Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/adf81dfa-321d-42a4-a1e7-eefec7d0a384.roa
File:                     adf81dfa-321d-42a4-a1e7-eefec7d0a384.roa (raw, json)
Hash identifier:          1s9KBavo1IzTnyeOjN12DdqaVYLHxINPUyYkya8uV+s=
Subject key identifier:   B9:06:41:6A:58:B4:21:D7:09:81:A2:5D:2E:45:DD:C9:5F:F6:90:16
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       778E256BB7878674AF3063AC113F062FE08B0230
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/adf81dfa-321d-42a4-a1e7-eefec7d0a384.roa
Signing time:             Mon 04 Aug 2025 17:30:36 +0000
ROA not before:           Mon 04 Aug 2025 17:30:36 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        5.60.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:8e:25:6b:b7:87:86:74:af:30:63:ac:11:3f:06:2f:e0:8b:02:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  4 17:30:36 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=8f4f5ca63b64f750484f37a37d19df68ea298b2a1855604156e15ff875dfec16, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:fb:e0:dc:6a:c4:6a:b1:bc:05:f5:c5:3a:bb:
                    e5:6d:b5:f5:d5:43:29:80:66:4e:0e:4b:0a:ce:92:
                    b1:8b:57:46:d4:69:c0:9c:b9:fd:22:3a:82:f4:31:
                    6c:00:35:48:71:c6:74:13:31:72:6f:20:7d:d2:33:
                    a7:82:37:01:89:a5:a4:8e:42:4a:f1:ca:83:28:da:
                    00:27:df:58:6f:39:27:fd:72:60:b3:43:c2:25:3f:
                    cd:30:d0:51:24:56:54:fe:c2:9e:2b:65:6b:dd:8c:
                    06:5a:e7:90:b1:a3:10:be:47:e3:27:e5:ec:2b:83:
                    4e:58:bc:fd:fa:01:8b:fe:7d:d6:69:30:b7:00:ab:
                    45:58:1d:ce:96:18:48:46:ec:68:68:6b:25:35:40:
                    6e:c5:96:ed:3d:41:f9:e1:e9:81:80:7b:a7:03:c8:
                    94:ad:32:ab:50:80:c6:e7:09:3a:9a:99:9a:bb:ba:
                    df:cf:ae:95:95:52:2e:84:97:82:e5:4b:6e:17:08:
                    94:99:c7:b7:10:c6:b5:80:30:a2:5b:ec:1b:77:27:
                    79:b8:4e:34:9c:7e:1f:b4:95:66:c2:f1:4e:c8:3e:
                    f8:e4:a0:ac:66:29:07:e4:1d:d5:1a:7f:ce:86:8b:
                    4d:35:21:ca:a7:90:bd:e0:2a:77:9c:3f:f8:c4:88:
                    a5:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:06:41:6A:58:B4:21:D7:09:81:A2:5D:2E:45:DD:C9:5F:F6:90:16
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/adf81dfa-321d-42a4-a1e7-eefec7d0a384.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.60.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         cd:4b:d8:f8:ba:34:ae:f2:bc:8e:a4:cb:6f:b3:2d:c9:91:ee:
         b4:37:ae:20:0e:5f:3b:52:b8:fc:a0:5d:f6:e4:47:c1:77:d9:
         5c:e8:b9:9b:f2:43:39:b6:28:91:fb:c5:d5:a9:83:84:99:21:
         b8:ec:6a:77:9a:4b:f2:11:48:c0:2c:de:b7:04:b1:1c:47:36:
         2c:63:f0:17:db:de:a6:21:d9:76:dc:02:b6:e3:7d:9b:6a:0e:
         91:57:39:d4:e0:8c:0a:4e:31:2c:eb:c1:d0:ed:48:b7:41:1d:
         20:f5:f0:dd:5c:70:e8:db:5f:52:2c:0b:a9:83:60:12:cd:86:
         91:86:eb:73:fe:05:6f:35:a5:2d:d6:af:4d:49:c5:1f:19:40:
         c0:13:76:a7:b8:9d:9a:cf:4e:ec:68:c3:08:a7:b0:48:44:85:
         2e:1d:22:5a:64:8c:76:7b:bd:7b:1d:4e:1e:d0:83:01:59:2b:
         61:1d:f4:f4:c3:fe:11:ad:9c:35:ac:5b:52:18:cf:c9:94:2c:
         ea:06:5c:d7:bd:b5:80:51:cc:55:1c:19:9d:76:6c:de:34:31:
         71:1c:2e:26:15:90:03:30:11:cb:32:1c:4f:97:e5:67:ac:25:
         32:51:87:5c:6f:b4:68:11:e2:44:27:c2:53:37:c4:49:11:fa:
         53:23:cd:0b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUd44la7eHhnSvMGOsET8GL+CLAjAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA0MTczMDM2WhcNMjUwOTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZjRmNWNhNjNiNjRmNzUwNDg0ZjM3YTM3ZDE5ZGY2OGVh
Mjk4YjJhMTg1NTYwNDE1NmUxNWZmODc1ZGZlYzE2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCv++DcasRqsbwF9cU6u+VttfXVQymAZk4OSwrOkrGLV0bU
acCcuf0iOoL0MWwANUhxxnQTMXJvIH3SM6eCNwGJpaSOQkrxyoMo2gAn31hvOSf9
cmCzQ8IlP80w0FEkVlT+wp4rZWvdjAZa55CxoxC+R+Mn5ewrg05YvP36AYv+fdZp
MLcAq0VYHc6WGEhG7GhoayU1QG7Flu09Qfnh6YGAe6cDyJStMqtQgMbnCTqamZq7
ut/PrpWVUi6El4LlS24XCJSZx7cQxrWAMKJb7Bt3J3m4TjScfh+0lWbC8U7IPvjk
oKxmKQfkHdUaf86Gi001IcqnkL3gKnecP/jEiKUlAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUuQZBali0IdcJgaJdLkXdyV/2kBYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FkZjgxZGZhLTMyMWQtNDJhNC1hMWU3LWVlZmVjN2QwYTM4NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAFPDANBgkqhkiG9w0BAQsFAAOCAQEAzUvY+Lo0rvK8jqTLb7MtyZHutDeu
IA5fO1K4/KBd9uRHwXfZXOi5m/JDObYokfvF1amDhJkhuOxqd5pL8hFIwCzetwSx
HEc2LGPwF9vepiHZdtwCtuN9m2oOkVc51OCMCk4xLOvB0O1It0EdIPXw3Vxw6Ntf
UiwLqYNgEs2GkYbrc/4FbzWlLdavTUnFHxlAwBN2p7idms9O7GjDCKewSESFLh0i
WmSMdnu9ex1OHtCDAVkrYR309MP+Ea2cNaxbUhjPyZQs6gZc1721gFHMVRwZnXZs
3jQxcRwuJhWQAzARyzIcT5flZ6wlMlGHXG+0aBHiRCfCUzfESRH6UyPNCw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:45:24 2025 by rpki-client