:74:67:a8:e0:64:
                    33:6a:a2:c3:f3:fb:ae:c5:c7:7d:43:17:86:e8:2a:
                    d1:30:1d:d7:70:02:b1:f5:8e:0e:5d:66:cb:67:ad:
                    41:6a:0e:3b:0b:54:8e:b9:62:a3:f1:9b:7b:c1:79:
                    34:98:c2:1f:b9:0a:64:e1:a8:8f:60:fb:0e:2c:42:
                    ae:2d:f8:c1:70:64:ae:10:25:be:76:52:50:11:e7:
                    e4:b3:bc:49:4a:ea:6b:2c:ec:1a:33:c8:65:f3:be:
                    b0:fe:82:0c:08:fa:71:42:e1:5d:fe:b6:f2:28:9a:
                    49:97:4c:3a:2d:3f:96:f3:f9:19:73:b0:dc:8d:9c:
                    e9:69:a8:83:3e:e7:6d:0c:7e:a1:e6:32:f5:69:cd:
                    35:71:b2:eb:1c:e1:37:fb:32:92:c4:10:6d:a9:46:
                    69:cb:ff:df:ce:e2:d3:4b:2c:27:c9:97:b6:5f:e1:
                    d9:a8:98:d6:68:cc:7d:db:d3:15:9a:e1:13:10:3c:
                    8b:b1:bb:61:d9:8c:67:50:51:54:6f:60:ae:44:4f:
                    c0:66:00:4c:f4:f7:cc:52:07:d0:dd:d8:3f:92:11:
                    28:9f:9f:66:36:81:06:bc:18:b1:2f:b1:fc:97:f0:
                    0e:9a:5a:d7:75:3d:55:6b:90:3b:1f:7e:39:d4:6b:
                    33:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:8F:1E:8A:76:9A:EE:8F:1E:83:72:FF:B4:B1:4D:28:84:CE:8D:7A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a5459b61-4765-4284-9582-9c6c304ff03b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.179.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         16:c5:e8:00:c7:46:e4:90:88:ae:d3:4c:52:dd:5f:cb:9c:d4:
         16:c1:ec:fd:0a:4e:11:3a:f1:49:4e:8b:b6:75:34:6b:cd:43:
         b7:6e:5d:6f:81:65:01:c1:eb:9f:c8:fe:b4:2f:b5:e7:50:fe:
         54:cf:09:64:e0:6c:00:db:ba:60:22:67:a0:9f:7a:e9:8d:82:
         1d:57:d6:f2:b1:dc:a1:61:5a:ca:d5:ba:e1:99:b7:58:e6:c9:
         61:fa:11:7b:ba:d8:3b:f0:df:73:ce:21:4d:e2:6e:51:ff:7e:
         a7:e9:8f:82:b3:3e:dc:5d:f9:b8:dc:c0:ca:95:49:01:91:e1:
         9a:93:9f:ed:0e:35:db:2a:04:8a:ed:91:3b:e0:4b:02:84:f3:
         28:dc:49:a0:fb:bd:a6:49:51:2f:d5:87:9e:be:ed:96:3f:f7:
         41:ed:87:cd:6b:40:98:c6:7b:37:2e:0f:e7:90:cc:8f:ba:87:
         e9:54:bb:66:fb:04:0c:86:8e:fe:bd:be:ff:6b:80:d3:86:80:
         fd:cc:5e:67:23:cd:5b:41:c3:ad:16:94:33:0f:f0:bb:bd:3c:
         60:96:c8:9d:60:5e:bc:04:6f:f4:5c:c4:60:38:77:18:45:3c:
         35:0c:23:a0:dc:ec:7a:b1:e9:e7:48:02:14:e1:3c:dd:ff:40:
         20:cf:fb:88
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUGSBPdRE4RInIg4S32Dg6jHI3RQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA0MTczMDMzWhcNMjUwOTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZmM2MTFjMjM5OTViZGE2Njc5MzUyZWNjMTFjY2QyZjEx
YjNmZmRiZTdiNmJjMTRkOWRiZGEwYzkxYzg5N2U4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCx7RWsJfSTzw90Z6jgZDNqosPz+67Fx31DF4boKtEwHddw
ArH1jg5dZstnrUFqDjsLVI65YqPxm3vBeTSYwh+5CmThqI9g+w4sQq4t+MFwZK4Q
Jb52UlAR5+SzvElK6mss7BozyGXzvrD+ggwI+nFC4V3+tvIomkmXTDotP5bz+Rlz
sNyNnOlpqIM+520MfqHmMvVpzTVxsusc4Tf7MpLEEG2pRmnL/9/O4tNLLCfJl7Zf
4dmomNZozH3b0xWa4RMQPIuxu2HZjGdQUVRvYK5ET8BmAEz098xSB9Dd2D+SESif
n2Y2gQa8GLEvsfyX8A6aWtd1PVVrkDsffjnUazO9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUO48einaa7o8eg3L/tLFNKITOjXowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E1NDU5YjYxLTQ3NjUtNDI4NC05NTgyLTljNmMzMDRmZjAzYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQFs2AwDQYJKoZIhvcNAQELBQADggEBABbF6ADHRuSQiK7TTFLdX8uc1BbB
7P0KThE68UlOi7Z1NGvNQ7duXW+BZQHB65/I/rQvtedQ/lTPCWTgbADbumAiZ6Cf
eumNgh1X1vKx3KFhWsrVuuGZt1jmyWH6EXu62Dvw33POIU3iblH/fqfpj4KzPtxd
+bjcwMqVSQGR4ZqTn+0ONdsqBIrtkTvgSwKE8yjcSaD7vaZJUS/Vh56+7ZY/90Ht
h81rQJjGezcuD+eQzI+6h+lUu2b7BAyGjv69vv9rgNOGgP3MXmcjzVtBw60WlDMP
8Lu9PGCWyJ1gXrwEb/RcxGA4dxhFPDUMI6Dc7Hqx6edIAhThPN3/QCDP+4g=
-----END CERTIFICATE-----
Generated at Sat Aug 9 23:11:42 2025 by rpki-client