Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b131daf1-b7a0-4cfc-895e-57ca8f2fcc6e.roa
File:                     b131daf1-b7a0-4cfc-895e-57ca8f2fcc6e.roa (raw, json)
Hash identifier:          jjGQWbJg5xZDtpbX0veSzqBfHPx4AXUZrHgGQDhBmpM=
Subject key identifier:   7A:10:77:F0:21:6B:E4:37:CA:55:7A:6D:A4:00:FA:A6:B8:94:FE:EC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2D5E399C74BCA93F9DA7A968F479E1F35245E2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b131daf1-b7a0-4cfc-895e-57ca8f2fcc6e.roa
Signing time:             Mon 04 Aug 2025 15:51:09 +0000
ROA not before:           Mon 04 Aug 2025 15:51:09 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        23.21.48.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:5e:39:9c:74:bc:a9:3f:9d:a7:a9:68:f4:79:e1:f3:52:45:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  4 15:51:09 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=f80c953634886f99421acf9b9fd032bcd15245f3670cc19782b24286eec70eea, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:6c:2c:18:37:34:c7:76:e3:e1:c5:d6:b4:5b:
                    3f:77:2f:57:3f:27:38:d7:66:0a:e1:af:59:9d:6b:
                    ac:f9:e3:9f:b9:6b:f3:4b:75:c8:2e:8d:a8:eb:09:
                    3e:13:e0:d5:82:1f:59:b9:69:71:06:5d:5d:5c:56:
                    5e:78:bb:4b:6d:4e:12:ab:5c:40:cd:ed:46:20:79:
                    98:c7:6d:39:2f:13:cd:fa:76:6a:8b:8a:b9:31:62:
                    67:52:85:ab:78:8f:ea:3d:a5:a9:66:62:9b:7f:00:
                    aa:cf:9c:18:b2:69:b9:6f:8a:e1:1a:1d:d5:66:c6:
                    31:d3:6b:85:a2:34:a2:50:6a:81:58:92:2c:26:f1:
                    75:25:5d:2b:8b:bb:3e:6d:4b:39:49:e5:1e:49:b5:
                    ca:83:7b:22:9e:17:d6:ee:46:2b:ae:63:d5:3a:56:
                    df:9b:51:05:dc:47:eb:fb:79:d5:f0:08:35:b6:4c:
                    5b:34:79:50:e7:c7:fb:15:e0:1a:33:fa:29:3e:9a:
                    d1:9f:ba:f4:a3:f1:fc:54:a3:e3:11:c4:12:55:12:
                    20:f7:c8:c3:bc:68:86:c8:28:30:7b:20:ec:30:80:
                    b4:92:d3:b1:7b:c0:8d:d9:02:22:15:a6:38:97:2c:
                    38:92:b8:bc:60:8d:05:61:35:0b:84:12:77:4c:2d:
                    04:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:10:77:F0:21:6B:E4:37:CA:55:7A:6D:A4:00:FA:A6:B8:94:FE:EC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b131daf1-b7a0-4cfc-895e-57ca8f2fcc6e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.21.48.0/20

    Signature Algorithm: sha256WithRSAEncryption
         7e:8c:82:c2:09:6f:d3:b9:ac:71:fa:28:5e:0c:a5:0d:95:d6:
         0b:58:bc:e5:1d:0c:a2:e2:a1:4c:26:ca:a3:22:57:a9:1b:6a:
         42:8f:e3:50:0e:30:f7:1e:a4:4e:18:71:1b:8b:77:5c:a5:fa:
         f7:18:96:a7:3f:31:97:dc:bc:99:67:09:c4:22:ac:3a:0a:1d:
         47:76:5a:c3:57:cf:55:f8:5d:68:1c:bd:7b:7a:f4:fa:20:16:
         41:46:86:cc:44:3d:8b:2e:00:26:71:58:95:22:a7:7a:af:e0:
         48:f8:95:73:c9:07:b0:60:38:1a:c2:84:64:df:4e:62:43:6a:
         58:1f:2c:d5:90:6d:cf:ce:8b:c4:b1:02:f9:19:11:e4:a1:8a:
         ff:63:86:45:e9:44:60:c5:4e:71:7a:6b:5b:c2:a5:61:c7:e5:
         6f:e2:11:17:de:e6:9f:76:cf:ae:bd:ab:00:e0:67:3e:68:ad:
         79:af:9c:54:d2:1b:8d:c9:64:cb:9e:b1:13:d6:9f:84:be:47:
         05:d4:b0:b5:f6:6e:e9:b2:96:a4:95:3a:1a:dd:ec:4b:a5:c2:
         e5:90:4b:02:0c:07:93:ea:e1:b1:2b:36:1f:56:41:66:44:bd:
         cf:67:f9:4c:7f:23:5b:3d:f7:b1:18:8b:6d:aa:81:7a:94:b4:
         a6:9b:6f:79
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITLV45nHS8qT+dp6lo9Hnh81JF4jANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz
NzEwN2RiZThjYjcxZDBhNzAeFw0yNTA4MDQxNTUxMDlaFw0yNTA5MDgyMzU5NTla
MHoxSTBHBgNVBAUTQGY4MGM5NTM2MzQ4ODZmOTk0MjFhY2Y5YjlmZDAzMmJjZDE1
MjQ1ZjM2NzBjYzE5NzgyYjI0Mjg2ZWVjNzBlZWExLTArBgNVBAMTJGIyNWM5NzBm
LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOBsLBg3NMd24+HF1rRbP3cvVz8nONdmCuGvWZ1rrPnjn7lr
80t1yC6NqOsJPhPg1YIfWblpcQZdXVxWXni7S21OEqtcQM3tRiB5mMdtOS8Tzfp2
aouKuTFiZ1KFq3iP6j2lqWZim38Aqs+cGLJpuW+K4Rod1WbGMdNrhaI0olBqgViS
LCbxdSVdK4u7Pm1LOUnlHkm1yoN7Ip4X1u5GK65j1TpW35tRBdxH6/t51fAINbZM
WzR5UOfH+xXgGjP6KT6a0Z+69KPx/FSj4xHEElUSIPfIw7xohsgoMHsg7DCAtJLT
sXvAjdkCIhWmOJcsOJK4vGCNBWE1C4QSd0wtBDUCAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBR6EHfwIWvkN8pVem2kAPqmuJT+7DAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd
vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk
YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx
OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy
NWMwNDI5NDIvYjEzMWRhZjEtYjdhMC00Y2ZjLTg5NWUtNTdjYThmMmZjYzZlLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt
MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBBcVMDANBgkqhkiG9w0BAQsFAAOCAQEAfoyCwglv07mscfooXgylDZXWC1i8
5R0MouKhTCbKoyJXqRtqQo/jUA4w9x6kThhxG4t3XKX69xiWpz8xl9y8mWcJxCKs
OgodR3Zaw1fPVfhdaBy9e3r0+iAWQUaGzEQ9iy4AJnFYlSKneq/gSPiVc8kHsGA4
GsKEZN9OYkNqWB8s1ZBtz86LxLEC+RkR5KGK/2OGRelEYMVOcXprW8KlYcflb+IR
F97mn3bPrr2rAOBnPmitea+cVNIbjclky56xE9afhL5HBdSwtfZu6bKWpJU6Gt3s
S6XC5ZBLAgwHk+rhsSs2H1ZBZkS9z2f5TH8jWz33sRiLbaqBepS0pptveQ==
-----END CERTIFICATE-----
Generated at Wed Aug 6 05:19:20 2025 by rpki-client